METHOD AND SYSTEM FOR EXTENDING ROLE BASED ACCESS CONTROL ACROSS NETWORK FILE SYSTEMS
First Claim
1. A method of managing access to files in a data processing network including a server computer, a client computer, and a network file system for managing access to files, and wherein a process runs on the client computer, and a defined group of privileges to the files are available to the process, the method comprising the steps of:
- using the network file system to mount a group of files on the server computer;
the process generating a request for a file operation;
determining whether the process has a specified privilege for the file operation; and
when the process has said specified privilege, modifying said request to include a signal to the server to honor the request of the process s.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system are disclosed for managing access to files in a data processing network including a server computer, a client computer, and a network file system. The network file system is used to mount the files on the server computers, and a defined group of privileges are available to those files. In the operation of the network, a process runs on the client computer, and the process generates a request for a file operation. The method comprises the steps of determining whether the process has a specified privilege for the file operation; and when the process has this privilege, modifying the request to include a signal to the server to honor the request of the process. In the preferred embodiment of the invention, the client determines whether the process has the specified privilege and makes an appropriate modification to the request.
-
Citations
20 Claims
-
1. A method of managing access to files in a data processing network including a server computer, a client computer, and a network file system for managing access to files, and wherein a process runs on the client computer, and a defined group of privileges to the files are available to the process, the method comprising the steps of:
-
using the network file system to mount a group of files on the server computer; the process generating a request for a file operation; determining whether the process has a specified privilege for the file operation; and when the process has said specified privilege, modifying said request to include a signal to the server to honor the request of the process s. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for managing access to files in a data processing network including a server computer, a client computer, and a network file system for mounting files on the server computer, and wherein a process runs on the client computer and generates a request for a file operation, and a defined group of privileges to the files are available to the process, the system comprising:
one or more processing units on the client computer and configured for determining whether the process has a specified privilege to a defined file; and
when the process has said specified privilege, for modifying said request to include a signal to the server to honor said request generated by the process.- View Dependent Claims (12, 13, 14, 15, 20)
-
16. A computer readable storage media, tangibly embodying a program of instructions executable by the computer to perform method steps for managing access to files in a data processing network including a server computer, a client computer, and a network file system for mounting files on the server computer, and wherein a process runs on the client computer and generates a request for a file operation, and a defined group of privileges to the files are available to the process, said method steps comprising:
-
determining whether the process has a specified privilege to a defined file; and when the process has said specified privilege, modifying said request to include a signal to the server to honor the request generated by the process. - View Dependent Claims (17, 18, 19)
-
Specification