Versatile access control system
First Claim
Patent Images
1. An access control system, comprising:
- multiple credential tables, each credential table associated with a corresponding proof of knowledge operation and includes one or more proof of knowledge credentials that can be proven by the associated proof of knowledge operation;
an authority table identifying a plurality of authorities, each authority associating at least one proof of knowledge operation with at least one of the multiple credential tables;
an access control element table, which identifies a plurality of access control elements, and for each access control element identifies a Boolean combination of the authorities for that access control element; and
at least one access control list, which identifies two or more access control elements by which a specific method to be executed can be authenticated.
5 Assignments
0 Petitions
Accused Products
Abstract
An access control system and method are provided, which include a plurality of authorities, a plurality of access control elements and an access control list. Each authority associates at least one of a plurality of proof of knowledge operations with at least one of a plurality of proof of knowledge credentials. Each access control element identifies a Boolean combination of at least one of the authorities. The access control list identifies one or more of the access control elements by which a method to be executed can be authenticated.
-
Citations
15 Claims
-
1. An access control system, comprising:
-
multiple credential tables, each credential table associated with a corresponding proof of knowledge operation and includes one or more proof of knowledge credentials that can be proven by the associated proof of knowledge operation; an authority table identifying a plurality of authorities, each authority associating at least one proof of knowledge operation with at least one of the multiple credential tables; an access control element table, which identifies a plurality of access control elements, and for each access control element identifies a Boolean combination of the authorities for that access control element; and at least one access control list, which identifies two or more access control elements by which a specific method to be executed can be authenticated. - View Dependent Claims (2, 3, 4)
-
-
5. An access control system comprising:
-
a method table including a plurality of methods that can be executed when a request to execute a method is authenticated, the method table identifying for each method an access control list by which a method can be authenticated; an access control list including a plurality of access control elements, an access control element table, which identifies a plurality of access control elements, and for each access control element identifies a Boolean combination of more than one authority for that access control element; and an authority table including more than one authority, where each authority associates at least one authentication operation with at least one credential; a plurality credential tables, each includes one or more authentication credentials that can satisfy the associated authentication operation; wherein the request to execute the method is allowed when an authentication operation is satisfied, where the authentication operation satisfies the Boolean combination of more than one authority identified by an access control element and where the access control element is included in an access control list indicated in a method table listing the method. - View Dependent Claims (6, 7)
-
-
8. A method comprising:
-
maintaining a plurality of credentials that can satisfy an associated authentication operation; maintaining a plurality of authorities, each authority associating at least one of a plurality of authentication operations with at least one of a plurality of authentication credentials; and maintaining a plurality of access control elements, each access control element identifying a Boolean combination of at least one of the authorities, the plurality of authorities and the plurality of access control elements being maintained within a memory associated with a device for which access is controlled; and maintaining an access control list including a plurality of access control elements. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer readable storage device comprising instructions, which when executed by a computing device cause the computing device to perform a method comprising:
-
maintaining a plurality of credentials that can satisfy an associated authentication operation; maintaining a plurality of authorities, each authority associating at least one authentication operation with at least one authentication credential that defines at least one requirement for the authentication operation to be satisfied; maintaining a plurality of access control elements, each access control element identifying a Boolean combination of the authorities that can be satisfied to authenticate a method; maintaining an access control list including a plurality of access control elements, the access control list identifying multiple access control elements by which at least one method can be authenticated; and maintaining a method table to associate a method with at least one access control element, where the method is allowed to be executed when an associated access control element is satisfied.
-
Specification