首页> 外国专利> Information security profile and policy system

Information security profile and policy system

机译：信息安全概况和政策体系

页面导航

摘要
著录项
相似文献

摘要

A method for providing access to protected information comprises the steps of defining a security profile and policy for each item of protected information, defining a security access level for each potentially valid requester of the information, positively identifying a requester as a valid requester, validating a valid requester's security access profile with the security level of the protected information, and implementing the security policy for the protected information, so that a positively identified valid requester is provided with the appropriate access, while requests made by requesters lacking positive identification or the appropriate security level are treated in accordance with the security policy therefore. Pseudo identifiers may be used to request information, which are treated as lists of tasks rather than addresses. When an unauthorised requester is identified, substitute information may be provided so that they are not aware that their unauthorised status has been detected. A client identification key may be used, which may include configuration information of the client computer. Temporary files may be created for transmitting protected information to the client.

机译：一种提供对受保护信息的访问的方法，包括以下步骤：为每项受保护信息定义一个安全配置文件和策略;为该信息的每个潜在有效请求者定义一个安全访问级别;将一个请求者肯定地标识为一个有效请求者;对一个请求者进行身份验证。具有受保护信息的安全级别的有效请求者的安全访问配置文件，并实施受保护信息的安全策略，以便为肯定标识的有效请求者提供适当的访问权限，而由请求者提出的请求缺少肯定标识或适当的安全性因此，将根据安全策略来处理级别。伪标识符可用于请求信息，这些信息被视为任务列表而不是地址。当识别出未经授权的请求者时，可以提供替代信息，以使他们不知道已检测到其未经授权的状态。可以使用客户端标识密钥，其可以包括客户端计算机的配置信息。可以创建临时文件以将受保护的信息传输到客户端。

著录项

公开/公告号GB2355323A

专利类型
公开/公告日2001-04-18

原文格式PDF
申请/专利权人 * AUTHORISZOR LIMITED;
展开▼

申请/专利号GB20000020386
发明设计人 DAVID ROBERT * WRAY;DAVID JOHN * BLANCHFIELD;
展开▼

申请日2000-08-21
分类号G06F1/00;
国家 GB
入库时间 2022-08-22 01:05:17

相似文献

专利
外文文献
中文文献