×

Enforcing universal access control in an information management system

  • US 8,464,314 B2
  • Filed: 01/11/2011
  • Issued: 06/11/2013
  • Est. Priority Date: 12/29/2005
  • Status: Active Grant
First Claim
Patent Images

1. A method of controlling document access using managed rules, the method comprising:

  • distributing a first plurality of rules to a client system from a rule database, wherein rules of the rule database comprises a conditional statement having a policy abstraction and a corresponding action that will be performed when the conditional statement is satisfied, and each policy abstraction has a corresponding definition statement stored separately from the rule,wherein the first plurality of rules distributed to the client system contain at least one expression used by the client system to perform access control for documents accessed by the client system and the at least one expression results in an allow, deny, or delegate consequence, andwherein the client system rule distributing step dynamically selects the first plurality of rules for the client system, wherein the dynamically selecting the first plurality of rules is based on a document accessible at the client system; and

    distributing a second plurality of rules to a server from the rule database,wherein the second plurality of rules distributed to the server contain at least one expression used by the server to perform access control for documents stored on the server,wherein the server rule distributing step dynamically selects the second plurality of rules for the server, andwherein rules in the rule database are maintained by a rule server.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×