Management of user access to objects
First Claim
Patent Images
1. A method for managing a request from a user to access an object, comprising:
- (a) determining whether the user is denied or granted access to the object based on a policy;
(b) if the user is neither denied nor granted access to the object by the policy, then determining whether the user is granted access to the object by an access control list (ACL) for the object; and
(c) concluding whether the user has access to the object as determined by steps (a) and (b).
2 Assignments
0 Petitions
Accused Products
Abstract
Implementations of various technologies, including methods, systems and apparatus, for managing a request from a user to access an object. In one implementation, a determination is made as to whether the user is denied or granted access to the object based on a policy (step a). If the user is neither denied nor granted access to the object by the policy, then a determination is made as to whether the user is granted access to the object by an access control list (ACL) for the object (step b). A conclusion is then made as to whether the user has access to the object as determined by steps (a) and (b).
48 Citations
20 Claims
-
1. A method for managing a request from a user to access an object, comprising:
-
(a) determining whether the user is denied or granted access to the object based on a policy;
(b) if the user is neither denied nor granted access to the object by the policy, then determining whether the user is granted access to the object by an access control list (ACL) for the object; and
(c) concluding whether the user has access to the object as determined by steps (a) and (b). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable medium having stored thereon computer-executable instructions which, when executed by a computer, cause the computer to:
-
(a) determine whether a policy for a server containing an object denies or grants a user access to the server;
(b) if the policy neither denies nor grants the user access to the server, then determine whether an access control list for the object grants the user access the object; and
(c) grants or denies the user access to the object based on steps (a) and (b). - View Dependent Claims (10, 11, 12, 13)
-
-
14. A memory for storing data for access by an application program being executed on a processor, the memory comprising:
- a data structure stored in the memory, the data structure comprising an access mask for a server, the access mask specifying one or more permissions for at least one of granting or denying access to the server.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification