[미국특허]
Access control in client-server systems
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-015/16
H04L-029/06
G06F-021/60
G06F-021/62
출원번호
US-0281053
(2011-10-25)
등록번호
US-8935398
(2015-01-13)
우선권정보
EP-00401808 (2000-06-23)
발명자
/ 주소
Ribot, Stephan
출원인 / 주소
Apple Inc.
대리인 / 주소
Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C.
인용정보
피인용 횟수 :
0인용 특허 :
17
초록▼
A telecommunications network and a method of operating the same. The network is shared by two or more organizations, the network including at least a server and a client. The server is adapted to transmit to the client a proxy communications object comprising a definition of the rights and privilege
A telecommunications network and a method of operating the same. The network is shared by two or more organizations, the network including at least a server and a client. The server is adapted to transmit to the client a proxy communications object comprising a definition of the rights and privileges of an organization to use the network. When the organization initiates a request to the server it does so via the proxy object on the client. The proxy object enables a comparison of the contents of request and the definition of the rights and privileges and enables forwarding of the request to the server only when the request and the rights and privileges granted to the requesting organization are consistent with each other. The request relates to modification of a management object maintained at a network resource, the organization having a global right to access the network resource.
대표청구항▼
1. A method of operating a server in a telecommunication network for shared use by at least two user sets, the network comprising the server and a plurality of clients, each client being associated with one of the user sets, the method comprising: generating a privilege definition object for each us
1. A method of operating a server in a telecommunication network for shared use by at least two user sets, the network comprising the server and a plurality of clients, each client being associated with one of the user sets, the method comprising: generating a privilege definition object for each user set, the privilege definition object defining at least one network use privilege of its associated user set; anddistributing, from the server to at least one client associated with a user set, at least one component of a proxy communications object, each distributed component of a proxy communications object inheriting, from the privilege definition object, a definition of the at least one network use privilege of the user set associated with the client. 2. The method of claim 1, further comprising: modifying the definition of at least one privilege at a privilege definition object for a user set; anddistributing, from the server to at least one client associated with the user set, at least one component of the modified proxy communications object, each distributed component of the modified proxy communications object inheriting, from the modified privilege definition object, a modified definition of the at least one privilege. 3. The method of claim 1 wherein the user sets are distinct organizations. 4. The method of claim 1, wherein the user sets arc distinct groups with an organization. 5. A server for a telecommunication network for shared use by at least two user sets, the network comprising the server and a plurality of clients, each client being associated with one of the user sets, the server comprising: a processor;a memory coupled to the processor;wherein the processor and the memory are configured to implement:a privilege definition generation function operable to generate a privilege definition object for each user set, the privilege definition object defining at least one network use privilege of its associated user set; anda distribution function operable to distribute, from the server to at least one client associated with a user set, at least one component of a proxy communications object, each distributed component of a proxy communications object inheriting, from the privilege definition object, a definition of the at least one network use privilege of the user set associated with the client. 6. The server of claim 5, further comprising: wherein the privilege definition function is operable to modify the definition of at least one privilege at a privilege definition object for a user set; andthe distribution function is operable to distribute, from the server to at least one client associated with the user set, at least one component of the modified proxy communications object, each distributed component of the modified proxy communications object inheriting, from the modified privilege definition object, a modified definition of the at least one privilege. 7. The server of claim 5, wherein the user sets are distinct organizations, 8. The server of claim 5, wherein the user sets are distinct groups with an organization. 9. A non-transitory computer-readable medium storing instructions executable by a processor of a server in a telecommunication network for shared use by at least two user sets, the network comprising the server and a plurality of clients, each client being associated with one of the user sets, the instructions executable to cause the server to: generate a privilege definition object for each user set, the privilege definition object defining at least one network use privilege of its associated user set; anddistribute, from the server to at least one client associated with a user set, at least one component of a proxy communications object, each distributed component of a proxy communications object inheriting, from the privilege definition object, a definition of the at least one network use privilege of the user set associated with the client. 10. The non-transitory computer-readable medium of claim 9, wherein the instructions are further executable to cause the server to: modify the definition of at least one privilege at a privilege definition object for a user set; anddistribute, from the server to at least one client associated with the user set, at least one component of the modified proxy communications object, each distributed component of the modified proxy communications object inheriting, from the modified privilege definition object, a modified definition of the at least one privilege. 11. The non-transitory computer-readable medium of claim 9, wherein the user sets are distinct organizations. 12. The non-transitory computer-readable medium of claim 9, wherein the user sets are distinct groups with an organization.
Inagaki,Iwao; Hamada,Seiji; Ohkawa,Masahiro; Zenge,Naomi; Nanba,Kaori, Client server system and method for executing an application utilizing distributed objects.
Angal Rajeev ; Allavarpu Sai V.S. ; Bhat Shivaram ; Fisher Bart Lee, Distributed system and method for controlling access to network resources and event notifications.
Bapat Subodh ; Fisher Bart Lee, System and method for restricting database access to managed object information using a permissions table that specifies access rights corresponding to user access rights to the managed objects.
Bapat Subodh ; Fisher Bart Lee, System and method for restricting database access to managed object information using a permissions table that specifies access rights to the managed objects.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.