Inventors:
Richard E. Ashland - Fridley MN, US
Roland G. Clouse - Burnsville MN, US
Assignee:
Unisys Corporation - Blue Bell PA
International Classification:
H04K 1/00
H04L 9/00
H04L 9/32
G06F 7/04
G06F 17/30
G06F 15/167
G06F 15/16
G06K 9/00
US Classification:
713182, 713164, 713165, 713166, 713167, 726 2, 726 3, 726 4, 726 5, 726 16, 726 17, 726 18, 726 19, 709216, 709217, 709218, 709219
Abstract:
An improved system and method is provided for managing system-level privileges and for granting access rights to system resources within a data processing system. System-level privileges are assigned directly to individual users. In contrast, access rights are assigned to individual users and/or to groups of users using data constructs known as Access Control Records (ACRs). Each ACR associates one or more user groups and/or one or more individual users with a set of access rights. A system resource is then associated with an ACR. The users identified within the associated ACR are thereby granted access to the object using the access rights specified by the ACR. An ACR may define multiple sets of access rights, with each set of access rights being associated with one or more user groups and/or one or more individual users.