Domain access control for logging systems
First Claim
Patent Images
1. A computer implemented method of managing logging operations on a network management platform in a computer network, the method comprising:
- storing management data corresponding to a log for an object on a network user station of the computer network, wherein said management data includes an owner list for said log;
receiving an event notification of a present state of said object involving a user of said network user station;
generating a potential log report including data corresponding to said object and to said user from said event notification;
comparing said potential log report with said management data; and
when said user data is not included in said owner list, declining to record said potential log record as a part of said log for said object.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of and system for control of access to add an event notification as a log record in a computer system. Each potential log record is associated with one or more logs, each of which has one or more log owners. Grant of access to add a log record to the information in a particular log is restricted to the owner(s) of that log. A list of owners of a log can be changed from time to time, based upon present circumstances or the presence of special conditions.
23 Citations
20 Claims
-
1. A computer implemented method of managing logging operations on a network management platform in a computer network, the method comprising:
-
storing management data corresponding to a log for an object on a network user station of the computer network, wherein said management data includes an owner list for said log;
receiving an event notification of a present state of said object involving a user of said network user station;
generating a potential log report including data corresponding to said object and to said user from said event notification;
comparing said potential log report with said management data; and
when said user data is not included in said owner list, declining to record said potential log record as a part of said log for said object. - View Dependent Claims (2, 3, 4, 5, 6, 19, 20)
when said user data is not included in said owner list, adding said user data to said owner list at a selected time; and
recording said potential log report as part of said log after said selected time.
-
-
3. The method of claim 1, further comprising:
when said user data is included in said owner list, recording said potential log report as part of said log.
-
4. The method of claim 3, further comprising:
-
when said user data is included in said owner list, deleting said user data from said owner list at a selected time; and
declining to record said potential log record after the selected time as part of said log.
-
-
5. The method of claim 1, further comprising:
-
comparing a second user data of the potential log report, indicating at least one class of events, with said corresponding management data; and
when said corresponding management data is not included in the second user data, declining to record said potential log report as part of said log.
-
-
6. The method of claim 1, further comprising:
-
when said user data is not included in said potential log report, determining if at least one selected condition is present;
when the selected condition is present, adding said user data to said potential log report for a selected time interval that includes at least one time during which the selected condition is present; and
recording said potential log report as part of said log.
-
-
19. The method as recited in claim 1, wherein a central computer station of the computer network is configured to receive the event notification and one or more event notifications from the network user station and one or more other network user stations of the computer network.
-
20. The method as recited in claim 1, further comprising:
determining that said management data includes data corresponding to said object.
-
7. A computer implemented system managing logging operations on a network management platform in a computer network, the system comprising a computer that is programmed:
-
to store management data corresponding to a log for an object on a network user station of the computer network, wherein said management data includes an owner list for said log;
to receive an event notification of a present state of said object involving a user of said network user station;
to generate a potential log report including data corresponding to said object and to said user from said event notification;
to compare said potential log report with said management data; and
when said user data is not included in said owner list, to decline to record said potential log record as a part of said log for said object. - View Dependent Claims (8, 9, 10, 11, 12)
when said user data is not included in said owner list, said user data is added to said owner list at a selected time; and
said potential log report is recorded as part of said log after said selected time.
-
-
9. The system of claim 7, wherein said computer is further programmed so that:
when said user data is included in said owner list, said is recorded as a potential log report as part of said log.
-
10. The system of claim 9, wherein said computer is further programmed so that:
-
when said user data is included in said owner list, said user data is deleted from said owner list at a selected time; and
said system declines to record said potential log record after the selected time as part of said log.
-
-
11. The system of claim 7, wherein said computer is further programmed:
-
to compare a second user data of the potential log report indicating at least one class of events, with said corresponding management data; and
when said corresponding management data is not included in the second user data to decline to record said potential log report as part of said log.
-
-
12. The system of claim 7, wherein said computer is further programmed:
-
when said user data is not included in said potential log report, to determine if at least one selected condition is present;
when the selected condition is present, to add said user data to said potential log report for a selected time interval that includes at least one time during which the selected condition is present; and
to record said potential log report as part of said log.
-
-
13. A computer program product embodied in a computer usable medium, the computer program product comprising a computer readable code mechanism configured:
-
to store management data corresponding to a log for an object on a network user station of the computer network, wherein said management data includes an owner list for said log;
to receive an event notification of a present state of said object involving a user of said network user station;
to generate a potential log report including data corresponding to said object and to said user from said event notification;
to compare said potential log report with said management data; and
so that, when said user data is not included in said owner list, the product declines to record said potential log record as a part of said log for said object. - View Dependent Claims (14, 15, 16, 17, 18)
when said user data is not included in said owner list, said user data is added to said owner list at a selected time; and
said potential log report is recorded as a part of said log after said selected time.
-
-
15. The computer program product of claim 13, wherein said code mechanism is configured so that:
when said user data is included in said owner list, said is recorded as a potential log report as part of said log.
-
16. The computer program product of claim 13, wherein said code mechanism is configured so that:
-
when said user data is included in said owner list, said user data is deleted from said owner list at a selected time; and
said code mechanism declines to record said potential log record after said selected time as part of said log.
-
-
17. The computer program product of claim 13, wherein said code mechanism is configured so that:
-
to compare a second user data of the potential log report indicating at least one class of events, with said corresponding management data; and
when said corresponding management data is not included in the second user data, said code mechanism declines to record said potential log report as part of said log.
-
-
18. The computer program product of claim 13, wherein said code mechanism is configured so that:
-
when said user data is not included in said potential log report, said code mechanism determines if at least one selected condition is present;
when the selected condition is present, said code mechanism adds said user data to said potential log report for a selected time interval that includes at least one time during which the selected condition is present; and
said code mechanism records said potential log report as part of said log.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOracle America, Inc. (Oracle Corporation)
-
Original AssigneeSun Microsystems Incorporated (Oracle Corporation)
-
InventorsAngal, Rajeev, Brinnand, John P., Pagadala, Balaji V.
-
Primary Examiner(s)Lee, Thomas
-
Assistant Examiner(s)Hu, Jinsong
-
Application NumberUS09/332,270Time in Patent Office1,390 DaysField of Search707/9, 707/10, 707/2, 707/6, 707/101, 707/217, 709/201, 709/229, 709/223, 709/225, 709/228, 709/226US Class Current709/229CPC Class CodesG06F 21/6218 to a system of files or obj...G06F 2221/2101 Auditing as a secondary aspectG06F 2221/2141 Access rights, e.g. capabil...H04L 41/0233 Object-oriented techniques,...H04L 63/104 Grouping of entitiesH04L 63/1425 Traffic logging, e.g. anoma...
