Distributed security system policies
First Claim
Patent Images
1. A memory for storing data for access by an application program being executed on a computer system, comprising:
- a data structure stored in said memory, said data structure including;
a name attribute wherein the name identifies an action or a role;
a resource attribute wherein the resource attribute specifies a resource in a hierarchy of resources and determines a scope for the name attribute;
a subject attribute wherein the subject attribute specifies at least one of;
a user and group; and
wherein the application program accesses the memory through an interface that is part of a security service module.
2 Assignments
0 Petitions
Accused Products
Abstract
A memory for storing data for access by an application program being executed on a computer system, comprising, a data structure stored in said memory, said data structure including, a name attribute wherein the name identifies an action or a role, a resource attribute wherein the resource attribute specifies a resource in a hierarchy of resources and determines a scope for the name attribute, a subject attribute wherein the subject attribute specifies at least one of, a user and group, and wherein the application program accesses the memory through an interface that is part of a security service module.
148 Citations
11 Claims
-
1. A memory for storing data for access by an application program being executed on a computer system, comprising:
-
a data structure stored in said memory, said data structure including;
a name attribute wherein the name identifies an action or a role;
a resource attribute wherein the resource attribute specifies a resource in a hierarchy of resources and determines a scope for the name attribute;
a subject attribute wherein the subject attribute specifies at least one of;
a user and group; and
wherein the application program accesses the memory through an interface that is part of a security service module. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A memory for storing data for access by an application program being executed on a computer system, comprising:
-
a data structure stored in said memory, said data structure including;
a name attribute wherein the name attribute includes;
a path component, wherein the path component indicates whether the name attribute identifies an action or a role;
an identifier component, wherein the identifier component specifies a unique identifier for the path. a resource attribute wherein the resource attribute specifies a resource in a hierarchy of resources and determines a scope for the name attribute;
a subject attribute wherein the subject attribute specifies at least one of;
a user and a group; and
wherein the application program accesses the memory through an interface that is part of a security service module. - View Dependent Claims (8, 9, 10, 11)
-
Specification