Zone based security administration for data items

Administering digital security is disclosed. Data and method items are stored on a computer system in a volume. The volume is divided up into non-overlapping security zones. Each item exists in a security zone. Security rules are granted to principals where the security rules apply to items in a par...

Full description

Saved in:
Bibliographic Details
Main Authors ANAND, SANJAY, AGARWAL, SAMEET H, NOVIK, LEV, HUDIS, IRENA, RAMAN, BALAN SETHU
Format Patent
LanguageEnglish
French
German
Published 06.06.2012
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Administering digital security is disclosed. Data and method items are stored on a computer system in a volume. The volume is divided up into non-overlapping security zones. Each item exists in a security zone. Security rules are granted to principals where the security rules apply to items in a particular zone. The security rules specify what principals have what rights; such as read, write delete and execute; to what items. Administrative rights can be delegated by principals by splitting a security zone to form two security zones. Principals who have administrative rights to the security zone assign additional principals to one of the security zones while maintaining all administrative rights to the other zone. Thus principals can retain certain administrative rights to certain items exclusively to themselves while delegating administrative rights to other items to other principals.
Bibliography:Application Number: EP20040015494