Recherche Images Maps Play YouTube Actualités Gmail Drive Plus »
Recherche avancée dans les brevets | Images de page | Historique Web | Connexion

Brevets

  

United States Patent m

Deo

lllllllllllllll

US005720033A [ii] Patent Number: 5,720,033 [45] Date of Patent: Feb. 17, 1998

[54] SECURITY PLATFORM AND METHOD
USING OBJECT ORIENTED RULES FOR
COMPUTER-BASED SYSTEMS USING
UNIX-LINE OPERATING SYSTEMS

[75] Inventor: Umesh Deo, Westerville, Ohio

[73] Assignee: Lucent Technologies Die, Murray Hill, N.J.

[21] Appl. No.: 506,531
[22] Filed: Jul. 25, 1995

Related U.S. Application Data

[63] Continuation of Ser. No. 268,603, Jun. 30,1994, abandoned.

[51] Int. CI.6 G06F 12/00

[52] U.S. CI 395/186; 395/187.01; 395/188.01;

395/614; 395/10

[58] Field of Search 395/186, 616,

395/614, 611, 612, 613, 187.01, 188.01

[56] References Cited

U.S. PATENT DOCUMENTS

4,621,321 11/1986 Boebert 365/186

5,032,979 7/1991 Hecht et al 364/DIG. 1

5,235,642 8/1993 Wobberetal 380/25

5,263,157 11/1993 Janis 395/600

5,265,221 11/1993 Miller 395/725

5,276,901 1/1994 Howell et al 395/800

5,315,657 5/1994 Abadi et al 380/25

5,335,346 8/1994 Fabbio 395/601

5,355,474 10/1994 Thuraisngham et al 395/600

5,440,739 8/1995 Becketal 365/650

5,450,593 9/1995 Howell et al 395/650

5,574,912 11/1996 Huetal 395/650

OTHER PUBLICATIONS

"A Security Model for Object-Oriented Databases", Fernandez et al., Security and Privacy, 1989 IEEE Symposium, Jul. 1989.

"A Model for Evaluation and Administration of Security in
Object-Oriented Database", Fernandez et al., IEEE Trans-
actions on Knowledge and Data Engineering, vol. 6, No. 2,
Sep. 1990.

Primary Examiner—Thomas G. Black
Assistant Examiner—Hosain T. Alam

[57] ABSTRACT

A security platform, for stand-alone or networked processors using UNIX or similar operating systems, limits access to system resources, including software and hardware, by personnel using the system and by other resources within the system. The platform implements a rules-based naming and rule convention for types of access of security interest to one or more served application programs, providing rule sets each of which associate an access type with a subject and, optionally, one or more objects to which are compared access demands made by the served application to the platform in the same form as the rule sets to determine whether the access demanded is permissible. Internal platform security is provided by limiting users who can modify the platform and its resident rules.

16 Claims, 5 Drawing Sheets

[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][table][merged small][merged small][graphic][merged small][graphic][merged small][merged small][merged small][merged small][merged small][graphic]
[graphic]
[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][graphic][merged small][merged small][merged small][graphic][merged small][merged small][merged small][graphic][merged small][graphic][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][graphic][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small]
[merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][merged small][table][merged small][merged small][merged small][merged small][graphic][merged small][graphic][merged small][graphic][merged small][merged small][merged small][merged small][merged small][merged small][merged small][graphic][merged small][merged small][subsumed][graphic][subsumed][graphic]
« PrécédentContinuer »