| 发明名称 | Method, an apparatus, a computer system, a security component and a computer readable medium for defining access rights in metadata-based file arrangement | ||
| 摘要 | The invention relates to a method for a computer system storing electronic objects being defined by metadata items. The method comprises deriving access rights from one or more security components originating from respective metadata items of at least one object, and determining the effective access rights for the object by means of the security components. The invention also relates to a method for a computer system storing electronic objects being defined by metadata items, wherein access rights for an object are determined by means of one or more pseudo-users. The invention also relates to an apparatus, a computer system and a computer readable medium comprising a computer program stored therein for carrying out the methods. | ||
| 申请公布号 | US9576148(B2) | 申请公布日期 | 2017.02.21 |
| 申请号 | US201514608738 | 申请日期 | 2015.01.29 |
| 申请人 | M-FILES OY | 发明人 | Laitkorpi Markku;Nivala Antti;Lepola Juha;Metsapelto Ari;Partanen Timo |
| 分类号 | G06F17/30;G06F21/62 | 主分类号 | G06F17/30 |
| 代理机构 | Ware, Fressola, Maguire & Barber LLP | 代理人 | Ware, Fressola, Maguire & Barber LLP |
| 主权项 | 1. A method for a dynamic content management system comprising a metadata-based folder hierarchy, said dynamic content management system storing electronic objects being defined by metadata having at least one property with a value, wherein at least one property of the metadata of an electronic object defines an access right for said electronic object, the method comprising: determining effective access rights for a first electronic object by determining one or more other electronic objects being referred to by a metadata value of said first electronic object;retrieving security components of said one or more other electronic objects being referred to by the metadata value of said first electronic object;processing the security components of said one or more other electronic objects according to a predefined set of rules; andpropagating the access right of the first electronic object by the security components to be the effective access rights for the first electronic object; identifying a person having access rights for the first electronic object by resolving a person identity from a property value of an object, which property value is indicated by a pseudo-user, wherein a pseudo-user comprises at least a first metadata item and a second metadata item, wherein the first metadata item indicates the object where the user identity can be retrieved, and wherein the second metadata item indicates a property in said object, the value of which property contains the person identity of a person being authorized to access said electronic object. | ||
| 地址 | Tampere FI | ||