Sub-tree access control in network architectures
First Claim
Patent Images
1. A system for access control in a directory by a requesting entity, comprising:
- a security user; and
a security protocol adaptation module configured to;
review a data request from the requesting entity received in a directory operations server,locate a security rule pertaining to the requesting entity,modify the data request so that the data request appears to originate from the security user if such data request modification is set forth by the located security rule, andreturn the modified data request to the directory operations server, wherein the security user comprises a security permission set that determines access control to entries in the directory.
1 Assignment
0 Petitions
Accused Products
Abstract
A logical network directory database compliant with the X.500 standard for a directory data system is disclosed. The network directory database provides a source of subscriber and service data accessible by various control and management processes that require subscriber information. The network directory database may be extensible across various communications service providers and IT domain. Further, the disclosed network directory database may be applied to new and existing services, such as, IP Multimedia Subsystem, Unlicensed Mobile Access (UMA) and other IP services.
-
Citations
34 Claims
-
1. A system for access control in a directory by a requesting entity, comprising:
-
a security user; and a security protocol adaptation module configured to; review a data request from the requesting entity received in a directory operations server, locate a security rule pertaining to the requesting entity, modify the data request so that the data request appears to originate from the security user if such data request modification is set forth by the located security rule, and return the modified data request to the directory operations server, wherein the security user comprises a security permission set that determines access control to entries in the directory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for access control in a directory by a requesting entity, comprising:
-
reviewing in a security protocol adaptation module a data request from the requesting entity received in a directory operations server; locating by the security protocol adaptation module a security rule pertaining to the requesting entity; modifying by the security protocol adaptation module the data request so that the data request appears to originate from a security user if such data request modification is set forth by the located security rule; and returning the modified data request to the directory operations server, wherein the security user has a security permission set that determines access control to entries in the directory. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
Specification