Generalized policy server
US-8935311-B2 · Jan 13, 2015 · US
Query interface to policy server
US9154489B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9154489-B2 |
| Application number | US-201313967207-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 14, 2013 |
| Priority date | Mar 10, 1997 |
| Publication date | Oct 6, 2015 |
| Grant date | Oct 6, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for custom authentication, the method comprising: storing information in memory regarding a plurality of custom-authenticated user groups, wherein each custom-authenticated user group has a dossier, wherein membership of each custom-authenticated user group is determined based on a user dossier and the dossier of the custom-authenticated user group, and wherein the user dossier and the dossier of the custom-authenticated user group are a list of attribute-value pairs; receiving an access request sent over a communication network from a user of a client device, wherein the access request includes authentication information from the user dossier, and wherein the access request is a SQL (structured query language) query; identifying that the access request is associated with a custom-authenticated user group; evaluating the access request with the dossier of the requested customer-authenticated user group; determining that the authentication information in the access request does not meet the requirements of the dossier associated with the requested customer-authenticated user group, wherein the requirements of the dossier associated with the requested custom-authenticated user group includes additional information not provided by the user in the access request; generating a query to one or more databases to obtain additional information to complete the dossier for the user, wherein the completed dossier for the user satisfies the requirements associated with the dossier of the requested customer-authenticated user group; and assigning an access status for the user based on the completed dossier for the user. 2. The method of claim 1 , wherein the user access status permits the user access to the requested customer-authenticated user group. 3. The method of claim 1 , wherein the user access status denies the user access to the requested customer-authenticated user group. 4. The method of claim 1 , wherein the determining that the access request does not meet the requirements of the dossier associated with the requested customer-authenticated user group includes identifying what additional information is required from the user to meet the requirements of the dossier. 5. The method of claim 4 , further comprising requesting the user for additional information required to meet the requirements of the dossier of the requested customer-authenticated user group. 6. The method of claim 5 , wherein the additional information may be provided by the user on the client device.
Assignees
Inventors
Classifications
- H04L63/105Primary
Multiple levels of security · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
where protection concerns the structure of data, e.g. records, types, queries · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9154489B2 cover?
- A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each informa…
- Who is the assignee on this patent?
- Dell Software Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/105. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 06 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).