RULE-BASED ACCESS CONTROL TO DATA OBJECTS
First Claim
Patent Images
1. A method comprising:
- assigning, via a computer processor, a plurality of tags to data objects associated with a client device, the tags representing security attributes; and
upon determining an access attempt for one of the data objects has been initiated by a user of the client device;
gathering environmental information associated with conditions surrounding the client device;
identifying a tag, of the plurality of tags, assigned to the one of the data objects;
applying an access control rule to the environmental information as a function of the corresponding tag; and
performing, via the computer processor, an access-related function with respect to the access attempt for the one of the data objects based on results of application of the access control rule.
1 Assignment
0 Petitions
Accused Products
Abstract
Access control functions for data objects include assigning tags to the data objects associated with a client device. The tags represent security attributes. Upon determining an access attempt for one of the data objects has been initiated by a user of the client device, the access control functions include gathering environmental information associated with conditions surrounding the client device, identifying a tag assigned to the one of the data objects, applying access control rules to the environmental information as a function of the corresponding tag, and performing an access-related function with respect to the access attempt based on results of application of the access control rules.
9 Citations
20 Claims
-
1. A method comprising:
-
assigning, via a computer processor, a plurality of tags to data objects associated with a client device, the tags representing security attributes; and upon determining an access attempt for one of the data objects has been initiated by a user of the client device; gathering environmental information associated with conditions surrounding the client device; identifying a tag, of the plurality of tags, assigned to the one of the data objects; applying an access control rule to the environmental information as a function of the corresponding tag; and performing, via the computer processor, an access-related function with respect to the access attempt for the one of the data objects based on results of application of the access control rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a computer processor; and logic executable by the computer processor, the logic configured to; assign a plurality of tags to data objects associated with a client device, the tags representing security attributes; and upon determining an access attempt for one of the data objects has been initiated by a user of the client device; gather environmental information associated with conditions surrounding the client device; identify a tag, of the plurality of tags, assigned to the one of the data objects; apply an access control rule to the environmental information as a function of the corresponding tag; and perform, via the computer processor, an access-related function with respect to the access attempt for the one of the data objects based on results of application of the access control rule. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer program product comprising a computer readable storage medium having program instructions embodied thereon, the program instructions executable by a computer processor to cause the computer processor:
-
assign a plurality of tags to data objects associated with a client device, the tags representing security attributes; and upon determining an access attempt for one of the data objects has been initiated by a user of the client device; gather environmental information associated with conditions surrounding the client device; identify a tag, of the plurality of tags, assigned to the one of the data objects; apply an access control rule to the environmental information as a function of the corresponding tag; and perform an access-related function with respect to the access attempt for the one of the data objects based on results of application of the access control rule. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification