| 发明名称 | Method and system for securing access to configuration information stored in universal plug and play data models | ||
| 摘要 | A method and system for securing access to configuration information stored in universal plug and play data models are provided. The method includes receiving a request to operate on at least one node of a data model from a Control Point (CP), where the data model includes a plurality of nodes and each of the plurality of nodes represents configuration information, determining a role associated with the CP, determining whether the role of CP is in a recommended role list, allowing, if the role is present, the CP to operate on the at least one node, and determining, if the role is not present, whether the CP has a role appropriate for operating on the at least one node based on ACL data associated with the at least one node. Accordingly, the CP is allowed to operate on the at least one node or an error message is returned on a display of the CP. | ||
| 申请公布号 | US9355260(B2) | 申请公布日期 | 2016.05.31 |
| 申请号 | US201113809545 | 申请日期 | 2011.07.11 |
| 申请人 | Samsung Electronics Co., Ltd | 发明人 | Vedula Kiran Bharadwaj;Lee Jong-Hyo |
| 分类号 | G06F21/60;H04L12/28;H04L29/06 | 主分类号 | G06F21/60 |
| 代理机构 | The Farrell Law Firm, P.C. | 代理人 | The Farrell Law Firm, P.C. |
| 主权项 | 1. A method for securing access to configuration information stored in data models in a network environment, the method comprising: receiving, from a control point, a request to operate on at least one node of a data model; determining a role associated with the control point based on the received request; determining whether the role associated with the control point is in a recommended role list associated with the received request and then determining whether to allow the control point to operate on the at least one node of the data model; allowing, if the role associated with the control point is in the recommended role list associated with the received request, the control point to operate on the at least one node of the data model; determining, if the role associated with the control point is not in the recommended role list associated with the received request, whether the control point has a role appropriate for operating with respect to the at least one node of the data model based on Access Control List (ACL) data associated with each of the at least one node; and allowing, if the control point has a role appropriate for operating with respect to the at least one node of the data model based on the ACL data associated with each of the at least one node, the control point to operate on the at least one node of the data model. | ||
| 地址 | KR | ||