首页>
外国专利>
System for providing user access control within a distributed data processing system having multiple resource managers
System for providing user access control within a distributed data processing system having multiple resource managers
展开▼
机译:用于在具有多个资源管理器的分布式数据处理系统中提供用户访问控制的系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
The method of the present invention may be utilized to provide user access control for a plurality of resource objects within a distributed data processing system having a plurality of resource managers. A reference monitor service is established and a plurality of access control profiles are stored therein. Thereafter, selected access control profile information may be communicated between the reference monitor service and a resource manager in response to an attempted access of a particular resource object controlled by that resource manager. A resource manager may utilize this communication technique to retrieve, modify, or delete a selected access control profile, as desired. Further, the resource manager may utilize this communication technique to control access to a resource object by utilizing the information contained within the access control profile to determine if the requester is authorized to access the resource object and whether or not the requester has been granted sufficient authority to take selected actions with respect to that resource object. In a preferred embodiment of the present invention, each access control profile may include access control information relating to a selected user; a selected resource object; a selected group of users; a specified level of authority associated with a selected user; a selected set of resource objects; or, a predetermined set of resource objects and a selected list of users each authorized to access at least a portion of said predetermined set of resource objects.
展开▼