×

Document access control

  • US 7,627,569 B2
  • Filed: 06/30/2005
  • Issued: 12/01/2009
  • Est. Priority Date: 06/30/2005
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method comprising:

  • associating, by a computer system, a user with a first set of aliases, each alias in the first set representing a group of one or more members including the user, the user being associated with the first set of aliases prior to a user request pertaining to a document, wherein associating the user with the first set of aliases comprises mapping the user to aliases in which the user is either a direct or indirect member;

    associating, by the computer system, the document with a second set of aliases, each alias in the second set representing a group of one or more members having access to the document, wherein associating the document with the second set of aliases comprises mapping the document to an access control list;

    upon receiving the user request pertaining to the document, determining whether the first set of aliases associated with the user and the second set of aliases associated with the document have an alias in common by intersecting the first set of aliases associated with the user and the second set of aliases associated with the document without recursively analyzing the first and second sets of aliases;

    granting the user access to the document using the computer system if the first and second set of aliases have an alias in common; and

    denying the user access to the document using the computer system if the first and second sets of aliases do not have an alias in common; and

    taking an action on the first set of aliases when the user is added to or removed from an alias or when an alias containing the user is added to or removed from another alias, the action comprising at least one of invalidating, recomputing and modifying the first set of aliases.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×