Caching permissions information
0 Assignments
0 Petitions
Accused Products
Abstract
A method for determining group membership in a computer system, the method comprising: obtaining an identifier that describes a member of a group, the member of a group having a member hash table that contains group membership information describing to what groups a member belongs; performing a primary search of a plurality of groups to determine if each group contains the member'"'"'s identifier, each group in the plurality having a group hash table that describes to what other groups the group belongs, caching the results of the primary search in the member hash table, for each group to which the member belongs, performing a secondary search of a plurality of groups to determine what groups contain the group to which the member belongs, and caching the results of the secondary search into the group hash table and merging the results into the member hash table, and reading the member hash table to determine group membership.
59 Citations
46 Claims
-
1-5. -5. (canceled)
-
6. A computerized method comprising:
-
searching a plurality of groups to determine which groups of the plurality comprise an identifier;
recording in a data structure a first set of groups comprising the identifier; and
for each group in the first set of groups;
recursively determining a set of parent groups of said group; and
recording in the data structure said set of parent groups. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computerized apparatus comprising:
-
logic adapted to search a plurality of groups and determine which groups of the plurality comprise an identifier;
logic adapted to record in a data structure a first set of groups comprising the identifier;
logic adapted to recursively determine a set of parent groups for each group in the first set of groups; and
logic adapted to record each set of parent groups in the data structure. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computerized system adapted to be accessed by a user, the system comprising:
-
means for searching a plurality of groups to determine which groups of the plurality comprise an identifier, said identifier uniquely corresponding to the user;
means for recording in a data structure a first set of groups comprising the identifier;
means for recursively determining a set of parent groups for each group in the first set of groups;
means for recording each set of parent groups in the data structure;
means for retrieving a second set of groups from the hash table; and
means for determining the user'"'"'s access rights based at least in part on said second set of groups.
-
-
26. For use in a computer system, a method or managing access control data, comprising:
-
determining within a plurality of groups which of said groups of the plurality comprise an identifier;
recording in a data structure a listing or representation of a first set of groups comprising the identifier; and
for each group in the first set of groups;
recursively determining a set of parent groups of said group; and
recording in the data structure a listing or representation of said set of parent groups. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method of operating a computerized system, the method being used at least in part to control access and comprising:
-
searching a plurality of groups to determine at least one group of the plurality comprising an identifier;
recording in a data structure said at least one group comprising the identifier;
determining at least one parent group of said at least one group;
recording in the data structure said at least one parent group;
thereafter accessing the data structure; and
utilizing at least one of;
(i) said at least one group comprising the identifier, and (ii) said at least one parent group, to control access to at least a portion of said computerized system. - View Dependent Claims (37, 38, 39, 40, 41)
-
-
42. A method of operating a computer system, comprising:
-
searching a plurality of groups of users of said computer system to determine at least one group of the plurality comprising a identifier;
recording in a data structure said at least one group comprising the identifier;
determining at least one parent group of said at least one group comprising the identifier; and
recording in the data structure said at least one parent group. - View Dependent Claims (43, 44, 45, 46)
-
Specification