MX2008001849A - Lista de control de acceso de capa doble. - Google Patents

Lista de control de acceso de capa doble.

Info

Publication number
MX2008001849A
MX2008001849A MX2008001849A MX2008001849A MX2008001849A MX 2008001849 A MX2008001849 A MX 2008001849A MX 2008001849 A MX2008001849 A MX 2008001849A MX 2008001849 A MX2008001849 A MX 2008001849A MX 2008001849 A MX2008001849 A MX 2008001849A
Authority
MX
Mexico
Prior art keywords
permissions
access control
computer resources
sets
control list
Prior art date
Application number
MX2008001849A
Other languages
English (en)
Inventor
Pedro Celis
Walter Smith
Andrew Bybee
David G De Vorchik
Tim Mckee
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of MX2008001849A publication Critical patent/MX2008001849A/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Se proporciona una capa de abstraccion para usarse por listas de control de acceso para el proceso de creacion y mantenimiento de permisos de usuario en recursos de computadora. Primero, un grupo de permisos puede ser asociado con cualquier numero de recursos de computadora. Tambien, los recursos de computadora pueden almacenar referencias a cualquier numero de grupos de permisos, y cuando se solicita el uso, los grupos de permisos son combinados en un grupo fusionado que determinar si se otorga el permiso. El nivel extra de abstraccion da como resultado una capa extra de informacion que permite a individuos, que administran permisos a recursos de computadora, la habilidad de entender el por que son un grupo. La capa extra de informacion tambien da como resultado una historia de permisos para el recurso de computadora ya que se pueden almacenar multiples referencias a grupos de permisos.
MX2008001849A 2005-08-11 2006-08-10 Lista de control de acceso de capa doble. MX2008001849A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/201,131 US20070039045A1 (en) 2005-08-11 2005-08-11 Dual layered access control list
PCT/US2006/031402 WO2007021949A2 (en) 2005-08-11 2006-08-10 Dual layered access control list

Publications (1)

Publication Number Publication Date
MX2008001849A true MX2008001849A (es) 2008-04-14

Family

ID=37744040

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2008001849A MX2008001849A (es) 2005-08-11 2006-08-10 Lista de control de acceso de capa doble.

Country Status (9)

Country Link
US (1) US20070039045A1 (es)
EP (1) EP1922625A4 (es)
JP (1) JP2009507275A (es)
KR (1) KR20080033376A (es)
CN (1) CN101506781A (es)
BR (1) BRPI0614674A2 (es)
MX (1) MX2008001849A (es)
RU (1) RU2008104859A (es)
WO (1) WO2007021949A2 (es)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI263894B (en) * 2003-10-15 2006-10-11 Hon Hai Prec Ind Co Ltd System and method for quickly getting user's permission in access control list
US7747647B2 (en) * 2005-12-30 2010-06-29 Microsoft Corporation Distributing permission information via a metadirectory
CN101755427B (zh) * 2007-04-10 2013-03-06 阿珀蒂奥有限公司 网络架构中改进的子树访问控制
US8924468B2 (en) * 2008-05-08 2014-12-30 Bang & Olufsen A/S Method and means for a multilayer access control
US20110246527A1 (en) * 2010-03-31 2011-10-06 Salesforce.Com, Inc. System, method and computer program product for associating a permission set with one or more users
US8959115B2 (en) * 2010-07-09 2015-02-17 Symantec Corporation Permission tracking systems and methods
JP2012027650A (ja) * 2010-07-22 2012-02-09 Nec Corp コンテンツ管理装置およびコンテンツ管理方法
US8990950B2 (en) * 2010-12-27 2015-03-24 International Business Machines Corporation Enabling granular discretionary access control for data stored in a cloud computing environment
US8631123B2 (en) 2011-01-14 2014-01-14 International Business Machines Corporation Domain based isolation of network ports
US8832389B2 (en) 2011-01-14 2014-09-09 International Business Machines Corporation Domain based access control of physical memory space
US8429191B2 (en) 2011-01-14 2013-04-23 International Business Machines Corporation Domain based isolation of objects
US8595821B2 (en) 2011-01-14 2013-11-26 International Business Machines Corporation Domains based security for clusters
US8375439B2 (en) 2011-04-29 2013-02-12 International Business Machines Corporation Domain aware time-based logins
US9740518B2 (en) 2012-09-12 2017-08-22 Nxp Usa, Inc. Conflict detection circuit for resolving access conflict to peripheral device by multiple virtual machines
US9904802B2 (en) * 2012-11-23 2018-02-27 Nxp Usa, Inc. System on chip
US9189643B2 (en) 2012-11-26 2015-11-17 International Business Machines Corporation Client based resource isolation with domains
US9477934B2 (en) * 2013-07-16 2016-10-25 Sap Portals Israel Ltd. Enterprise collaboration content governance framework
WO2015008112A1 (en) 2013-07-18 2015-01-22 Freescale Semiconductor, Inc. System on chip and method therefor
WO2015103794A1 (zh) * 2014-01-13 2015-07-16 华为技术有限公司 一种文件访问权限控制方法及装置
US9690719B2 (en) 2014-09-11 2017-06-27 Nxp Usa, Inc. Mechanism for managing access to at least one shared integrated peripheral of a processing unit and a method of operating thereof
WO2018068868A1 (en) * 2016-10-14 2018-04-19 Huawei Technologies Co., Ltd. Apparatus and method for tracking access permissions over multiple execution environments
US11968214B2 (en) * 2020-03-16 2024-04-23 Microsoft Technology Licensing, Llc Efficient retrieval and rendering of access-controlled computer resources
GB2596103B (en) * 2020-06-17 2022-06-15 Graphcore Ltd Dual level management
US20220114265A1 (en) * 2020-10-08 2022-04-14 Google Llc Unified viewing of roles and permissions in a computer data processing system

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5999978A (en) * 1997-10-31 1999-12-07 Sun Microsystems, Inc. Distributed system and method for controlling access to network resources and event notifications
US6279111B1 (en) 1998-06-12 2001-08-21 Microsoft Corporation Security model using restricted tokens
US6721888B1 (en) * 1999-11-22 2004-04-13 Sun Microsystems, Inc. Mechanism for merging multiple policies
US7669238B2 (en) * 2000-06-21 2010-02-23 Microsoft Corporation Evidence-based application security
US7546629B2 (en) * 2002-03-06 2009-06-09 Check Point Software Technologies, Inc. System and methodology for security policy arbitration
US20030130953A1 (en) 2002-01-09 2003-07-10 Innerpresence Networks, Inc. Systems and methods for monitoring the presence of assets within a system and enforcing policies governing assets
US20040088563A1 (en) * 2002-11-01 2004-05-06 Hogan Dirk J. Computer access authorization
US20050039001A1 (en) * 2003-07-30 2005-02-17 Microsoft Corporation Zoned based security administration for data items

Also Published As

Publication number Publication date
CN101506781A (zh) 2009-08-12
BRPI0614674A2 (pt) 2011-04-12
WO2007021949A3 (en) 2009-04-30
EP1922625A4 (en) 2012-01-25
WO2007021949A2 (en) 2007-02-22
KR20080033376A (ko) 2008-04-16
RU2008104859A (ru) 2009-08-20
EP1922625A2 (en) 2008-05-21
JP2009507275A (ja) 2009-02-19
US20070039045A1 (en) 2007-02-15

Similar Documents

Publication Publication Date Title
MX2008001849A (es) Lista de control de acceso de capa doble.
Guerin Social facilitation
CA2568096A1 (en) Networked identity framework
EP2685394A3 (en) Systems and methods for in-place records management and content lifecycle management
MX361101B (es) Tira para el suministro de un activo para el cuidado bucal y métodos para aplicar activos para el cuidado bucal.
TW200712972A (en) Security and authorization in management agents
GB2456948A (en) Data file access control
GB2434672A (en) Multiple indexing of an electric document to selectively permit access to the content and metadata thereof
WO2007005530A3 (en) Method and system for providing a secure multi-user portable database
WO2009055241A3 (en) Using social networks while respecting access control lists
BRPI0507707A (pt) interface de usuário em camadas
RU2006134030A (ru) Способ и система для создания авторизованного домена
WO2008052084A3 (en) Self-service resource provisioning having collaborative compliance enforcement
WO2010028237A3 (en) Health care data management
WO2008029393A3 (en) Method for managing simultaneous modification of database objects during development
Dinnen et al. State absence and state formation in Solomon Islands: Reflections on agency, scale and hybridity
WO2012128878A3 (en) Shared data management in software-as-a-service platform
WO2006061315A3 (en) Resource management for data storage services
WO2006052938A3 (en) Implementing application specific management policies on a content addressed storage device
RU2005120386A (ru) Система и способ для пользовательского интерфейса, обеспечивающего основанное на контакте совместное использование ресурсов
WO2007022107A3 (en) Managing and using shared digital information on a network
WO2006076684A3 (en) Loop channels
WO2011100172A3 (en) Rule-based assignment of control of peripherals of a computing device
Roughen et al. Knowledge and design in the development of public library brand identity and innovation
Sabin Matrix Architecture

Legal Events

Date Code Title Description
FA Abandonment or withdrawal