摘要 |
PROBLEM TO BE SOLVED: To provide digital security administration for data item groups. SOLUTION: Data and method items are stored on a computer system in a volume. The volume is divided into non-overlapping security zones. Each item exists in a security zone. Security rules are granted to principals where security rules apply to items in a particular zone. The security rules specify what principals have what rights, such as read, write, delete and execute to what items. Administrative rights can be delegated by principals by splitting a security zone to form two security zones. Principal having administrative rights to the security zone assign additional principals to one of the security zones while maintaining all administrative rights to the other zone. Thus principals can retain certain administrative rights to certain items while delegating administrative rights to other items to other principals. COPYRIGHT: (C)2005,JPO&NCIPI |