Controlling access to objects in a hierarchical database
First Claim
1. A method for controlling access to objects in a hierarchical database, the computer-implemented method comprising the steps of:
- choosing at least one target object in the hierarchical database;
selecting an ancestor object which is a hierarchical ancestor of the target object;
reading an access control value in an access control property of the ancestor object, the access control property designating an inheritable access constraint; and
propagating the inheritable access constraint by applying it to at least the target object.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for controlling access to objects in a hierarchical database. The database may include a directory services repository, and/or synchronized partitions. An access constraint propagator reads an access control property of an ancestor of a target object. The access control property designates an inheritable access constraint such as an object class filter or an "inheritable" flag. The object class filter restricts a grant of rights to objects of an identified class. The "inheritable" flag allows inheritance of an access constraint on a specific object property. The propagator enforces the inheritable access constraint by applying it to at least the target object.
-
Citations
24 Claims
-
1. A method for controlling access to objects in a hierarchical database, the computer-implemented method comprising the steps of:
-
choosing at least one target object in the hierarchical database; selecting an ancestor object which is a hierarchical ancestor of the target object; reading an access control value in an access control property of the ancestor object, the access control property designating an inheritable access constraint; and propagating the inheritable access constraint by applying it to at least the target object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 21, 22, 23, 24)
-
-
9. A hierarchical database access control system comprising:
-
a computer system having a storage medium and a processor; a hierarchical database stored in the storage medium and susceptible to processing with the processor, the database including a target object and also including an ancestor object which is a hierarchical ancestor of the target object, the ancestor object having an access control property which designates an inheritable access constraint; and means for propagating the inheritable access constraint by applying it to at least the target object. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification