Distributed administration of access to information
First Claim
1. A graphical user interface for an access control system that controls access by users to information resources according to an access policy that is defined using definitions of user subsets of the users made explicitly for access control, definitions of information subsets of the information resources made explicitly for access control, and explicit access policy definitions indicating which user subsets may access which information subsets, the graphical user interface comprising:
- a display upon which is displayed a list of previously-defined user subsets, a list of previously-defined information subsets, and a list of previously-defined access policies, and at least an indication of a create access policy operation; and
a selection device for selecting a user subset from the list thereof, an information subset from the list thereof, and the indication of the create access policy operation, the access control system responding to the selection of the user subset, the information subset, and the indication of the create access policy operation by defining a new access policy for the selected user subset and the selected information subset.
17 Assignments
0 Petitions
Accused Products
Abstract
A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter use a local copy of an access control data base to determine whether an access request made by a user. Changes made by administrators in the local copies are propagated to all of the other local copies. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to of access policies which define access in terms of the user groups and information sets. The rights of administrators are similarly determined by administrative policies. Access is further permitted only if the trust levels of a mode of identification of the user and of the path in the network by which the access is made are sufficient for the sensitivity level of the information resource. If necessary, the access filter automatically encrypts the request with an encryption method whose trust level is sufficient. The first access filter in the path performs the access check and encrypts and authenticates the request; the other access filters in the path do not repeat the access check.
-
Citations
15 Claims
-
1. A graphical user interface for an access control system that controls access by users to information resources according to an access policy that is defined using definitions of user subsets of the users made explicitly for access control, definitions of information subsets of the information resources made explicitly for access control, and explicit access policy definitions indicating which user subsets may access which information subsets, the graphical user interface comprising:
-
a display upon which is displayed a list of previously-defined user subsets, a list of previously-defined information subsets, and a list of previously-defined access policies, and at least an indication of a create access policy operation; and
a selection device for selecting a user subset from the list thereof, an information subset from the list thereof, and the indication of the create access policy operation, the access control system responding to the selection of the user subset, the information subset, and the indication of the create access policy operation by defining a new access policy for the selected user subset and the selected information subset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15)
an indication of a delete access policy operation; and
the selection device further selects an access policy from the list thereof and the indication of the delete access policy operation, the access control system responding to the selection of the access policy and the indication of the delete access policy operation by deleting the selected access policy from the list thereof.
-
-
3. The graphical user interface set forth in claim 1 wherein each access policy specifies one of a plurality of access types and the user interface further comprises:
-
indications in the access policies on the list of their access types and an indication of a change access type operation; and
the selection device further selects an access policy on the list thereof and the indication of the change access type operation, the access control system responding to the selection of the access policy and the selection of the indication of the change access type operation by changing the access type of the selected access policy as specified by the indication of the change access type operation.
-
-
4. The graphical user interface set forth in any one of claims 1 through 3 wherein:
-
a user subset may itself have user subsets and an information subset may itself have information subsets; and
the list of user subsets shows the subset relationships among user subsets and the list of information subsets shows the subset relationships among the information subsets.
-
-
5. The graphical user interface set forth in any one of claims 1 through 3, the graphical user interface further comprising:
an indication of an evaluate operation, the access control system responding to a selection of a user subset and a selection of the indication of the evaluate operation by the selection device by indicating the information subsets in the list thereof that the selected user subset may and/or may not access.
-
6. The graphical user interface set forth in claim 5 wherein:
the access control system further responds to the selection of the user subset and the selection of the indication of the evaluate operation by the selection device by indicating the policies in the list thereof that apply to the selected user subset.
-
7. The graphical user interface set forth in any one of claims 1 through 3 the graphical user interface further comprising:
-
an indication of an evaluate operation, the access control system responding to a selection of an information subset and a selection of the indication of the evaluate operation by the selection device by indicating the user subsets in the list thereof that may and/or may not access the selected information subset.
-
-
8. The graphical user interface set forth in claim 7 wherein:
the access control system further responds to the selection of the information subset and the selection of the indication of the evaluate operation by the selection device by indicating the policies in the list thereof that apply to the selected information subset.
-
9. The graphical user interface set forth in any one of claims 1 through 3, the graphical user interface further comprising:
-
an indication of an evaluate operation, the access control system responding to a selection of an access policy from the list thereof and a selection of the indication of the evaluate operation by the selection device by indicating the user subsets and information subsets in the lists thereof to which the selected policy applies.
-
-
10. A data storage device for use in a system including a processor, the data storage device being characterized in that:
the data storage device contains code which, when executed in the processor, implements the graphical user interface set forth in any one of claims 1 through 3.
-
12. The graphical user interface set forth in claim 1 wherein:
-
the display further displays a list of objects;
the administration operation is an add object operation; and
the selection device further selects an object from the list thereof, the administrative access control system responding to the selection of the object and the add object operation by adding the object.
-
-
13. The graphical user interface of either claim 1 or 2 wherein:
the objects are in the alternative user subsets, information subsets of information resources, and available resources.
-
14. The graphical user interface of either claim 1 or 2 wherein:
the appearance of an object on the list indicates whether the user may administer the object.
-
15. A data storage device for use in a system including a processor, the data storage device being characterized in that:
the data storage device contains code which, when executed in the processor, implements the graphical user interface set forth in either claim 1 or claim 2.
-
11. A graphical user interface for an administrative access control system that permits a user who belongs to an administrative subset of users to administer a set of objects according to an administrative policy that is defined using an explicit definition of the set of objects and an explicit definition of the administrative subset,
the graphical user interface comprising: -
a display upon which is displayed a list which indicates the set of objects that may be administered by the user according to the administrative policy and an indication of an administration operation; and
a selection device for selecting an object from the list thereof and the indication of the administration operation, the administrative access control system responding to the selection of the object and the indication of the administration operation by performing the administration operation with regard to the object.
-
Specification