| 摘要 |
FIELD: information technology. ^ SUBSTANCE: method for implementation of access to computer resources control policy contains steps in which: access control policy is accepted which policy includes policy statements, where policy statements are represented in policy language that abstracts the policy from at least one access verification procedure; predicates are described in policy statements to characterise primitives of access verification procedure, and from predicates, permissions are computed the format of which is proprietary for access verification procedure; access verification procedure configuration is set on the basis of computed permissions, and this configuration provides the access verification procedure with possibility to specify when to grant access; request for access to resources is accepted; and request results are submitted together with reasons - according to access control policy - for which these specific results have been submitted, where reasons are constructed form access control policy itself irrespective to access verification procedure. ^ EFFECT: more flexible configuration of access verification procedures. ^ 9 cl, 7 dwg |
