System and method for ensuring security with multiple authentication schemes
First Claim
Patent Images
1. A method for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
- maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;
said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set;
connecting said user to said database manager; and
logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of;
said user connecting to said database manager;
said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;
a user exit authenticating content manager (CM) indicia of said user; and
database (DB) indicia of said user matching content manager (CM) indicia of said user.
0 Assignments
0 Petitions
Accused Products
Abstract
System for authenticating a user for logon to a content manager running on top of a database manager. A connect procedure connects the user to a database manager; and then a logon procedure logs on the user to the content manager selectively responsive to the user connecting to the database manager; the user being authenticated by a third party by way of a user exit or a trusted logon environment and privilege; or the user being authenticated by the content manager.
51 Citations
12 Claims
-
1. A method for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
-
maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; connecting said user to said database manager; and logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;a user exit authenticating content manager (CM) indicia of said user; and database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (2, 3, 4)
-
-
5. A system for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
-
one or more computer processors; and a memory containing a program which, when executed by the one or more computer processors, is configured to perform an operation comprising; a maintenance procedure for maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintenance procedure, responsive to modification of a given privilege set, for incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; a connect procedure for connecting said user to said database manager; and a logon procedure for logging on said user to said content manager selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) a third party and (ii) said content manager;a user exit authenticating content manager (CM) indicia of said user; and database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer readable storage medium containing a program of instructions which, when executed, performs an operation for authorizing access by a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, said operation comprising:
-
maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; connecting said user to said database manager; and logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;a user exit authenticating content manager (CM) indicia of said user; and
database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (10, 11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsNelson, Kenneth Carlin, Noronha, Marilene Araujo
-
Primary Examiner(s)Moazzami; Nasser
-
Assistant Examiner(s)YALEW, FIKREMARIAM A
-
Application NumberUS11/975,579Publication NumberTime in Patent Office1,398 DaysField of SearchNoneUS Class Current726/27CPC Class CodesG06F 21/31 User authenticationG06F 2221/2115 Third partyH04L 63/08 for authentication of entit...H04L 63/205 involving negotiation or de...Y10S 707/99939 Privileged access
