DATA ACCESS CONTROL METHOD AND SYSTEM
First Claim
1. A method comprising:
- receiving, by a computer processor of a computing system from a requestor, a request for access to specified data;
extracting, by said computer processor from said request, a requestor identification string associated with said requestor;
first verifying, by said computer processor, a match for said requestor identification string against a requestor registry;
retrieving, by said computer processor, a service requestor identification string associated with a service requesting said specified data;
second verifying, by said computer processor, a match for said service requestor identification string against a service registry;
retrieving, by said computer processor, a requestor software component operating process identification string associated with a requestor software component requesting said specified data;
third verifying, by said computer processor, a match for said requestor software component operating process identification string against a process registry;
retrieving, by said computer processor, a requestor server identification string associated with a requestor server requesting said specified data;
fourth verifying, by said computer processor, a match for said requestor server identification string against a server registry;
retrieving, by said computer processor, a requestor hardware device network address and a requestor media access control (MAC) address associated with a requestor hardware device requesting said specified data;
fifth verifying, by said computer processor, a match for said requestor hardware device network address and said requestor MAC address against a network registry;
retrieving, by said computer processor, a requestor hardware device identification string associated with said requestor hardware device requesting said specified data;
sixth verifying, by said computer processor, a match for said requestor hardware device identification string against a device registry;
generating, by said computer processor, an access point door associated with a specified logical storage room representation, said logical storage room representation comprising said specified data; and
enabling, by said computer processor based on first results of said first verifying, said second verifying, said third verifying, said fourth verifying, said fifth verifying, and said sixth verifying, access to said specified data via said access point door and said specified logical storage room representation.
1 Assignment
0 Petitions
Accused Products
Abstract
A data access control method and system. The method includes receiving by a computer processor from a requestor, a request for access to data. The computer processor extracts from the request, a requestor identification string associated with the requestor. The computer processor verifies a match for the requestor identification string, a service requestor identification string, a requestor software component operating process identification string, a requestor server identification string, a requestor hardware device network address and a requestor MAC address, and a requestor hardware device identification string against a plurality of registries. The computer processor generates an access point door associated with a specified logical storage room representation comprising the data. The computer processor enables access to the data via the access point door and the specified logical storage room representation.
34 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a computer processor of a computing system from a requestor, a request for access to specified data; extracting, by said computer processor from said request, a requestor identification string associated with said requestor; first verifying, by said computer processor, a match for said requestor identification string against a requestor registry; retrieving, by said computer processor, a service requestor identification string associated with a service requesting said specified data; second verifying, by said computer processor, a match for said service requestor identification string against a service registry; retrieving, by said computer processor, a requestor software component operating process identification string associated with a requestor software component requesting said specified data; third verifying, by said computer processor, a match for said requestor software component operating process identification string against a process registry; retrieving, by said computer processor, a requestor server identification string associated with a requestor server requesting said specified data; fourth verifying, by said computer processor, a match for said requestor server identification string against a server registry; retrieving, by said computer processor, a requestor hardware device network address and a requestor media access control (MAC) address associated with a requestor hardware device requesting said specified data; fifth verifying, by said computer processor, a match for said requestor hardware device network address and said requestor MAC address against a network registry; retrieving, by said computer processor, a requestor hardware device identification string associated with said requestor hardware device requesting said specified data; sixth verifying, by said computer processor, a match for said requestor hardware device identification string against a device registry; generating, by said computer processor, an access point door associated with a specified logical storage room representation, said logical storage room representation comprising said specified data; and enabling, by said computer processor based on first results of said first verifying, said second verifying, said third verifying, said fourth verifying, said fifth verifying, and said sixth verifying, access to said specified data via said access point door and said specified logical storage room representation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computing system comprising a computer processor coupled to a computer-readable memory unit, said memory unit comprising instructions that when enabled by the computer processor implements a verification method comprising:
-
receiving, by said computer processor from a requestor, a request for access to specified data; extracting, by said computer processor from said request, a requestor identification string associated with said requestor; first verifying, by said computer processor, a match for said requestor identification string against a requestor registry; retrieving, by said computer processor, a service requestor identification string associated with a service requesting said specified data; second verifying, by said computer processor, a match for said service requestor identification string against a service registry; retrieving, by said computer processor, a requestor software component operating process identification string associated with a requestor software component requesting said specified data; third verifying, by said computer processor, a match for said requestor software component operating process identification string against a process registry; retrieving, by said computer processor, a requestor server identification string associated with a requestor server requesting said specified data; fourth verifying, by said computer processor, a match for said requestor server identification string against a server registry; retrieving, by said computer processor, a requestor hardware device network address and a requestor media access control (MAC) address associated with a requestor hardware device requesting said specified data; fifth verifying, by said computer processor, a match for said requestor hardware device network address and said requestor MAC address against a network registry; retrieving, by said computer processor, a requestor hardware device identification string associated with said requestor hardware device requesting said specified data; sixth verifying, by said computer processor, a match for said requestor hardware device identification string against a device registry; generating, by said computer processor, an access point door associated with a specified logical storage room representation, said logical storage room representation comprising said specified data; and enabling, by said computer processor based on first results of said first verifying, said second verifying, said third verifying, said fourth verifying, said fifth verifying, and said sixth verifying, access to said specified data via said access point door and said specified logical storage room representation. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
defining, by a computer processor of a computing system, a requestor identification string associated with a requestor of data; adding, by said computer processor, said requestor identification string to a requestor registry; defining, by said computer processor, a provider identification string associated with a provider of said data; adding, by said computer processor, said provider identification string to a provider registry; defining, by said computer processor, a service identification string associated with services associated with said data; adding, by said computer processor, said service identification string to a security registry; deploying, by said computer processor, said services to a server platform; and adding, by said computer processor, results of said deploying to a server registry. - View Dependent Claims (17, 18, 19, 20)
-
Specification