CONTROL OF ACCESS TO FILES
First Claim
1. A method for controlling access to files, the method comprising the steps of:
- receiving classifications of two or more files into a same category and storing the classifications of the two or more files, wherein the category comprises one of;
product-line identifier, geographic location, customer-account identifier, network type, server-platform type, and server operating status;
receiving a configuration of an access-control list to grant access to one or more users to the two or more files based on the category;
in response to a request for access by a user for one file of the two or more files, the request specifying the one file but not the category of the one file, identifying, by one or more processors, the category of the one file based on the stored classification of the one file, and checking the access-control list to determine that the user is authorized to access the category, and, in response, granting, by the one or more processors, the user access to the one file.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system and program product for using access-control lists to control access to categorized computer files. Two or more computer files are each associated with one of a set of possible classifications that fall within a single category and an access-control list associates a user with a subset of these classifications. In response to the user'"'"'s request for access to one of these files, where the request specifies the requested file but does not specify the category of the requested file, the processor identifies the requested file'"'"'s category based on that file'"'"'s associated classifications, checks the access-control list to determine that the user is authorized to access files of the identified category, and then grants the requesting user access to the requested file.
-
Citations
13 Claims
-
1. A method for controlling access to files, the method comprising the steps of:
-
receiving classifications of two or more files into a same category and storing the classifications of the two or more files, wherein the category comprises one of;
product-line identifier, geographic location, customer-account identifier, network type, server-platform type, and server operating status;receiving a configuration of an access-control list to grant access to one or more users to the two or more files based on the category; in response to a request for access by a user for one file of the two or more files, the request specifying the one file but not the category of the one file, identifying, by one or more processors, the category of the one file based on the stored classification of the one file, and checking the access-control list to determine that the user is authorized to access the category, and, in response, granting, by the one or more processors, the user access to the one file. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for controlling access to files, the computer program product comprising:
-
a computer-readable storage device; first program instructions for receiving classifications of two or more files into a same category and storing the classifications of the two or more files, wherein the category comprises one of;
product-line identifier, geographic location, customer-account identifier, network type, server-platform type, and server operating status;second program instructions for receiving a configuration of an access-control list to grant access to one or more users to the two or more files based on the category; third program instructions for, in response to a request for access by a user for one file of the two or more files, the request specifying the one file but not the category of the one file, identifying, by one or more processors, the category of the one file based on the stored classification of the one file, and checking the access-control list to determine that the user is authorized to access the category, and, in response, granting, by the one or more processors, the user access to the one file. wherein the first program instructions, the second program instructions, and the third program instructions are stored on the computer-readable storage device. - View Dependent Claims (9, 10)
-
-
11. A computer system for controlling access to files, the computer system comprising:
-
a processor; a computer-readable memory; a computer-readable storage device; first program instructions for receiving classifications of two or more files into a same category and storing the classifications of the two or more files, wherein the category comprises one of;
product-line identifier, geographic location, customer-account identifier, network type, server-platform type, and server operating status;second program instructions for receiving a configuration of an access-control list to grant access to one or more users to the two or more files based on the category; third program instructions for, in response to a request for access by a user for one file of the two or more files, the request specifying the one file but not the category of the one file, identifying, by one or more processors, the category of the one file based on the stored classification of the one file, and checking the access-control list to determine that the user is authorized to access the category, and, in response, granting, by the one or more processors, the user access to the one file. wherein the first program instructions, the second program instructions, and the third program instructions are stored on the computer-readable storage device for execution by the processor via the computer-readable memory. - View Dependent Claims (12, 13)
-
Specification