Versatile access control system

US 20070250915A1
Filed: 04/25/2006
Published: 10/25/2007
Est. Priority Date: 04/25/2006
Status: Active Grant

First Claim

Patent Images

1. An access control system, comprising:

a plurality of authorities, each authority associating at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials;

a plurality of access control elements, each access control element identifying a Boolean combination of at least one of the authorities; and

at least one access control list, which identifies one or more of the access control elements by which a method to be executed can be authenticated.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access control system and method are provided, which include a plurality of authorities, a plurality of access control elements and an access control list. Each authority associates at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials. Each access control element identifies a Boolean combination of at least one of the authorities. The access control list identifies one or more of the access control elements by which a method to be executed can be authenticated.

Citations

20 Claims

1. An access control system, comprising:
- a plurality of authorities, each authority associating at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials;
  
  a plurality of access control elements, each access control element identifying a Boolean combination of at least one of the authorities; and
  
  at least one access control list, which identifies one or more of the access control elements by which a method to be executed can be authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The access control system of claim 1, wherein the plurality of authorities, the plurality of access control elements and the access control list are maintained by firmware embedded within a peripheral device for which access is controlled by the system.
  - 3. The access control system of claim 1 and further comprising:
    - a credential table, which identifies a set of the proof of knowledge credentials that can be proven by the associated proof of knowledge operation.
  - 4. The access control system of claim 3 and further comprising a plurality of credential tables, where each credential table is associated with a corresponding one of the plurality of proof of knowledge operations.
  - 5. The access control system of claim 1 and further comprising:
    - an authority table, which identifies each of the plurality of authorities and for each authority associates one of the proof of knowledge operations with one of the proof of knowledge credentials.
  - 6. The access control system of claim 1 and further comprising:
    - an access control element table, which identifies each of the plurality of access control elements and for each element, identifies the Boolean combination of the authorities for that access control element.
  - 7. The access control system of claim 1 and further comprising:
    - a method table, which identifies the method among a plurality of methods and for each method, identifies the access control list for that method.
  - 8. The access control system of claim 7 wherein for each method, the method table further comprises a pointer to a program to be executed for that method.

9. An access control system comprising:
- a credential table, which comprises a plurality of proof of knowledge credentials that can be proven by at least one of a plurality of proof of knowledge operations;
  
  an authority table, which identifies a plurality of authorities and for each authority, associates at least one of the proof of knowledge operations with at least one of the proof of knowledge credentials; and
  
  an access control element table, which identifies a plurality of access control elements and for each access control element, identifies a Boolean combination of at least one of the authorities.
- View Dependent Claims (10, 11, 12)
- - 10. The access control system of claim 9 and further comprising:
    - a plurality of credential tables, where each credential table is associated with a corresponding one of the plurality of proof of knowledge operations and comprises the plurality of proof of knowledge credentials that can be proven by that proof of knowledge operation.
  - 11. The access control system of claim 9 and further comprising:
    - a method table, which identifies a plurality of methods that can be executed, and for each method identifies a list of a subset of the access control elements by which that method can be authenticated.
  - 12. The access control system of claim 9, wherein the credential table, the authority table and the access control element table are maintained by firmware embedded within a peripheral device for which access is controlled by the system.

13. A method comprising:
- maintaining a plurality of authorities, each authority associating at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials; and
  
  maintaining a plurality of access control elements, each access control element identifying a Boolean combination of at least one of the authorities, the plurality of authorities and the plurality of access control elements being maintained at least in part within a memory associated with a device for which access is controlled.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13 wherein the plurality of authorities and the plurality of access control elements are embedded at least in part within firmware of the device.
  - 15. The method of claim 13 and further comprising:
    - maintaining a credential table, which comprises a plurality of the proof of knowledge credentials that can be proven by at least one of the plurality of proof of knowledge operations.
  - 16. The method of claim 15, wherein maintaining a credential table comprises:
    - maintaining a plurality of credential tables, where each credential table is associated with a corresponding one of the plurality of proof of knowledge operations and comprises the plurality of the proof of knowledge credentials that can be proven by that proof of knowledge operation.
  - 17. The method of claim 13, wherein maintaining a plurality of authorities comprises:
    - maintaining an authority table, which identifies the plurality of authorities and for each authority, associates one of the proof of knowledge operations with one of the proof of knowledge credentials.
  - 18. The method of claim 13, wherein maintaining a plurality of access control elements comprises:
    - maintaining an access control element table, which identifies the plurality of access control elements and for each access control element identifies the Boolean combination of at least one of the authorities.
  - 19. The method of claim 13 and further comprising:
    - maintaining a method table, which identifies a plurality of methods that can be executed, and for each method identifies a list of a subset of the access control elements by which that method can be authenticated.

20. A computer readable medium having a tangible component comprising instructions, which when executed by a computing device cause the computing device to perform steps comprising:
- maintaining a plurality of authorities, each authority associating at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials; and
  
  maintaining a plurality of access control elements, each access control element identifying a Boolean combination of at least one of the authorities, the plurality of authorities and the plurality of access control elements being maintained at least in part within a memory associated with a device for which access is controlled.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Original Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Inventors
Thibadeau, Robert

Granted Patent

US 8,429,724 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 2209/043   of tables, e.g. lookup, sub...

H04L 63/0869   for achieving mutual authen...

H04L 63/101   Access control lists [ACL]

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/321   involving a third party or ...

H04L 9/3218   using proof of knowledge, e...

H04L 9/50   using hash chains, e.g. blo...

Versatile access control system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Versatile access control system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links