Invention Grant
US08938786B2 System and method for using a declarative approach to enforce instance based security in a distributed environment
有权
使用声明式方法在分布式环境中强制基于实例的安全性的系统和方法
- Patent Title: System and method for using a declarative approach to enforce instance based security in a distributed environment
- Patent Title (中): 使用声明式方法在分布式环境中强制基于实例的安全性的系统和方法
-
Application No.: US11622698Application Date: 2007-01-12
-
Publication No.: US08938786B2Publication Date: 2015-01-20
- Inventor: Michael Cheng , Vishwanath Venkataramappa , Tom Zhongyu Zhou
- Applicant: Michael Cheng , Vishwanath Venkataramappa , Tom Zhongyu Zhou
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: VanLeeuwen & VanLeeuwen
- Agent Jeffrey S. LaBaw
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/62
Abstract:
A system and method for using a declarative approach to enforce instance based security in a distributed environment is presented. The invention described herein includes security logic in declarative specifications that, in turn, decouples the security logic from distributed object administration logic. An access manager identifies access requirements by combining object name property keys included in a distributed object with property key specifications included in a declarative specification. In turn, the access manager compares a caller's access attributes with the access requirements to determine whether to create a distributed object instance and allow the caller to invoke a method on the distributed object instance. The access requirements may also include role specifications and method parameter specifications.
Public/Granted literature
Information query
