Processing

Please wait...

Settings

Settings

Goto Application

1. GB2301912 - Security for computer system resources

Office United Kingdom
Application Number 9511730
Application Date 09.06.1995
Publication Number 2301912
Publication Date 02.08.1995
Publication Kind A
IPC
G06F 1/00
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
1Details not covered by groups G06F3/-G06F13/82
G06F 9/46
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
G06F 12/14
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
14Protection against unauthorised use of memory
G06F 21/62
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
62Protecting access to data via a platform, e.g. using keys or access control rules
CPC
G06F 9/468
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
468Specific access rights for resources, e.g. using capability register
G06F 12/1483
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
14Protection against unauthorised use of memory ; or access to memory
1458by checking the subject access rights
1483using an access-table, e.g. matrix or list
G06F 21/6218
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
62Protecting access to data via a platform, e.g. using keys or access control rules
6218to a system of files or objects, e.g. local or distributed file system or database
Y10S 707/99939
YSECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
10TECHNICAL SUBJECTS COVERED BY FORMER USPC
STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
707Data processing: database and file management or data structures
99931Database or file accessing
99939Privileged access
Applicants IBM
Inventors LEWIS JONATHAN RHYS
Priority Data 9511730 09.06.1995 GB
Title
(EN) Security for computer system resources
Abstract
(EN)
Provided is a scheme for implementing flexible control of subject authorizations (i.e. the authorizations which users or processes have) to perform operations in relation to computer resources. The methods, computer systems and authorization facilities which are provided by the invention enhance the security provisions of operating systems which have only very limited authorization facilities, by mapping the available operating system permissions to specified resource authorities for each of a set of aspects or characteristics of a computer system resource, to provide authorisation files, 130. Thus, the standard operating system permissions (e.g. read, write, execute) can have different meanings for different resource aspects, and an individual subject can have separate authorisation levels set for the different resource aspects. The mappings between authorities and the available permissions may be different for different types of resource.

Also published as
Other related publications