Method and apparatus to implement secured, layered logout from a computer system
First Claim
1. A method to provide a structured logout from a user session, comprising:
- providing a logout strategy to include a set of security levels of varying sensitivity, each security level having a set of permissions associated therewith and that are enforced upon a timeout, and wherein each succeeding security level in the set of security levels is reached as time increases from an idle time associated with the user session;
upon expiration of a timeout associated with a security level, enforcing the set of permissions associated with the security level against at least one managed object while continuing the user session; and
upon expiration of a timeout associated with a final security level of the set of security levels, ending the user session.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure, layered logout of a user session is implemented in a web-based management tool, such as a middleware appliance. A logout strategy is provided to include a set of security levels of varying sensitivity, with each security level having a set of permissions associated therewith and that are enforced upon a timeout. Preferably, each succeeding security level in the set of security levels is reached as time increases from an idle time associated with the user session. Upon expiration of a timeout associated with a security level, the set of permissions associated with the security level are then enforced against at least one managed object while the user session continues. As each next security level is reached, the set of permissions associated with the security level are then enforced (with respect to the managed object or against one or more other managed objects), once again while the user session continues. Each of the objects preferably is managed independently of at least one other object; thus, the layered logout may enforce different permissions with respect to different managed objects while at the time maintaining the user session. If the user takes no action, eventually a timeout associated with a final security level of the set of security levels will occur, at which point the user session is finally terminated.
-
Citations
25 Claims
-
1. A method to provide a structured logout from a user session, comprising:
-
providing a logout strategy to include a set of security levels of varying sensitivity, each security level having a set of permissions associated therewith and that are enforced upon a timeout, and wherein each succeeding security level in the set of security levels is reached as time increases from an idle time associated with the user session; upon expiration of a timeout associated with a security level, enforcing the set of permissions associated with the security level against at least one managed object while continuing the user session; and upon expiration of a timeout associated with a final security level of the set of security levels, ending the user session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. Apparatus to provide a structured logout from a user session, comprising:
-
a processor; computer memory holding computer program instructions that when executed by the processor perform a method comprising; providing a logout strategy to include a set of security levels of varying sensitivity, each security level having a set of permissions associated therewith and that are enforced upon a timeout, and wherein each succeeding security level in the set of security levels is reached as time increases from an idle time associated with the user session; upon expiration of a timeout associated with a security level, enforcing the set of permissions associated with the security level against at least one managed object while continuing the user session; and upon expiration of a timeout associated with a final security level of the set of security levels, ending the user session. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
- 16. The apparatus as described in claim 9 wherein the managed object is an object that is managed during the user session independently of at least one other managed object.
-
16-1. A computer program product in a computer readable medium for use in a data processing system to provide a structured logout from a user session, the computer program product holding computer program instructions which, when executed by the data processing system, perform a method comprising:
-
providing a logout strategy to include a set of security levels of varying sensitivity, each security level having a set of permissions associated therewith and that are enforced upon a timeout, and wherein each succeeding security level in the set of security levels is reached as time increases from an idle time associated with the user session; upon expiration of a timeout associated with a security level, enforcing the set of permissions associated with the security level against at least one managed object while continuing the user session; and upon expiration of a timeout associated with a final security level of the set of security levels, ending the user session.
-
Specification