Unlock instant, AI-driven research and patent intelligence for your innovation.

Zoned based security administration for data items

A project and regional technology, applied in the direction of electronic digital data processing, secure communication devices, computer security devices, etc., can solve the problems of restricting digital data access, rough granularity, and unable to restrict access to social security numbers

Inactive Publication Date: 2010-09-29
MICROSOFT TECH LICENSING LLC
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A disadvantage of column-based security clearance assignment is that it may be too coarse-grained for some applications
For example, although most numeric data representing digital address book entries in columns is appropriate for general access, it may be desirable to restrict access to certain numeric data, such as social security numbers or other types of sensitive information
Still, when assigning an ACL to an entire column, the security permissions cannot vary between different items in the column
Therefore, it may not be possible to restrict access to social security numbers without similarly restricting access to addresses and phone numbers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Zoned based security administration for data items
  • Zoned based security administration for data items
  • Zoned based security administration for data items

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The invention extends to methods, systems and computer program products for zone-based secure management of data items. In one embodiment, a computer system determines security permissions for at least a portion of data items included in a secure area. Specify that part of the data item by an element path, eliminating the need to apply security rules at the cell level. In another embodiment of the invention, the computer system delegates administrative rights (ie, the ability to change the security of at least a portion of a data item) to a subject. Each item resides in one of the at least one non-overlapping regions. Since each item is within a region, administrative rights can be delegated at an appropriate granularity, finer than an entire database table, but coarse enough so that delegation does not need to be made per item.

[0022] Referring now to FIG. 1 , an exemplary environment in which aspects of the invention may be practiced is shown. FIG. 1 shows a netw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Administering digital security is disclosed. Data and method items are stored on a computer system in a volume. The volume is divided up into non-overlapping security zones. Each item exists in a security zone. Security rules are granted to principals where the security rules apply to items in a particular zone. The security rules specify what principals have what rights; such as read, write delete and execute; to what items. Administrative rights can be delegated by principals by splitting a security zone to form two security zones. Principals who have administrative rights to the security zone assign additional principals to one of the security zones while maintaining all administrative rights to the other zone. Thus principals can retain certain administrative rights to certain items exclusively to themselves while delegating administrative rights to other items to other principals.

Description

technical field [0001] The present invention generally relates to the field of data security, in particular to the security management of data item groups Background technique [0002] When processing information, it is often desirable to restrict access to a particular portion of the information so that the particular portion is only accessible to certain authorized users. When information is contained in physical documents (eg, printed books or ledgers), these documents can be protected with physical access controls such as locks and document custodians. However, in today's world, vast amounts of information are stored in the form of digital data. Digital data is easily created, modified, copied, transferred, and deleted, which has resulted in the proliferation of large amounts of digital data that exist in numerous locations. Similar to physical documents, it is often desirable to restrict access to portions of digital data. However, the sheer volume of digital data an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/00G06F21/24G06F12/00G06F12/14G06F15/00G06F21/00G06F21/20
CPCG06F2221/2145G06F21/6218G06F2221/2141G06F12/14G06F15/00
Inventor I·胡迪斯L·诺维克S·阿南德S·H·阿加瓦尔B·S·拉曼
Owner MICROSOFT TECH LICENSING LLC
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com