Method and system for displaying and managing security information
First Claim
1. A method in a computer system for displaying allowed-to-authenticate information, the method comprising:
- receiving a selection of a security object;
retrieving allowed-to-authenticate information for the selected security object, the information identifying an entity, a resource, and an action wherein when the entity attempts to authenticate to the resource the action indicates whether to allow or deny the attempt to authenticate to the resource; and
displaying an indication of the selected security object along with the retrieved allowed-to-authenticate information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for managing security information for a domain of computer systems is provided. The security system displays security information for a selected security object, such as a user or a computer system. The security system initially retrieves security information that includes security specifications that each has the identification of an entity, a resource, and an access right for the selected security object. The security system then displays an identification of the entity and the resource along with the access right for each security specification. When the security information is stored in a security store (i.e., the main security store) by resource and, for each resource, the entities that have access rights to that resource, the security system may use an auxiliary security store to facilitate the retrieval of the security information.
9 Citations
39 Claims
-
1. A method in a computer system for displaying allowed-to-authenticate information, the method comprising:
-
receiving a selection of a security object;
retrieving allowed-to-authenticate information for the selected security object, the information identifying an entity, a resource, and an action wherein when the entity attempts to authenticate to the resource the action indicates whether to allow or deny the attempt to authenticate to the resource; and
displaying an indication of the selected security object along with the retrieved allowed-to-authenticate information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method in a computer system for maintaining security information, the method comprising:
-
providing a main security store for a domain, the main security store containing entries for resources of the domain, each entry for a resource identifying entities and an access right of each entity to the resource;
providing an auxiliary security store for the domain, the auxiliary security store containing entries for entities, each entry for an entity identifying a resource and access right of the entity to the resource;
receiving from a user a selection of a security object;
retrieving from the auxiliary security store entries relating to the selected security object; and
displaying the entities, resources, and access rights of the retrieved entries wherein the provided main security store is used when verifying access rights of an entity to a resource. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer system for displaying security information, comprising:
-
a component that receives a selection of a security object;
a component that retrieves security information for the selected security object, the security information identifying a source, a destination, and an access right wherein when the source attempts to access to the destination, the access right is used to control access to the destination; and
a component that displays an indication of the source, destination, and access right of the retrieved security information. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer system for maintaining security information, comprising:
-
a main security store for a domain, the main security store containing entries for resources of the domain, each entry for a resource identifying entities and an access right of each entity to the resource;
an auxiliary security store for the domain, the auxiliary security store containing security specifications that each identify an access right of an entity to a resource;
a component that displays entities, resources, and access rights retrieved from the auxiliary security store; and
a component that uses the main security store to verify access rights when an entity attempts to access a resource. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification