摘要 |
PROBLEM TO BE SOLVED: To classify an object being the target of access and a subject being the main body of access in detail, and to make forcedly addable a specific limit based on the classification in the access control in a computer system. SOLUTION: A subject being the main body of access holds a capability list indicating the authority of the subject, and an object being the target of access holds an access control list indicating the condition of capability necessary for permitting the access to the object, and when at least one of the capabilities in the capability list fulfills at least one of the capability conditions necessary for the access permission in the access control list, the access to the object is permitted, and when the access to the object is permitted, the capability of the subject is forcedly changed based on the designation of the capacity compulsion defined for every object.
|