METHOD FOR CONTROLLING ACCESS TO DATA CONTAINERS IN A COMPUTER SYSTEM
First Claim
Patent Images
1. A method for controlling access to objects stored in a computer system;
- wherein ownership and access rights may be attributes of object containers and,wherein ownership and access rights of contained objects are implied by presence of said objects in an object container and,wherein object containers may be in the form of logical entities, including but not limited to file systems, folders and directories, and data structures in various forms including but not limited to lists, chains, trees, arrays, queues and tables.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for controlling access to stored objects in a computer system is provided that is both powerful and flexible, and minimizes complexity to the user. The method may apply to logical containers of objects and supports arbitrary configurations of logical containers, including nests and hierarchies. The method extends beyond the simple notion of permission, to include not only operation-oriented rights, but more complex and possibly dynamic access conditions, criteria and rules. The method provides for association of actions to be triggered and performed, optionally, in relation to access or attempted access to stored objects.
165 Citations
15 Claims
-
1. A method for controlling access to objects stored in a computer system;
-
wherein ownership and access rights may be attributes of object containers and, wherein ownership and access rights of contained objects are implied by presence of said objects in an object container and, wherein object containers may be in the form of logical entities, including but not limited to file systems, folders and directories, and data structures in various forms including but not limited to lists, chains, trees, arrays, queues and tables. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. The method of claim 15 wherein subsequent operations or other accesses may be controlled in accordance with rules, criteria or policies such as digital signatures, expiration date and time, and possibly other mechanisms to provide assurance of the integrity and authenticity of stored objects.
Specification