×

Definition of low-level security rules in terms of high-level security concepts

  • US 7,346,921 B2
  • Filed: 04/30/2001
  • Issued: 03/18/2008
  • Est. Priority Date: 04/30/2001
  • Status: Expired due to Fees
First Claim
Patent Images

1. One or more computer-readable media comprising computer-executable instructions that, when executed by a processor, direct a the processor to perform acts including:

  • receiving a request to perform an operation;

    checking whether to access a business logic module in order to generate a result for the requested operation, wherein the business logic module contains problem-solving logic that produces solutions for a particular problem domain, and wherein the business logic module employs interaction-based definitions in which a component which performs an operation associated with the request is defined by a series of request-response interaction definitions that can be satisfied to perform the operation;

    obtaining, from the business logic module, a set of zero or more additional tests to be performed in order to generate the result;

    performing each additional test in the set of tests if there is at least one test in the set of tests;

    checking a set of pluggable rules to determine the result of the requested operation; and

    returning, as the result, a failure indication if checking the business logic module or checking the set of pluggable rules indicates that the result is a failure, otherwise returning, as the result, a success indication,wherein the set of pluggable rules includes a plurality of permission assignment objects, wherein each of the permission assignment objects associates a user with a particular role, wherein each particular role is associated with one or more permissions, and wherein each of the one or more permissions identifies a particular operation and context on which the operation is to be performed.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×