Information handling system, method, and article of manufacture including a vault object for encapsulation of object security credentials
First Claim
1. A method for improving object security in an information handling system employing object oriented technology, comprising the steps of:
- creating one or more vault objects for encapsulating security relevant objects;
retrieving security credentials associated with an owner of a process;
examining retrieved security credentials against security relevant objects in the vault to determine if the owner of the process is authorized for access to data related to the encapsulated security relevant objects; and
creating a persona object, representing an authenticated identity, the personal object comprising pointers to privileges and capabilities of the owner.
4 Assignments
0 Petitions
Accused Products
Abstract
A system, method and article of manufacture for improving object security in distributed object systems, in an information handling system employing object oriented technology, includes one or more workstations, each workstation having one or more processors, a memory system, an input/output subsystem which may include one or more input/output controllers, each controlling one or more input/output devices, such as communications devices, cursor control devices, keyboards, and display devices, an operating system program such as the OS/2 multi-tasking operating system (OS/2 is a registered trademark of International Business Machines Corporation), and an object oriented control program such as the Distributed System Object Method (DSOM) program available from International Business Machines Corporation, wherein the object oriented control program includes a vault object containing security credentials for objects in the distributed system.
-
Citations
12 Claims
-
1. A method for improving object security in an information handling system employing object oriented technology, comprising the steps of:
-
creating one or more vault objects for encapsulating security relevant objects; retrieving security credentials associated with an owner of a process; examining retrieved security credentials against security relevant objects in the vault to determine if the owner of the process is authorized for access to data related to the encapsulated security relevant objects; and creating a persona object, representing an authenticated identity, the personal object comprising pointers to privileges and capabilities of the owner. - View Dependent Claims (2, 3, 4)
-
-
5. A computer readable medium comprising means for improving object services in an information handling system employing object oriented technology, comprising:
-
means for creating one or more vault objects for encapsulating security relevant objects; means for retrieving security credentials associated with an owner of a process; means for examining retrieved security credentials against security relevant objects in the vault to determine if the owner of the process is authorized for access to data related to the encapsulated security relevant objects; and means for creating a persona object, representing an authenticated identity, the persona object comprising pointers to privileges and capabilities of the owner. - View Dependent Claims (6, 7, 8)
-
-
9. An information handling system, comprising:
-
one or more processors; a storage system; one or more I/O controllers; a system bus, operatively connecting the processors, the storage system and the I/O controllers; a system control program for controlling the operation of the system; means for creating one or more vault objects for encapsulating security relevant objects; means for retrieving security credentials associated with an owner of a process; means for examining retrieved security credentials against security relevant objects in the vault to determine if the owner of the process is authorized for access to data related to the encapsulated security relevant objects; and means for creating a persona object, representing an authenticated identity, the persona object comprising pointers to privileges and capabilities of the owner. - View Dependent Claims (12)
-
-
11. An information handling system, according to claim 11, further comprising:
means for providing a secret key evidencing a right of the owner to an account defined for the owner. - View Dependent Claims (10)
Specification