×

System and methods for providing dynamic authorization in a computer system

  • US 7,434,257 B2
  • Filed: 05/04/2001
  • Issued: 10/07/2008
  • Est. Priority Date: 06/28/2000
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for dynamically managing access to a resource in a computer system, the system having a client thereof requesting access to the resource from an application, the method comprising:

  • initializing a client authorization context for the client using one or more client context initialization routines;

    determining, via an application programming interface, based upon dynamic data possessed by the application and a first dynamic policy whether said client authorization context is to be updated and, if so, updating said client authorization context, wherein said first dynamic policy is tailored to said application through which the resource is accessed;

    invoking an access check routine to determine if the client represented by the client authorization context is allowed access to the resource, the application providing said dynamic data and an identifier in the client authorization context to the access check routine for comparison against access control entries;

    identifying an access control entry as a callback access control entry; and

    in response to identifying the access control entry as a callback access control entry and a match between said identifier and an identifier in the callback access control entry, automatically invoking, via said application programming interface, an application-defined dynamic access check routine that performs the access check for the client based upon said dynamic data and a second dynamic policy in the callback access control entry for the application, wherein said second dynamic policy is tailored to said application and said dynamic data includes run-time data managed by the application.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×