DE112010003464B4 - Modifikation von Zugangskontrolllisten - Google Patents

Modifikation von Zugangskontrolllisten Download PDF

Info

Publication number
DE112010003464B4
DE112010003464B4 DE112010003464.8T DE112010003464T DE112010003464B4 DE 112010003464 B4 DE112010003464 B4 DE 112010003464B4 DE 112010003464 T DE112010003464 T DE 112010003464T DE 112010003464 B4 DE112010003464 B4 DE 112010003464B4
Authority
DE
Germany
Prior art keywords
access control
control list
entries
server
intersection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
DE112010003464.8T
Other languages
German (de)
English (en)
Other versions
DE112010003464T5 (de
Inventor
Saheem Granados
Richard Joseph Brodfuehrer
Corey Bryant
Stanley Yan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of DE112010003464T5 publication Critical patent/DE112010003464T5/de
Application granted granted Critical
Publication of DE112010003464B4 publication Critical patent/DE112010003464B4/de
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)
DE112010003464.8T 2009-08-28 2010-08-18 Modifikation von Zugangskontrolllisten Expired - Fee Related DE112010003464B4 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12/549,955 US8250628B2 (en) 2009-08-28 2009-08-28 Dynamic augmentation, reduction, and/or replacement of security information by evaluating logical expressions
US12/549,955 2009-08-28
PCT/EP2010/062007 WO2011023606A1 (en) 2009-08-28 2010-08-18 Modification of access control lists

Publications (2)

Publication Number Publication Date
DE112010003464T5 DE112010003464T5 (de) 2012-06-14
DE112010003464B4 true DE112010003464B4 (de) 2019-05-16

Family

ID=42669472

Family Applications (1)

Application Number Title Priority Date Filing Date
DE112010003464.8T Expired - Fee Related DE112010003464B4 (de) 2009-08-28 2010-08-18 Modifikation von Zugangskontrolllisten

Country Status (6)

Country Link
US (1) US8250628B2 (enExample)
JP (1) JP5497178B2 (enExample)
CN (1) CN102473229B (enExample)
DE (1) DE112010003464B4 (enExample)
GB (1) GB2484243B (enExample)
WO (1) WO2011023606A1 (enExample)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025603B (zh) * 2009-09-17 2015-01-28 中兴通讯股份有限公司 报文发送控制的方法、系统及注册、更新的方法及系统
US8510801B2 (en) * 2009-10-15 2013-08-13 At&T Intellectual Property I, L.P. Management of access to service in an access point
US9215236B2 (en) * 2010-02-22 2015-12-15 Avaya Inc. Secure, policy-based communications security and file sharing across mixed media, mixed-communications modalities and extensible to cloud computing such as SOA
US20110321117A1 (en) * 2010-06-23 2011-12-29 Itt Manufacturing Enterprises, Inc. Policy Creation Using Dynamic Access Controls
JP5567053B2 (ja) * 2012-03-19 2014-08-06 株式会社東芝 権限変更装置、作成装置及びプログラム
US20140082586A1 (en) * 2012-08-09 2014-03-20 FatFractal, Inc. Application development system and method for object models and datagraphs in client-side and server-side applications
US9460300B1 (en) * 2012-09-10 2016-10-04 Google Inc. Utilizing multiple access control objects to manage access control
US9215075B1 (en) 2013-03-15 2015-12-15 Poltorak Technologies Llc System and method for secure relayed communications from an implantable medical device
US9477934B2 (en) * 2013-07-16 2016-10-25 Sap Portals Israel Ltd. Enterprise collaboration content governance framework
WO2015103794A1 (zh) * 2014-01-13 2015-07-16 华为技术有限公司 一种文件访问权限控制方法及装置
US10223363B2 (en) * 2014-10-30 2019-03-05 Microsoft Technology Licensing, Llc Access control based on operation expiry data
EP3236382A4 (en) 2015-02-09 2017-12-13 Huawei Technologies Co., Ltd. Method and controller for controlling application permissions
US10044718B2 (en) * 2015-05-27 2018-08-07 Google Llc Authorization in a distributed system using access control lists and groups
CN107566201B (zh) * 2016-06-30 2020-08-25 华为技术有限公司 报文处理方法及装置
CN108718320B (zh) * 2018-06-14 2021-03-30 浙江远望信息股份有限公司 一种以同类同配置物联网设备合规数据包交集形成数据包通信白名单的方法
CN108881216B (zh) * 2018-06-14 2020-12-22 浙江远望信息股份有限公司 一种以同类同配置物联网设备合规数据包并集形成数据包通信白名单的方法
WO2022170589A1 (zh) * 2021-02-10 2022-08-18 Oppo广东移动通信有限公司 Acl控制方法、装置、设备及存储介质
CN116016387B (zh) * 2023-03-10 2023-06-13 苏州浪潮智能科技有限公司 访问控制列表生效控制方法、装置、设备和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030200467A1 (en) * 2002-04-23 2003-10-23 Choy David Mun-Hien System and method for incremental refresh of a compiled access control table in a content management system
US20050259654A1 (en) 2004-04-08 2005-11-24 Faulk Robert L Jr Dynamic access control lists
US20070261102A1 (en) 2006-05-04 2007-11-08 Tony Spataro Methods and systems for specifying and enforcing access control in a distributed system
US20090055397A1 (en) 2007-08-21 2009-02-26 International Business Machines Corporation Multi-Dimensional Access Control List
US20090064342A1 (en) 2007-08-27 2009-03-05 Oracle International Corporation Sensitivity-enabled access control model

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6158010A (en) 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
EP1143665B1 (en) 1999-06-10 2007-01-03 Alcatel Internetworking, Inc. Unified policy management system and method with integrated policy enforcer
US6950819B1 (en) 1999-11-22 2005-09-27 Netscape Communication Corporation Simplified LDAP access control language system
US7185361B1 (en) 2000-01-31 2007-02-27 Secure Computing Corporation System, method and computer program product for authenticating users using a lightweight directory access protocol (LDAP) directory server
US7124132B1 (en) 2000-05-17 2006-10-17 America Online, Inc. Domain specification system for an LDAP ACI entry
US7440962B1 (en) 2001-02-28 2008-10-21 Oracle International Corporation Method and system for management of access information
US7392546B2 (en) 2001-06-11 2008-06-24 Bea Systems, Inc. System and method for server security and entitlement processing
US7356840B1 (en) 2001-06-19 2008-04-08 Microstrategy Incorporated Method and system for implementing security filters for reporting systems
US7167918B2 (en) 2001-10-29 2007-01-23 Sun Microsystems, Inc. Macro-based access control
US7024693B2 (en) 2001-11-13 2006-04-04 Sun Microsystems, Inc. Filter-based attribute value access control
AU2003239326A1 (en) 2002-05-01 2003-11-17 Bea Systems, Inc. Enterprise application platform
US7444668B2 (en) 2003-05-29 2008-10-28 Freescale Semiconductor, Inc. Method and apparatus for determining access permission
CN101039213A (zh) * 2006-03-14 2007-09-19 华为技术有限公司 一种通信网络中对用户的接入访问进行控制的方法
US20080127354A1 (en) 2006-11-28 2008-05-29 Microsoft Corporation Condition based authorization model for data access
US20090205018A1 (en) 2008-02-07 2009-08-13 Ferraiolo David F Method and system for the specification and enforcement of arbitrary attribute-based access control policies

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030200467A1 (en) * 2002-04-23 2003-10-23 Choy David Mun-Hien System and method for incremental refresh of a compiled access control table in a content management system
US20050259654A1 (en) 2004-04-08 2005-11-24 Faulk Robert L Jr Dynamic access control lists
US20070261102A1 (en) 2006-05-04 2007-11-08 Tony Spataro Methods and systems for specifying and enforcing access control in a distributed system
US20090055397A1 (en) 2007-08-21 2009-02-26 International Business Machines Corporation Multi-Dimensional Access Control List
US20090064342A1 (en) 2007-08-27 2009-03-05 Oracle International Corporation Sensitivity-enabled access control model

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ZHANG, Guangsen; PARASHAR, Manish: Context-aware Dynamic Access Control for Pervasive Applications. Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2004), 2004. URL: http://nsfcac.rutgers.edu/TASSL/Papers/automate-sesame-cnds-04.pdf [abgerufen am 8. Januar 2016] *

Also Published As

Publication number Publication date
US20110055902A1 (en) 2011-03-03
WO2011023606A1 (en) 2011-03-03
JP5497178B2 (ja) 2014-05-21
GB201201636D0 (en) 2012-03-14
JP2013503375A (ja) 2013-01-31
CN102473229A (zh) 2012-05-23
DE112010003464T5 (de) 2012-06-14
GB2484243B (en) 2015-09-30
GB2484243A (en) 2012-04-04
CN102473229B (zh) 2015-04-01
US8250628B2 (en) 2012-08-21

Similar Documents

Publication Publication Date Title
DE112010003464B4 (de) Modifikation von Zugangskontrolllisten
DE112018004411B4 (de) Zugriffssteuerung in mikrodienst-architekturen
DE112020000538B4 (de) Feinkörnige zugriffskontrolle auf token-grundlage
DE112011101357T5 (de) Dynamisches Token für den vorübergehenden Datenzugriff
DE602004012300T2 (de) Verfahren und vorrichtungen für skalierbaren sicheren fern-desktop-zugriff
DE102013222290A1 (de) System und Verfahren zur gemeinsamen Nutzung von Ermittlungsergebnisdaten
DE112016002392T5 (de) Autorisierung in einem verteilten System unter Verwendung von Zugriffssteuerungslisten und Gruppen
DE112017007393T5 (de) System und verfahren für netzwerkvorrichtungssicherheits- und vertrauenswertbestimmung
DE112017002794T5 (de) Verfahren und vorrichtung zum ausstellen eines berechtigungsnachweises für ein incident area network
WO2010026152A1 (de) Verfahren zur einräumung einer zugriffsberechtigung auf ein rechnerbasiertes objekt in einem automatisierungssystem, computerprogramm und automatisierungssystem
DE112022004921T5 (de) Sichere verteilung von richtlinien in einer cloud-umgebung
EP2718848A2 (de) Zugriffskontrolle auf in einer cloud gespeicherte daten
DE112011102224B4 (de) Identitätsvermittlung zwischen Client- und Server-Anwendungen
DE112021002201T5 (de) Datenschutzorientierte Datensicherheit in einer Cloud-Umgebung
DE112020002343T5 (de) Verteilung von Sicherheitsberechtigungsnachweisen
DE102020113257A1 (de) Policy management system zur bereitstellung von autorisierungsinformationen über den distributed data store
WO2009127479A1 (de) Verfahren und vorrichtung zum umschlüsseln bei einer verschlüsselungsbasierten zugriffskontrolle auf eine datenbank
DE202012012333U1 (de) Verwaltung einer Anwendungsausführung und eines Datenzugriffs auf einer Vorrichtung
DE112012000780B4 (de) Verarbeiten von Berechtigungsprüfungsdaten
WO2018087175A1 (de) Zugriffskontrolle auf datenobjekte
EP2639729A2 (de) Automatisches Zugriffsteuersystem zum Steuern des Zugriffs auf ein physikalisches Objekt oder des Zugangs zu einem physikalischen Objekt und Verfahren
EP3539045B1 (de) System mit zertifikat-basierter zugriffskontrolle
EP2169588A1 (de) Verfahren zur Gewährleistung von Sicherheit
DE102004046153B4 (de) Verfahren und Netzwerksystem zur Bestimmung der digitalen Reputation
WO2024213312A1 (de) Verfahren, kontrollinstanz und computerprogrammprodukt zur kontrolle eines zugriffs auf strukturierte daten oder auf funktionen einer industriellen automatisierungsanordnung

Legal Events

Date Code Title Description
R163 Identified publications notified
R012 Request for examination validly filed
R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021240000

Ipc: G06F0021300000

R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021240000

Ipc: G06F0021300000

Effective date: 20130326

R016 Response to examination communication
R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021300000

Ipc: G06F0021620000

R016 Response to examination communication
R018 Grant decision by examination section/examining division
R084 Declaration of willingness to licence
R020 Patent grant now final
R119 Application deemed withdrawn, or ip right lapsed, due to non-payment of renewal fee