NETWORK SYSTEM
First Claim
1. A network system comprising:
- a first node;
a second node; and
an access control list of each object shared by the first node and the second node, the access control list including an access control entry in which an account ID and an access right of an account permitted to access the object are recorded,wherein the first node comprisesan account association table in which an account name and an account ID of an account created at the node itself are recorded in association with each other and in which an account name and an account ID of an account created at the second node are recorded in association with each other andan access control list change unit that, in response to an access control list change request including identification information on an object an access control list of which is to be changed, an account name of an account for which an access control entry is to be changed, and change contents, retrieves an account ID recorded in association with the account name in the access control list change request, from the account association table and changes, in accordance with the change contents, an access control entry in which the retrieved account ID is recorded and that is included in the access control list of the object indicated by the identification information.
1 Assignment
0 Petitions
Accused Products
Abstract
In an account association table the account IDs and account names of accounts created at nodes are associated and recorded. In response to an access control list change request including the account name of an account the access control entry of which is to be changed and the contents of the change, an access control list change unit retrieves an account ID recorded while being associated with the account name from the account association table and changes, in accordance with the contents of the change, an access control entry in which the retrieved account ID is recorded among account control entries in an access control list to be changed.
18 Citations
8 Claims
-
1. A network system comprising:
-
a first node; a second node; and an access control list of each object shared by the first node and the second node, the access control list including an access control entry in which an account ID and an access right of an account permitted to access the object are recorded, wherein the first node comprises an account association table in which an account name and an account ID of an account created at the node itself are recorded in association with each other and in which an account name and an account ID of an account created at the second node are recorded in association with each other and an access control list change unit that, in response to an access control list change request including identification information on an object an access control list of which is to be changed, an account name of an account for which an access control entry is to be changed, and change contents, retrieves an account ID recorded in association with the account name in the access control list change request, from the account association table and changes, in accordance with the change contents, an access control entry in which the retrieved account ID is recorded and that is included in the access control list of the object indicated by the identification information. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A node comprising:
-
an account association table in which an account name and an account ID of an account created at the node itself are recorded in association with each other and an account name and an account ID of an account created in a different node are recorded in association with each other; and an access control list change unit that, in response to an access control list change request including identification information on an object an access control list of which is to be changed among objects shared by the node itself and the different node, an account name of an account for which an access control entry is to be changed, and change contents, retrieves an account ID recorded in association with the account name in the access control list change request, from the account association table and changes, in accordance with the change contents, an access control entry in which the retrieved account ID and an access right are recorded and that is included in the access control list of the object indicated by the identification information.
-
-
7. An access control list change method for a network system including a first node, a second node, and an access control list of each object shared by the first node and the second node, the access control list including an access control entry in which an account ID and an access right of an account permitted to access the object are recorded, the access control list change method comprising:
in response to an access control list change request including identification information on an object an access control list of which is to be changed, an account name of an account for which an access control entry is to be changed, and change contents, the first node retrieving an account ID recorded in association with the account name in the access control list change request, from an account association table in which an account name and an account ID of an account created at the node itself are recorded in association with each other and in which an account name and an account ID of an account created at the second node are recorded in association with each other, and changing, in accordance with the change contents, an access control entry in which the retrieved account ID is recorded and that is included in the access control list of the object indicated by the identification information.
-
8. A non-transitory computer readable storage medium recording thereon a program, causing a computer including an account association table in which an account name and an account ID of an account created in the computer itself are recorded in association with each other and an account name and an account ID of an account created in a different computer are recorded in association with each other, to function as
an access control list change unit that, in response to an access control list change request including identification information on an object an access control list of which is to be changed among objects shared by the computer itself and the different computer, an account name of an account for which an access control entry is to be changed, and change contents, retrieves an account ID recorded in association with the account name in the access control list change request, from the account association table and changes, in accordance with the change contents, an access control entry in which the retrieved account ID and an access right are recorded and that is included in the access control list of the object indicated by the identification information.
Specification