U.S. patents available from 1976 to present.
U.S. patent applications available from 2005 to present.

Flexible and dynamic derivation of permissions

Patent 6044466 Issued on March 28, 2000. Estimated Expiration Date: Icon_subject November 25, 2017. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Patent References

Access restriction facility method and apparatus
Patent #: 5265221
Issued on: 11/23/1993
Inventor: Miller

Access control policies for an object oriented database, including access control lists which span across object boundaries
Patent #: 5335346
Issued on: 08/02/1994
Inventor: Fabbio

Method for delegating access rights through executable access control program without delegating access rights not in a specification to any intermediary nor comprising server security
Patent #: 5649099
Issued on: 07/15/1997
Inventor: Theimer, et al.

Method and system for advanced role-based access control in distributed and centralized computer systems
Patent #: 5911143
Issued on: 06/08/1999
Inventor: Deinhart, et al.

Independent distributed database system
Patent #: 5924094
Issued on: 07/13/1999
Inventor: Sutter

Method for security shield implementation in computer system's software
Patent #: 5925126
Issued on: 07/20/1999
Inventor: Hsieh

Application and database security and integrity system and method
Patent #: 5966715
Issued on: 10/12/1999
Inventor: Sweeney, et al.

Method and apparatus for processing administration of a secured community Patent #: 5968177
Issued on: 10/19/1999
Inventor: Batten-Carew, et al.

Inventors

Application

No. 979807 filed on 11/25/1997

Examiners

Primary: Beausoliel, Robert W. Jr.
Assistant: Elmore, Stephen C.

Attorney, Agent or Firm

International Class

G06F 012/14

Abstract

A dynamic derivation mechanism is defined which enables limited permissions to be dynamically and flexibly derived for executables based upon their authenticated description. The dynamic derivation mechanism uses the authenticated description to determine the maximal permissions that individual principals can delegate to the content. A principal's maximal permissions for content define a superset of the rights that that principal will actually delegate to that content. Although the maximal permissions are derived from predefined specifications, the specifications can be sensitive to runtime state on the downloader's system or previous delegations to enable the dynamic (i.e., runtime) derivation. Multiple principals can delegate a subset of their maximal permissions for the executable content. The mechanism uses policy for combining the delegated permissions into the content's runtime permissions.

Other References

  • Yellin, "Low Level Security in Java", http://java.sun.com/sfaq/verifier.html, pp 1-12, Dec. 1996
  • Bank, "Java Security", http://www-swiss.ai.mit.edu/~jbank/javapaper.html, pp 1-11, Dec. 1995
  • Thomas, "The Navigator Java Environment: Current Security Issues", http://developer.netscape.com/docs/manuals/javasecurity.html, pp. 1-3, Jan. 1996
  • Jaeger et al., "Implementation of a Discretionary Access Control Model for Scrip-based Systems", 8th IEEE Computer Security Foundations Workshop Proceedings, pp 70-84, Jun. 1995
  • Sandhu et al., "Role-Based Access Control: A Multi-Dimensional View", IEEE 10th Annual Computer Security Applications Conference Proceedings, pp 54-62, Dec. 1994
  • Anand et al., "A Flexible Security Model for Using Internet Content", IEEE The Sixteenth Symposium on Reliable Distributed Systems Proceedings, pp 89-96, Oct. 1997
  • Unknown, "HotJava(tm): The Security Story", http://java.sun.com/sfaq/may95/security.html, pp. 1-7, May 1995
  • Trent Jaeger, Aviel D. Rubin, Atul Prakash, "Building Systems That Flexibly Control Downloaded Executable Content", USENIX Association, 6th USENIX Security Symposium, pp. 131-148
  • Nayeem Islam, Rangachari Anand, Trent Jaeger and Josyula R. Rao, "A Flexible Security System For Using Internet Content", IEEE Software, Sep./Oct. 1997, pp. 52-5
PatentsPlus Images
Enhanced PDF formats
loading...
PatentsPlus: add to cart
PatentsPlus: add to cartSearch-enhanced full patent PDF image
$9.95more info
PatentsPlus: add to cart
PatentsPlus: add to cartIntelligent turbocharged patent PDFs with marked up images
$18.95more info
 
Sign InRegister
Username  
Password   
forgot password?