Scoped access control metadata element
First Claim
1. A method for determining access rights to a range of objects by a range of users, comprising:
- (a) receiving identifying information corresponding to a user attempting to access a resource;
(b) determining whether the resource is encompassed by a first range defined in an access control metadata element;
(c) based on the identifying information, determining whether the user is encompassed by a second range defined in the access control metadata element; and
(d) when steps (b) and (c) are answered in the affirmative, applying access rights defined in the access control metadata element.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and data structures for communicating object metadata are provided. A generic metadata container is presented that allows object metadata to be described in an extensible manner using protocol-neutral and platform-independent methodologies. A metadata scope refers to a dynamic universe of targets to which the included metadata statements correspond. Metadata properties provide a mechanism to describe the metadata itself, and metadata security can be used to ensure authentic metadata is sent and received. Mechanisms are also provided to allow refinement and replacement of metadata statements. The generic metadata container can be adapted to dynamically define access control rights to a range of objects by a range of users, including granted and denied access rights.
141 Citations
18 Claims
-
1. A method for determining access rights to a range of objects by a range of users, comprising:
-
(a) receiving identifying information corresponding to a user attempting to access a resource;
(b) determining whether the resource is encompassed by a first range defined in an access control metadata element;
(c) based on the identifying information, determining whether the user is encompassed by a second range defined in the access control metadata element; and
(d) when steps (b) and (c) are answered in the affirmative, applying access rights defined in the access control metadata element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer comprising a processor controlling operation of the computer according to computer readable instructions stored in a memory, wherein, upon execution of the computer readable instructions by the processor, the computer performs a method comprising:
-
(a) receiving identifying information corresponding to a user attempting to access the resource;
(b) determining whether the resource is encompassed by a first range defined in an access control metadata element;
(c) based on the identifying information, determining whether the user is encompassed by a second range defined in the access control metadata element; and
(d) when steps (b) and (c) are answered in the affirmative, applying access rights defined in the access control metadata element. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification