Transaction-Aware Caching for Access Control Metadata

US 20080162485A1
Filed: 03/14/2008
Published: 07/03/2008
Est. Priority Date: 05/12/2000
Status: Active Grant

First Claim

Patent Images

1. A method for determining authorization to operate on a file, the method comprising the computer-implemented steps of:

receiving a request, associated with a session, for an operation on the file;

looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file;

if said entry is not in said one or more session caches, thenlooking for said entry in one or more shared caches whose entries are accessible to multiple sessions; and

if said entry is not in said one or more shared caches, then obtaining said permissions metadata from a source other than said one or more session caches and said one or more shared caches; and

using said permission data to determine whether said operation may be performed on said file.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are provided for performing transaction-aware caching of metadata in an electronic file system. A mechanism is described for providing transaction-aware caching that uses a cache hierarchy, where the cache hierarchy includes uncommitted caches associated with sessions in an application and a committed cache that is shared among the sessions in that application. Techniques are described for caching document metadata, access control metadata and folder path metadata. Also described is a technique for using negative cache entries to avoid unnecessary communications with a server when applications repeatedly request non-existent data.

Citations

30 Claims

1. A method for determining authorization to operate on a file, the method comprising the computer-implemented steps of:
- receiving a request, associated with a session, for an operation on the file;
  
  looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file;
  
  if said entry is not in said one or more session caches, thenlooking for said entry in one or more shared caches whose entries are accessible to multiple sessions; and
  
  if said entry is not in said one or more shared caches, then obtaining said permissions metadata from a source other than said one or more session caches and said one or more shared caches; and
  
  using said permission data to determine whether said operation may be performed on said file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein said permissions metadata is modified directly.
  - 3. The method of claim 1 wherein said permissions metadata is modified indirectly.
  - 4. The method of claim 1 wherein said permissions metadata is for one or more users and said one or more users are associated with one or more groups.
  - 5. The method of claim 1, wherein said permissions metadata is for one or more users and said one or more users are associated with one or more groups, wherein a particular user of said one or more users are associated with more than one group, and wherein the method further comprises the computer-implemented step of:
    - merging together all permissions metadata for said particular user from said more than one group.
  - 6. The method of claim 1 wherein said entry for said one or more shared caches is populated when said permissions metadata is referenced.
  - 7. The method of claim 1 wherein said entry has an ID column identifying said file and a metadata column containing said permissions metadata.
  - 8. The method of claim 7 wherein said metadata column of said entry in said one or more session caches is populated with modified permissions metadata that was modified by said session.
  - 9. The method of claim 7 wherein said ID column for said one or more session caches is populated when said permissions metadata is modified.
  - 10. The method of claim 7 wherein said ID column for said one or more session caches is populated when said file is modified.
  - 11. The method of claim 7 wherein said metadata column for said one or more session caches is populated when said file is referenced subsequent to said file being modified.
  - 12. The method of claim 7 wherein said metadata column for said one or more session caches is populated when said permissions metadata is referenced subsequent to said permissions metadata being modified.
  - 13. The method of claim 7 wherein said metadata column for said one or more session caches is populated when said file is referenced subsequent to said permissions metadata being modified.
  - 14. The method of claim 7 wherein said metadata column for said one or more session caches is populated when said permissions metadata is referenced subsequent to said file being modified.
  - 15. The method of claim 1, wherein said session is associated with a transaction, and wherein the method further comprises the computer-implemented step of:
    - invalidating said entries in said one or more shared caches when said transaction successfully terminates wherein said entries in said one or more shared caches are duplicates of entries in said one or more session caches.

16. A computer-readable storage medium storing one or more sequences of instructions for determining authorization to operate on a file, which instructions, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request, associated with a session, for an operation on the file;
  
  looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file;
  
  if said entry is not in said one or more session caches, thenlooking for said entry in one or more shared caches whose entries are accessible to multiple sessions; and
  
  if said entry is not in said one or more shared caches, then obtaining said permissions metadata from a source other than said one or more session caches and said one or more shared caches; and
  
  using said permission data to determine whether said operation may be performed on said file.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The computer-readable storage medium of claim 16 wherein said permissions metadata is modified directly.
  - 18. The computer-readable storage medium of claim 16 wherein said permissions metadata is modified indirectly.
  - 19. The computer-readable storage medium of claim 16 wherein said permissions metadata is for one or more users and said one or more users are associated with one or more groups.
  - 20. The computer-readable storage medium of claim 16, wherein said permissions metadata is for one or more users and said one or more users are associated with one or more groups, wherein a particular user of said one or more users are associated with more than one group, and wherein the one or more sequences of instructions further comprise instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of:
    - merging together all permissions metadata for said particular user from said more than one group.
  - 21. The computer-readable storage medium of claim 16 wherein said entry for said one or more shared caches is populated when said permissions metadata is referenced.
  - 22. The computer-readable storage medium of claim 16 wherein said entry has an ID column identifying said file and a metadata column containing said permissions metadata.
  - 23. The computer-readable storage medium of claim 22 wherein said metadata column of said entry in said one or more session caches is populated with modified permissions metadata that was modified by said session.
  - 24. The computer-readable storage medium of claim 22 wherein said ID column for said one or more session caches is populated when said permissions metadata is modified.
  - 25. The computer-readable storage medium of claim 22 wherein said ID column for said one or more session caches is populated when said file is modified.
  - 26. The computer-readable storage medium of claim 22 wherein said metadata column for said one or more session caches is populated when said file is referenced subsequent to said file being modified.
  - 27. The computer-readable storage medium of claim 22 wherein said metadata column for said one or more session caches is populated when said permissions metadata is referenced subsequent to said permissions metadata being modified.
  - 28. The computer-readable storage medium of claim 22 wherein said metadata column for said one or more session caches is populated when said file is referenced subsequent to said permissions metadata being modified.
  - 29. The computer-readable storage medium of claim 22 wherein said metadata column for said one or more session caches is populated when said permissions metadata is referenced subsequent to said file being modified.
  - 30. The computer-readable storage medium of claim 16, wherein said session is associated with a transaction, and wherein the one or more sequences of instructions further comprise instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of:
    - invalidating said entries in said one or more shared caches when said transaction successfully terminates wherein said entries in said one or more shared caches are duplicates of entries in said one or more session caches.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David B. Pitfield, David J. Long
Original Assignee
David B. Pitfield, David J. Long
Inventors
Pitfield, David B., Long, David J.

Granted Patent

US 8,745,017 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/9
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 67/06   specially adapted for file ...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Y10S 707/99952   Coherency, e.g. same view t...

Y10S 707/99953   Recoverability

Transaction-Aware Caching for Access Control Metadata

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction-Aware Caching for Access Control Metadata

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links