×

ACCESS CONTROL OF DATA IN A DISPERSED STORAGE NETWORK

  • US 20140123316A1
  • Filed: 09/17/2013
  • Published: 05/01/2014
  • Est. Priority Date: 10/30/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method for execution by one or more processing modules of one or more computing devices, the method comprises:

  • in response to a data access request that includes a data access request type, a data object identifier of a data object, and a user identifier of a user of a user device, accessing hierarchical data access control information that includes;

    a plurality of logical memory access control files, wherein a logical memory access control file of the plurality of logical memory access control files includes a list of users that have access to a particular logical memory space and a list of corresponding access rights to data stored within the particular logical memory space; and

    a plurality of sets of data object access control files, wherein a set of data object access control files of the plurality of sets of data object access control files is associated with the logical memory access control file, wherein a data object access control file of the set of data object access control files includes a list of data access restrictions for one or more users of the list of users of the logical memory access control file;

    from the hierarchical data access control information, obtaining one of the plurality of logical memory access control files based on the user identifier;

    determining, from the one of the plurality of logical memory access control files, whether the data access request type is within corresponding access rights of the user device;

    when the data access request type is within the corresponding access rights of the user device, obtaining a corresponding data object access control file from a corresponding set of data object access files of the plurality of sets of data object access control files based on the data object identifier;

    determining, from the corresponding data object access control file, whether the data access request type is restricted; and

    when the data access request type is not restricted, processing the data access request.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×