CA2368000A1 - Systeme de securite informatique - Google Patents
Systeme de securite informatique Download PDFInfo
- Publication number
- CA2368000A1 CA2368000A1 CA002368000A CA2368000A CA2368000A1 CA 2368000 A1 CA2368000 A1 CA 2368000A1 CA 002368000 A CA002368000 A CA 002368000A CA 2368000 A CA2368000 A CA 2368000A CA 2368000 A1 CA2368000 A1 CA 2368000A1
- Authority
- CA
- Canada
- Prior art keywords
- entity
- security
- gpe
- access
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/06—Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
Selon cette invention, un moteur de politique générique (GPE) utilise un langage vérifiable, du type de Scheme, pour générer des politiques de sécurité allant des modèles classiques hiérarchiques aux modèles modernes commerciaux. Le moteur GPE offre aux concepteurs de systèmes des points d'entrée de sécurité bien connus, une définition générique d'un "objet" et un moyen pour manipuler ces objets en termes de politique de sécurité. La nature centralisée du système permet d'expérimenter différentes politiques de sécurité de façon rapide et économique.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12448799P | 1999-03-15 | 1999-03-15 | |
US60/124,487 | 1999-03-15 | ||
PCT/CA2000/000276 WO2000056027A1 (fr) | 1999-03-15 | 2000-03-15 | Systeme de securite informatique |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2368000A1 true CA2368000A1 (fr) | 2000-09-21 |
Family
ID=22415169
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002368000A Abandoned CA2368000A1 (fr) | 1999-03-15 | 2000-03-15 | Systeme de securite informatique |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1159812A1 (fr) |
AU (1) | AU3266900A (fr) |
CA (1) | CA2368000A1 (fr) |
WO (1) | WO2000056027A1 (fr) |
Families Citing this family (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7290266B2 (en) | 2001-06-14 | 2007-10-30 | Cisco Technology, Inc. | Access control by a real-time stateful reference monitor with a state collection training mode and a lockdown mode for detecting predetermined patterns of events indicative of requests for operating system resources resulting in a decision to allow or block activity identified in a sequence of events based on a rule set defining a processing policy |
US7523484B2 (en) | 2003-09-24 | 2009-04-21 | Infoexpress, Inc. | Systems and methods of controlling network access |
US20050198283A1 (en) * | 2004-01-07 | 2005-09-08 | Sundaresan Ramamoorthy | Managing a network using generic policy definitions |
US8181219B2 (en) | 2004-10-01 | 2012-05-15 | Microsoft Corporation | Access authorization having embedded policies |
KR20060050768A (ko) * | 2004-10-01 | 2006-05-19 | 마이크로소프트 코포레이션 | 액세스 인가 api |
US7818781B2 (en) | 2004-10-01 | 2010-10-19 | Microsoft Corporation | Behavior blocking access control |
US8045958B2 (en) | 2005-11-21 | 2011-10-25 | Research In Motion Limited | System and method for application program operation on a wireless device |
EP1788505A1 (fr) * | 2005-11-21 | 2007-05-23 | Research In Motion Limited | Méthode et système pour l'opération d'une application dans un appareil portatif |
US7890315B2 (en) | 2005-12-29 | 2011-02-15 | Microsoft Corporation | Performance engineering and the application life cycle |
US7818788B2 (en) | 2006-02-14 | 2010-10-19 | Microsoft Corporation | Web application security frame |
US7712137B2 (en) | 2006-02-27 | 2010-05-04 | Microsoft Corporation | Configuring and organizing server security information |
EP1826944B1 (fr) | 2006-02-27 | 2009-05-13 | Research In Motion Limited | Procédé de personnalisation d'une politique IT standardisée |
US8201215B2 (en) | 2006-09-08 | 2012-06-12 | Microsoft Corporation | Controlling the delegation of rights |
US8095969B2 (en) | 2006-09-08 | 2012-01-10 | Microsoft Corporation | Security assertion revocation |
US7814534B2 (en) | 2006-09-08 | 2010-10-12 | Microsoft Corporation | Auditing authorization decisions |
US8060931B2 (en) | 2006-09-08 | 2011-11-15 | Microsoft Corporation | Security authorization queries |
US8656503B2 (en) | 2006-09-11 | 2014-02-18 | Microsoft Corporation | Security language translations with logic resolution |
US8938783B2 (en) | 2006-09-11 | 2015-01-20 | Microsoft Corporation | Security language expressions for logic resolution |
US20090070853A1 (en) * | 2007-09-12 | 2009-03-12 | International Business Machines Corporation | Security Policy Validation For Web Services |
US8898304B2 (en) * | 2012-07-11 | 2014-11-25 | Ca, Inc. | Managing access to resources of computer systems using codified policies generated from policies |
-
2000
- 2000-03-15 WO PCT/CA2000/000276 patent/WO2000056027A1/fr not_active Application Discontinuation
- 2000-03-15 AU AU32669/00A patent/AU3266900A/en not_active Abandoned
- 2000-03-15 EP EP00910452A patent/EP1159812A1/fr not_active Withdrawn
- 2000-03-15 CA CA002368000A patent/CA2368000A1/fr not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
AU3266900A (en) | 2000-10-04 |
EP1159812A1 (fr) | 2001-12-05 |
WO2000056027A1 (fr) | 2000-09-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Hu et al. | Assessment of access control systems | |
Wallach et al. | Extensible security architectures for Java | |
Gray et al. | D’Agents: Security in a multiple-language, mobile-agent system | |
Gladney | Access control for large collections | |
Zurko et al. | A user-centered, modular authorization service built on an RBAC foundation | |
Samarati et al. | Access control: Policies, models, and mechanisms | |
CA2368000A1 (fr) | Systeme de securite informatique | |
US7591003B2 (en) | Security policies in trusted operating system | |
CN112738194A (zh) | 一种安全运维管理的访问控制系统 | |
Moffett | Delegation of authority using domain-based access rules | |
Gutmann | The Security Architecture | |
Lang et al. | Developing secure distributed systems with CORBA | |
Neumann | Architectures and formal representations for secure systems | |
Bidan et al. | Security benefits from software architecture | |
Montanari et al. | Flexible security policies for mobile agent systems | |
Summers | An overview of computer security | |
Lee | Essays about computer security | |
Zeleznik | Security design in distributed computing applications | |
Karjoth | An operational semantics of Java 2 access control | |
Feustel et al. | The DGSA: unmet information security challenges for operating system designers | |
Casey Jr et al. | A secure distributed operating system. | |
Maamir et al. | Adding flexibility in information flow control for object-oriented systems using versions | |
Gutmann | The design and verification of a cryptographic security architecture | |
Nicomette et al. | A multilevel security model for distributed object systems | |
National Computer Security Center (US) | Trusted network interpretation of the trusted computer system evaluation criteria |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FZDE | Discontinued |