Method for controlling access to a computer resource based on a timing policy
First Claim
Patent Images
1. A method for controlling access to a computer resource running on a host computer comprising the steps of:
- a) in response to a request from a new user having a new user identification code X to access a computer resource associated with a host computer, calling a log table having N entry slots from a memory location associated with a host computer, with each of the N entry slots being filled with an entry comprised of the form (u,t), where u is a user identification entry for a user u, and t corresponds to a time at which the user u accessed the computer resource;
b) using a clock associated with the host computer to generate a current time CT;
c) calling a policy enforcement module from the memory location associated with the host computer, the policy enforcement module specifying a time condition T between the time t and the current time CT that must be satisfied before access to the computer resource will be granted to the new user not having an entry in the log table;
d) comparing the current time CT to at least one of the N entries in the log table referred to as (y,t1) to determine a time period between the current time CT and a time t1, where y is a user identification entry for a user y, and t1 corresponds to a time at which the user y accessed the computer resource; and
e) denying the new user access to the computer resource if the time period does not satisfy the time condition T.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling access to a resource running on a host computer by one or more users which uses a timing policy to control when a current authorized user can be replaced by a new authorized user. The method comprises the steps of scanning a first list to verify that the new user is on the first list, scanning a second list to determine if a current user can be replaced without violating the timing policy, and granting the new user access to the resource if the timing policy is not violated. The method can be used to control access to an application program running on a file server in a local area network.
130 Citations
3 Claims
-
1. A method for controlling access to a computer resource running on a host computer comprising the steps of:
-
a) in response to a request from a new user having a new user identification code X to access a computer resource associated with a host computer, calling a log table having N entry slots from a memory location associated with a host computer, with each of the N entry slots being filled with an entry comprised of the form (u,t), where u is a user identification entry for a user u, and t corresponds to a time at which the user u accessed the computer resource; b) using a clock associated with the host computer to generate a current time CT; c) calling a policy enforcement module from the memory location associated with the host computer, the policy enforcement module specifying a time condition T between the time t and the current time CT that must be satisfied before access to the computer resource will be granted to the new user not having an entry in the log table; d) comparing the current time CT to at least one of the N entries in the log table referred to as (y,t1) to determine a time period between the current time CT and a time t1, where y is a user identification entry for a user y, and t1 corresponds to a time at which the user y accessed the computer resource; and e) denying the new user access to the computer resource if the time period does not satisfy the time condition T. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsKorenshtein, Roni
-
Primary Examiner(s)Beausoliel, Jr., Robert W.
-
Assistant Examiner(s)Palys, Joseph E.
-
Application NumberUS08/536,603Time in Patent Office375 DaysField of Search395/186, 395/187.01, 395/188.01, 395/490, 395/479, 380/23US Class Current726/3CPC Class CodesG06F 21/6218 to a system of files or obj...G06F 2221/2141 Access rights, e.g. capabil...
