发明名称 |
Method and system for group access control in a data processing system library. |
摘要 |
<p>A method and system for controlling access by groups of users to multiple objects stored within a data processing system implemented library wherein each object has an access list associated therewith explicitly listing individual users permitted access to that object. A group identification is established which encompasses all users within the data processing system, a selected subset of users with the data processing system, or a single selected user and his or her designated affinity users or proxies. The group identification is then listed within an associated access list for a- particular object and upon an attempted access of the particular object by a user not listed explicitly within the associated access list, a determination is made as to whether or not that user is listed within a group identification which is permitted access. In one embodiment of the present invention selected objects and users each have associated therewith a clearance level and access to a selected object by a particular user listed within a group identification may be denied if that particular user's clearance level does not meet or exceed the clearance level of the selected object. <IMAGE></p> |
申请公布号 |
EP0547990(A1) |
申请公布日期 |
1993.06.23 |
申请号 |
EP19920480172 |
申请日期 |
1992.11.19 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
HOWELL, WILLIAM EDWARD;REDDY, HARI NUKALAPATI;WANG, DIANA S. |
分类号 |
G06F12/00;G06F1/00;G06F12/14;G06F17/30;G06F21/00;G06F21/24 |
主分类号 |
G06F12/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|