Methods and apparatus for scoped role-based access control

a role-based access control and scope technology, applied in the field of information technology (it) systems, can solve problems such as the inability to distinguish roles across organizations

Inactive Publication Date: 2008-01-03
IBM CORP
View PDF14 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0011]The embodiments of the present invention provide a scoped role-based access control system, in which a role is associated with multiple sets of permissions and multiple resources are bound to a permission set. A scope is created to associate subjects

Problems solved by technology

However, there are drawbacks with the traditional RBAC system, especially in large distributed systems because subjects with the same role always have the same set of permissions against

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Methods and apparatus for scoped role-based access control
  • Methods and apparatus for scoped role-based access control
  • Methods and apparatus for scoped role-based access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017]As will be illustrated in detail below, the embodiments of the present invention introduce techniques for providing scoped role-based access control of a resource by a subject in an access control system.

[0018]Referring initially to FIG. 1 a diagram illustrates a conventional RBAC system. Subject-1102 and Subject-2104 are assigned a role 106 for access to specific resources. Role 106 is assigned to a specific set of permissions 108, and the specific resources 110 are bound to this set of permissions 108.

[0019]Referring now to FIG. 2, a diagram illustrates a scoped RBAC system, according to an embodiment of the present invention. A role 202 is associated with multiple permission sets 204, 206. Then a scope is created to associate a set of resources 208, 210 with permission set 204. In the embodiment of FIG. 2, two such scopes are shown, in that resource 212 is associated with permission set 206. This scope conveys the permission a subject has when accessing the resource under t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Methods and apparatus for providing role-based access control of a resource by a subject in an access control system are provided. The system comprises one or more roles capable of association with one or more subjects, and a plurality of permission sets. One or more of the plurality of permission sets are associated with each of the one or more roles. The system further comprises a plurality of resources. One or more of the plurality of resources are associated with each of the one or more permission sets, and each of the plurality of resources is associated with a set of one or more subjects. A given subject in a set of one or more subjects for a given resource and having a role-permission association with the given resource is provided access control of the given resource.

Description

CROSS REFERENCE TO RELATED APPLICATIONS[0001]This application is related to: the U.S. Patent Application Attorney Docket No. YOR920060467US1, entitled “Methods and Apparatus for Composite Configuration Item Management in Configuration Management Database;” the U.S. Patent Application Attorney Docket No. YOR920060468US1, entitled “Methods and Apparatus for Global Service Management of Configuration Management Databases;” the U.S. Patent Application Attorney Docket No. YOR920060469US1, entitled “Methods and Apparatus for Automatically Creating Composite Configuration Items in Configuration Management Database;” and the U.S. Patent Application Attorney Docket No. YOR920060478US1, entitled “Methods and Apparatus for Managing Configuration Management Database via Composite Configuration Item Change History” which are filed concurrently herewith and incorporated by reference herein.FIELD OF THE INVENTION[0002]The present invention relates to information technology (IT) systems and, more p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F17/30
CPCG06F21/6209H04L63/102G06F2221/2141
Inventor CORLEY, CAROLE RHOADSLOBO, JORGEVASSBERG, LORRAINE PHYLLISWANG, XIPING
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap