首页>
外国专利>
Method and system for advanced role-based access control in distributed and centralized computer systems
Method and system for advanced role-based access control in distributed and centralized computer systems
展开▼
机译:分布式和集中式计算机系统中基于角色的高级访问控制的方法和系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method and system for registration, authorization, and control of access rights in a computer system. Access rights of subjects on objects in a computer system are controlled using parameterized role types that can be instantiated into role instances equivalent to roles or groups. The required parameters are provided by the subject of the computer system, e.g. by a person, a job position, or an organization unit. Furthermore, relative resource sets are instantiated into concrete resource sets and individual resources by using the same parameter values as for instantiating the role types. Authorization and control of access rights include capability lists providing the access rights of the subjects on the objects of a computer system on a per subject basis. Furthermore, access control lists are derived from capability lists, so that access rights of the subjects on the respective objects are provided.
展开▼