Information handling system, method, and article of manufacture for efficient object security processing by grouping objects sharing common control access policies
First Claim
1. An information handling system, comprising:
- one or more processors;
a memory system;
one or more I/O controllers, each controlling one or more I/O devices;
a bus connecting the processors, the memory system and the I/O controllers;
an operating system controlling operation of the processors, the memory system and the I/O controllers; and
an object oriented control means comprising;
means for creating one or more groups of objects, the objects in each object group sharing a common access control policy, wherein each group contains objects from one or more object classes;
means for associating each object group with one or more access matrixes wherein each access matrix is stored separately from each object; and
means for accessing objects from an object group based on an associated access matrix.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method and article of manufacture, for improving object security in an object oriented system, includes one or more processors, a memory system, one or more I/O controllers, each controlling one or more I/O devices, a bus connecting the processors, the memory system and the I/O controllers, an operating system controlling operation of the processors, the memory system and the I/O controllers, and an object oriented control means which includes means for grouping objects which share common access control policies, where an access control list becomes associated with each object group and the policy applicable to the members of the group. An object may be part of multiple groups, and based upon an environment'"'"'s policy, granting access to the object may be based on a single default object group or on the access granted by the union of all of its object groups.
-
Citations
12 Claims
-
1. An information handling system, comprising:
-
one or more processors; a memory system; one or more I/O controllers, each controlling one or more I/O devices; a bus connecting the processors, the memory system and the I/O controllers; an operating system controlling operation of the processors, the memory system and the I/O controllers; and an object oriented control means comprising; means for creating one or more groups of objects, the objects in each object group sharing a common access control policy, wherein each group contains objects from one or more object classes; means for associating each object group with one or more access matrixes wherein each access matrix is stored separately from each object; and means for accessing objects from an object group based on an associated access matrix. - View Dependent Claims (2, 3, 4)
-
-
5. A method for improving efficiency of an information handling system employing object oriented technology, comprising the steps of:
-
creating one or more groups of objects the objects in each object group sharing a common access control policy, wherein each group contains objects from one or more object classes; associating each object group with one or more access matrixes wherein each access matrix is stored separately from each object; and accessing objects from an object group based on an associated access matrix. - View Dependent Claims (6, 7, 8)
-
-
9. A computer readable medium, comprising:
-
means for creating one or more groups of objects, the objects in each object group sharing a common access control policy, wherein each group contains objects from one or more object classes; means for associating each object group with one or more access matrixes wherein each access matrix is stored separately from each object; and means for accessing objects from an object group based on an associated access matrix. - View Dependent Claims (10, 11, 12)
-
Specification