Methods and apparatus for synchronizing access control in a web server
First Claim
Patent Images
1. A method for synchronizing access control in a web server comprising:
- defining a plurality of security scenarios;
associating each security scenario with one or more security settings for a plurality of access control mechanisms that control access to a web server or to resources that are used by the web server; and
setting one or more security settings for one or more of the access control mechanisms responsive to selection of a security scenario.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for synchronizing access control in a web server are described. A plurality of security scenarios are defined, each of which has one or more security settings associated therewith. The security settings are those that are associated with a plurality of access control mechanisms that control access to a web server or to resources that are used by the web server. One or more of the security settings for one or more of the access control mechanisms are set when a security scenario is selected. Thus, the security settings for a number of different access control mechanisms can be set contemporaneously by selecting one security scenario.
-
Citations
36 Claims
-
1. A method for synchronizing access control in a web server comprising:
-
defining a plurality of security scenarios;
associating each security scenario with one or more security settings for a plurality of access control mechanisms that control access to a web server or to resources that are used by the web server; and
setting one or more security settings for one or more of the access control mechanisms responsive to selection of a security scenario. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
an authentication mechanism for authenticating various users;
a web permissions mechanism that defines what particular operations are allowed on particular resources;
an access restriction mechanism that can permit or deny access to a web site based upon an identification that is associated with a particular user; and
an access control list (ACL) of user information and the privileges that are associated with a particular resource.
-
-
7. The method of claim 1, wherein the access control mechanisms comprise:
-
an authentication mechanism for authenticating various users;
an access restriction mechanism that can permit or deny access to a web site based upon an identification that is associated with a particular user; and
an access control list (ACL) of user information and the privileges that are associated with a particular resource.
-
-
8. The method of claim 1, wherein the setting of the one or more security settings comprises setting a security setting of a third party access control mechanism that controls access to resources that are not managed by the web server.
-
9. The method of claim 1 further comprising adjusting one or more security settings for one or more of the access control mechanisms responsive to user input.
-
10. An access controller for a web server comprising:
-
a memory;
an association stored in the memory of a plurality of security scenarios and one or more correlated security settings for a plurality of access control mechanisms that control access to a web server or to resources that are used by the web server, the security settings for the plurality of access control mechanisms being settable through selection of a correlated security scenario. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A web server comprising:
-
a plurality of access control mechanisms, each access control mechanism being configured to control access to the web server or to resources that are used by the web server, and having one or more settable security settings; and
a plurality of security scenarios each being associated with one or more security settings of one or more access control mechanisms, the security scenarios being selectable by a user to automatically set the security settings of the one or more access control mechanisms with which the security scenario is associated. - View Dependent Claims (18, 19, 20, 21, 22)
an authentication mechanism for authenticating various users;
a web permissions mechanism that defines what particular operations are allowed on particular resources;
an access restriction mechanism that can permit or deny access to a web site based upon an identification that is associated with a particular user; and
an access control list (ACL) of user information and the privileges that are associated with a particular resource.
-
-
23. A method of synchronizing access control in a web server comprising:
-
selecting a location within a hierarchical namespace, the location being associated with accessible resources;
presenting a user with an option to inherit security settings from an upstream location in the hierarchical namespace, the security settings setting security for a plurality of access control mechanisms that control access to a location'"'"'s accessible resources; and
inheriting the security settings from the upstream location responsive to a user opting to do so. - View Dependent Claims (24, 25, 26, 27, 28, 29)
an authentication mechanism for authenticating various users;
a web permissions mechanism that defines what particular operations are allowed on particular resources;
an access restriction mechanism that can permit or deny access to resources based upon an identification that is associated with a particular user; and
an access control list (ACL) of user information and the privileges that are associated with a particular resource.
-
-
30. A method for synchronizing access control to resources that are accessible through a web server comprising:
-
storing a plurality of security scenarios, each security scenario being associated with one or more security settings for a plurality of access control mechanisms that control access to resources;
accessing a stored security scenario; and
setting the security settings that are associated with an accessed security scenario. - View Dependent Claims (31, 32, 33, 34, 35)
-
-
36. A computer-readable medium having computer-readable instructions stored thereon, which, when executed by a computer perform the following steps:
-
storing a plurality of security scenarios, each security scenario being associated with one or more security settings for a plurality of access control mechanisms that control access to resources, the access control mechanisms comprising;
an authentication mechanism for authenticating various users;
an access restriction mechanism that can permit or deny access to a web site based upon an identification that is associated with a particular user; and
an access control list (ACL) of user information and the privileges that are associated with a particular resource;
accessing a stored security scenario; and
setting the security settings that are associated with an accessed security scenario.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsHoward, Michael, Multerer, Boyd C., Sellers, Timothy D., Dillingham, Lara N., Clark, Quentin J., Meijer, Ronald, Brown, Don L.
-
Primary Examiner(s)Etienne, Ario
-
Application NumberUS09/360,880Time in Patent Office1,299 DaysField of Search709/229, 709/224, 709/203, 709/219, 709/225, 709/230, 709/228, 709/248, 713/200-202US Class Current709/229CPC Class CodesH04L 63/0823 using certificates cryptogr...H04L 63/101 Access control lists [ACL]
