Data file access control
First Claim
Patent Images
1. A method of provisioning access to a data file, the method comprising:
- using one or more processors to perform at least a portion of one or more of the following acts of;
generating the data file;
generating a policy, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts, the one or more unassigned accounts not having an association with a user or an entity;
associating the policy with the data file;
embedding the policy within the data file;
associating a target user with a first unassigned account of the one or more unassigned accounts; and
communicating authentication data pertaining to the first unassigned account to the target user, the authentication data used by the target user to access the data file.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a data file and policy are generated. The policy is then associated with the data file, wherein the policy includes one or more unassigned accounts and an access control definition that defines an access permission associated with each of the one or more unassigned accounts.
-
Citations
35 Claims
-
1. A method of provisioning access to a data file, the method comprising:
-
using one or more processors to perform at least a portion of one or more of the following acts of; generating the data file; generating a policy, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts, the one or more unassigned accounts not having an association with a user or an entity; associating the policy with the data file; embedding the policy within the data file; associating a target user with a first unassigned account of the one or more unassigned accounts; and communicating authentication data pertaining to the first unassigned account to the target user, the authentication data used by the target user to access the data file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system configured to provision access to a data file, the system comprising:
-
at least one processor; and a memory in communication with the at least one processor, the memory being configured to store a file creation module and a policy creation module that are executable by the at least one processor, the file creation module having instructions, that when executed by the at least one processor, cause operations to be performed, comprising generating the data file; and a policy creation module having instructions, that when executed by the at least one processor, cause operations to be performed, comprising; creating a policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts, the one or more unassigned accounts not having an association with a user or an entity; associating the policy with the data file; and embedding the policy within the data file. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A machine-readable medium embodying instructions to provision access to a data file, the instructions, when executed by a machine, cause the machine to:
-
generate the data file; create a policy and to associate the policy with the data file, the policy including one or more unassigned accounts, one or more assigned accounts, and an access control definition defining an access permission associated with each of the one or more unassigned accounts and the one or more assigned accounts, the one or more unassigned accounts not having an association with a user or an entity and the one or more assigned accounts having an association with another user or another entity; and embed the policy within the data file. - View Dependent Claims (30, 31, 32, 33)
-
-
34. A method of provisioning access to a data file, the method comprising:
-
using one or more processors to perform at least a portion of one or more of the following acts of; associating a policy with the data file to be accessed by a target user, the policy being embedded within the data file, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts, the one or more unassigned accounts not having an association with a user or an entity; and associating the target user with a first unassigned account of the one or more unassigned accounts.
-
-
35. A computer-readable medium having stored thereon a data structure configured to provision access to a data file, the data structure comprising:
-
a first data field containing data representing one or more unassigned accounts, the one or more unassigned accounts not having an association with a user or an entity; and a second data field containing data representing an access control definition defining an access permission associated with each of the one or more unassigned accounts, wherein the first data field and the second data field are embedded in the data file.
-
Specification