Automated generation on file access control system commands in a data processing system with front end processing of a master list
First Claim
1. A file access controller front end for an access controller of data processing system, said data processing system having a file access controller including a master file, said master file of said data processing system having a plurality of user/access lists, said file access controller front end being connected to said data processing system and includingmeans for storing a processed master list of authorized users corresponding to data in said user/access lists of said master file of said data processing system, said processed master list being stored seperately from said master file in text form and identifying the authorized users to which said data processing system will grant access,means for detecting invalid and duplicate user/access authorizations in said processed master list,means for editing said text of said processed master list to form an edited master list with said invalid and duplicated user/access authorizations remove therefrom, andmeans for accessing said file access controller only subsequent to said editing of said text updating said user/access list of said file access controller of said data processing system and said processed master list in response to said edited master list to provide new user/access lists and new processed master list which conform to said edited master list.
0 Assignments
0 Petitions
Accused Products
Abstract
A front end is provided for an access controller for controlling access to a shared resource in a data processing system to contain a processed master list, in text form, of users to which access will be granted. The list of users may be edited by a simple editor or word processor. commands to the access controller are generated based upon a comparison of the processed master list and the edited master list. By storing access commands in the front end for the access controller, transparency of the access controller is provided to both users and the system authorization administrator.
-
Citations
24 Claims
-
1. A file access controller front end for an access controller of data processing system, said data processing system having a file access controller including a master file, said master file of said data processing system having a plurality of user/access lists, said file access controller front end being connected to said data processing system and including
means for storing a processed master list of authorized users corresponding to data in said user/access lists of said master file of said data processing system, said processed master list being stored seperately from said master file in text form and identifying the authorized users to which said data processing system will grant access, means for detecting invalid and duplicate user/access authorizations in said processed master list, means for editing said text of said processed master list to form an edited master list with said invalid and duplicated user/access authorizations remove therefrom, and means for accessing said file access controller only subsequent to said editing of said text updating said user/access list of said file access controller of said data processing system and said processed master list in response to said edited master list to provide new user/access lists and new processed master list which conform to said edited master list.
-
5. A file access control system for a data processing system, said data processing system having at least a portion of a memory arranged as a plurality of mini-disks, each said mini-disk including a list of authorized users, said access control system including
means for creating a master list of authorized users of said data processing system, means for creating a plurality of lists of authorized users for said plurality of mini-disks, at least one list of said plurality of lists corresponding to each mini-disk, from said master list, means for creating a processed master list from said plurality of lists of authorized users of said mini-disks, means for validating and editing said processed master list to form an edited master list, and means for accessing said file access controller only subsequent to said validating and editing of said text updating a list of authorized users of a mini-disk said data processing system and said processed master list in response to said edited master list to provide new lists of authorized users and a new processed master list which conform to said edited master list.
-
7. A method of altering access authorization of a data processing system which includes a file access controller and at least a portion of memory arranged as a plurality of mini-disks, each said mini-disk including a list of authorized users, said method including the steps of
validating and editing a master list of authorized users to form an edited master list, creating a processed master list of authorized users for at least one mini-disk from said edited master list, storing said list of authorized users for at least one mini-disk, and accessing said file access controller only subsequent to said validating and editing of said list of authorized users of a mini-disk of said data processing system and said creation of said processed master list in response to said edited master list to provide a new list of authorized users and a new processed master list which conform to said edited master list.
-
11. A method of file access control for a data processing system including a file access controller and a master file, said master file of said data processing system having plurality of user/access lists, including the steps of
storing a processed master list of authorized users corresponding to data in said user/access lists of said data processing system, said processed master list being stored in said file access controller separately from said master file in text form and identifying the authorized users to which said data processing system will grant access, detecting invalid and duplicate user/access authorizations in said processed master list, editing said text of said processed master list to form an edited master list with said invalid and duplicate user/access authorizations removed therefrom, and accessing said file access controller only subsequent to said editing step, updating said user/access lists of said file access controller of said data processing system and said processed master list in response to said edited master list to provide new user/access lists and a new processed master list which conform to said edited master list.
-
17. A method of access control for a data processing system, said data processing system having at least a portion of a memory arranged as a plurality of mini-disks and including a file access controller, said method including the steps of
creating a master list of authorized users of said data processing system, creating a plurality of lists of authorized users for said plurality of mini-disks, at least one list of sad plurality of lists corresponding to each mini-disk, from said master list, creating a processed master list from said plurality of lists of authorized users of said mini-disks validating and editing said processed master list to form an edited master list, and accessing said file access controller only subsequent to said validating and editing of said list of authorized users of a mini-disk said data processing system and said creating of said processed master list in response to said edited master list to provide new lists of authorized users and a new processed master list which conform to said edited master list.
-
19. An access control system for a data processing system having at least a portion of a memory arranged as a master file, said master file of said data processing system having a plurality of mini-disks and a plurality of user/access lists corresponding to respective ones of the mini-disks, said access control system including
means for storing a processed master list of authorized users corresponding to data in said user/access lists of said master file of said data processing system, said processed master list being stored separately from said master file in text form and identifying the authorized users to which said data processing system will grant access, means for detecting invalid and duplicate user/access authorizations in said processed master list, means for editing said text of said processed master list to form an edited master list with said invalid and duplicate user/access authorizations removed therefrom to form an edited master list, and means for accessing said file access controller only subsequent to editing of said text of said processed master list, updating said user/access lists of said data processing system and said processed master list in response to said edited master list to provide new user/access lists and a new processed master list which conform to said edited master list.
-
22. A method of access control for a data processing system including a file access controller and at least a portion of a memory arranged as a master file, said master file of said data processing system having a plurality of mini-disks and a plurality of user/access lists corresponding to the mini-disks, including the steps of
storing a processed master list of authorized users corresponding to data in said user/access lists of said master file of said data processing system, said processed master list being stored in said file access controller separately from said master file in text form and identifying the authorized users to which said data processing system will grant access, detecting invalid and duplicate user/access authorizations in said processed master list, editing said text of said processed master list to form an edited master list with said invalid and duplicate user/access authorizations removed therefrom, and accessing said file access controller only subsequent to editing of said text, updating said user/access lists of said data processing system and said processed master list in response to said edited master list to provide new user/access lists and a new processed master list which conform to said edited master list.
Specification