AUTHORIZED DATA ACCESS BASED ON THE RIGHTS OF A USER AND A LOCATION
First Claim
Patent Images
1. A method, comprising:
- receiving a session login request by a user from a computer;
determining user access rights of the user;
determining computer access rights of the computer;
determining session access rights as an intersection of the user access rights and the computer access rights; and
authorizing access for the session to one or more files in a repository based on applying the session access rights to file permissions of the one or more files.
11 Assignments
0 Petitions
Accused Products
Abstract
Access to files is properly granted regardless of whether an accessing user is located at their primary location or at any “roaming” location. In particular, the techniques herein consider the user rights, rights of any computer from which the user is accessing files, and the rights associated with the files themselves, such as by determining the User ∩ Computer intersection of access rights (an overlap between rights of the user and rights of the computer), and applying these access rights to file rights (e.g., file metadata) to determine what access the user has to the files (e.g., viewing, modifying, etc.).
17 Citations
20 Claims
-
1. A method, comprising:
-
receiving a session login request by a user from a computer; determining user access rights of the user; determining computer access rights of the computer; determining session access rights as an intersection of the user access rights and the computer access rights; and authorizing access for the session to one or more files in a repository based on applying the session access rights to file permissions of the one or more files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18)
-
-
13. A tangible, non-transitory computer-readable medium having software encoded thereon, the software when executed by a processor operable to:
-
receive a session login request by a user from a computer; determine user access rights of the user; determine computer access rights of the computer; determine session access rights as an intersection of the user access rights and the computer access rights; and authorize access for the session to one or more files in a repository based on applying the session access rights to file permissions of the one or more files.
-
-
19. An apparatus, comprising:
-
one or more network interfaces; a processor coupled to the network interfaces and adapted to execute one or more processes; and a memory configured to store a process executable by the processor, the process when executed operable to; receive a session login request by a user from a computer; determine user access rights of the user; determine computer access rights of the computer; determine session access rights as an intersection of the user access rights and the computer access rights; and authorize access for the session to one or more files in a repository based on applying the session access rights to file permissions of the one or more files. - View Dependent Claims (20)
-
Specification