×

METHOD AND APPARATUS TO SUPPORT PRIVILEGES AT MULTIPLE LEVELS OF AUTHENTICATION USING A CONSTRAINING ACL

  • US 20090144804A1
  • Filed: 11/29/2007
  • Published: 06/04/2009
  • Est. Priority Date: 11/29/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method for using an ACL (access control list) to determine user privileges in a database, the method comprising:

  • authenticating a user at an authentication level, wherein the authentication level is associated with a role;

    associating the role with the user, thereby enabling the database to use the role to determine the user'"'"'s privileges based on the authentication level;

    receiving a request from the user to perform an operation on data;

    identifying an ACL associated with the data, wherein the ACL specifies the user'"'"'s privileges, and wherein the ACL inherits from a constraining ACL which specifies the role'"'"'s privileges;

    using the ACL to determine whether the user is permitted to perform the operation;

    using the constraining ACL to determine whether the role is permitted to perform the operation; and

    performing the operation on the data in response to determining that both the user and the role are permitted to perform the operation.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×