公开(公告)号：MY121581A

公开(公告)日：2006-02-28

申请号：MYPI9605519

申请日：1996-12-27

Applicant: IBM

Inventor： BENANTAR MESSAOUD ,  BLAKLEY GEORGE ROBERT III ,  COPELAND GEORGE P ,  NADALIN ANTHONY J

IPC: G06F12/14 ,  G06F1/00 ,  G06F9/42 ,  G06F9/44 ,  G06F9/46 ,  G06F21/00 ,  G06F21/24

Abstract: A SYSTEM, METHOD AND ARTICLE OF MANUFACTURE FOR CONTROLLING ACCESS TO OBJECTS IN AN INFORMATION HANDLING SYSTEM EMPLOYING OBJECT ORIENTED TECHNOLOGY, INCLUDES ONE OR MORE PROCESSORS , A MEMORY SYSTEM, ONE OR MORE I/O CONTROLLERS EACH CONTROLLING ONE OR MORE I/O DEVICES, A BUS CONNECTING THE PROCESSORS, THE MEMORY SYSTEM AND THE I/O CONTROLLERS, AN OPERATING SYSTEM CONTROLLING OPERATION OF THE PROCESSORS, THE MEMORY SYSTEM AND THE I/O CONTROLLERS, AND AN OBJECT ORIENTED CONTROL MEANS WHICH INCLUDES A BEFOREAFTER METACLASS HAVING A CONTROL ELEMENT WHICH IS USED TO CONTROL ACCESS TO OBJECTS. A SECURE METACLASS IS DEFINED TO BE A SUBCLASS OF THE BEFOREAFTER METACLASS. THE SECURE METACLASS OVERRIDES THE BEFORE METHOD TO PERFORM AUTHORIZATION CHECKING PRIOR TO METHOD DISPATCHING.

公开(公告)号：AU2003294951A1

公开(公告)日：2004-07-22

申请号：AU2003294951

申请日：2003-11-27

Applicant: IBM

Inventor： NADALIN ANTHONY J ,  WESLEY AJAMU A ,  BLAKLEY GEORGE R III ,  HINTON HEATHER M

IPC: G06F17/30 ,  G06F21/00 ,  H04L29/06 ,  H04L29/08 ,  G06F9/46

Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rely upon a trust broker for assistance in interpreting assertions. When a user requests to logoff from a domain that has initiated federated single-sign-on operations for the user at other federated domains, the domain initiates a consolidated logoff operation by requesting logoff operations at those other federated domains, which may also initiate logoff operations in a cascaded fashion to the domains at which they have initiated federated single-sign-on operations.

公开(公告)号：CA2508464A1

公开(公告)日：2004-07-15

申请号：CA2508464

申请日：2003-11-27

Applicant: IBM

Inventor： BLAKLEY GEORGE R III ,  WESLEY AJAMU A ,  NADALIN ANTHONY J ,  HINTON HEATHER M

IPC: G06F17/30 ,  G06F21/00 ,  H04L29/06 ,  H04L29/08 ,  G06F9/46

Abstract: A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign- on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. Trust proxies interpret assertions from other federated domains as necessary. Trust proxies may have a trust relationship with one or more trust brokers, and a trust proxy may rel y upon a trust broker for assistance in interpreting assertions. When a user requests to logoff from a domain that has initiated federated single-sign-on operations for the user at other federated domains, the domain initiates a consolidated logoff operation by requesting logoff operations at those other federated domains, which may also initiate logoff operations in a cascaded fashion to the domains at which they have initiated federated single-sign-on operations.