Management of user access to objects

US 20070156691A1
Filed: 01/05/2006
Published: 07/05/2007
Est. Priority Date: 01/05/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for managing a request from a user to access an object, comprising:

(a) determining whether the user is denied or granted access to the object based on a policy;

(b) if the user is neither denied nor granted access to the object by the policy, then determining whether the user is granted access to the object by an access control list (ACL) for the object; and

(c) concluding whether the user has access to the object as determined by steps (a) and (b).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations of various technologies, including methods, systems and apparatus, for managing a request from a user to access an object. In one implementation, a determination is made as to whether the user is denied or granted access to the object based on a policy (step a). If the user is neither denied nor granted access to the object by the policy, then a determination is made as to whether the user is granted access to the object by an access control list (ACL) for the object (step b). A conclusion is then made as to whether the user has access to the object as determined by steps (a) and (b).

48 Citations

View as Search Results

20 Claims

1. A method for managing a request from a user to access an object, comprising:
- (a) determining whether the user is denied or granted access to the object based on a policy;
  
  (b) if the user is neither denied nor granted access to the object by the policy, then determining whether the user is granted access to the object by an access control list (ACL) for the object; and
  
  (c) concluding whether the user has access to the object as determined by steps (a) and (b).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein step (a) comprises determining whether the user is denied or granted access to a server that contains the object.
  - 3. The method of claim 2, wherein the server is a virtual server.
  - 4. The method of claim 2, wherein the server is a hypertext transfer protocol (HTTP) server.
  - 5. The method of claim 2, further comprising denying the user access the object, if the user is denied access to the server by the policy.
  - 6. The method of claim 5, wherein the user is denied access to the object, even if the user is granted access to the object by the ACL.
  - 7. The method of claim 2, further comprising granting the user access the object, if the user is granted access to the server by the policy.
  - 8. The method of claim 7, wherein the user is granted access to the object, even if the user has not been granted access to the object by the ACL.

9. A computer-readable medium having stored thereon computer-executable instructions which, when executed by a computer, cause the computer to:
- (a) determine whether a policy for a server containing an object denies or grants a user access to the server;
  
  (b) if the policy neither denies nor grants the user access to the server, then determine whether an access control list for the object grants the user access the object; and
  
  (c) grants or denies the user access to the object based on steps (a) and (b).
- View Dependent Claims (10, 11, 12, 13)
- - 10. The computer-readable medium of claim 9, further comprising computer-executable instructions which, when executed by a computer, cause the computer to deny the user access the object, if the policy denies the user access to the server.
  - 11. The computer-readable medium of claim 9, further comprising computer-executable instructions which, when executed by a computer, cause the computer to grant the user access to the object, if the policy grants the user access to the server.
  - 12. The computer-readable medium of claim 9, wherein the server is a virtual server.
  - 13. The computer-readable medium of claim 9, wherein the server is a hypertext transfer protocol (HTTP) server.

14. A memory for storing data for access by an application program being executed on a processor, the memory comprising:
- a data structure stored in the memory, the data structure comprising an access mask for a server, the access mask specifying one or more permissions for at least one of granting or denying access to the server.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The memory of claim 14, wherein the server is a virtual server that resides on a hypertext transfer protocol (HTTP) server.
  - 16. The memory of claim 14, wherein the server is a hypertext transfer protocol (HTTP) server.
  - 17. The memory of claim 14, wherein the access mask comprises a set of grant access masks for specifying a predetermined set of users that are granted access to the server.
  - 18. The memory of claim 14, wherein the access mask comprises a set of deny access masks for specifying a predetermined set of users that are denied access to the server.
  - 19. The memory of claim 14, wherein the data structure further comprises an access control list for an object contained within the server.
  - 20. The memory of claim 19, wherein the access control list comprises a set of grant access masks for specifying a predetermined set of users that are granted access to the object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Wang, Ziyi, Rakhamimov, Dennis, Sturms, James

Application Number

US11/325,930
Publication Number

US 20070156691A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/101   Access control lists [ACL]

Management of user access to objects

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Management of user access to objects

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links