Method and system of access control based on a constraint controlling role assumption

In an RBAC system, a capability is defined as including an operation and an object on which the operation is to be performed. The capability is assigned to a role, which is in turn assigned to a user. Whether a user's request to perform an operation on an object should be authorized is determined based on whether a capability to perform the operation on the object is assigned to a role which is in turn assigned to the user. Further, the authorization is determined based on the evaluation of the constraint(s) attached to the role. If the evaluation result of the constraint(s) disallows the user to assume the role, the user is prohibited from performing the operation on the object even the user has such capability.

Web www.patentalert.com

< Document object model caching and validation

< Data transfer controlled by task attributes

> Memories, method of storing data in memory and method of determining memory cell sector quality

> DDR flash implementation with hybrid row buffers and direct access interface to legacy flash functions

~ 00603