Invention Grant
- Patent Title: Abstracting security policy from, and transforming to, native representations of access check mechanisms
- Patent Title (中): 抽取安全策略和转换为访问检查机制的本机表示
-
Application No.: US11445778Application Date: 2006-06-02
-
Publication No.: US07882539B2Publication Date: 2011-02-01
- Inventor: Muthukrishnan Paramasivam , Charles F. Rose, III , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
- Applicant: Muthukrishnan Paramasivam , Charles F. Rose, III , Dave M. McPherson , Raja Pazhanivel Perumal , Satyajit Nath , Paul J. Leach , Ravindra Nath Pandya
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Woodcock Washburn LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; H04L29/06
Abstract:
Abstracting access control policy from access check mechanisms allows for richer expression of policy, using a declarative model with semantics, than what is permitted by the access check mechanisms. Further, abstracting access control policy allows for uniform expression of policy across multiple access check mechanisms. Proof-like reasons for any access query are provided, such as who has access to what resource, built from the policy statements themselves, independent of the access check mechanism that provide access. Access is audited and policy-based reasons for access are provided based on the access control policy.
Public/Granted literature
- US20070283411A1 Abstracting security policy from, and transforming to, native representations of access check mechanisms Public/Granted day:2007-12-06
Information query
