公开(公告)号：US09154489B2

公开(公告)日：2015-10-06

申请号：US13967207

申请日：2013-08-14

申请人： Dell Software Inc.

发明人： Clifford Lee Hannel ,  Anthony May

IPC分类号： G06F17/30 ,  H04L29/06 ,  G06F21/62

CPC分类号： H04L63/105 ,  G06F21/6227 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/08 ,  H04L63/20

摘要： A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.

摘要翻译： 可扩展访问过滤器，与虚拟专用网络中的其他人一起使用，以控制网络中客户端的用户对网络中的服务器提供的信息资源的访问。 每个访问过滤器使用访问控制数据库的本地副本来确定用户是否进行访问请求。 每个用户属于一个或多个用户组，每个信息资源属于一个或多个信息集。 根据访问策略允许或拒绝访问，这些访问策略根据用户组和信息集来定义访问。 路径中的第一个访问过滤器执行访问检查，对请求进行加密和验证; 路径中的其他访问过滤器不要重复访问检查。 应用程序用于确定用户是否可以访问实体的界面现在是SQL实体。 策略服务器将来自各种信息源的查询响应所需的信息组合起来，包括策略服务器外部的源。

公开(公告)号：US09331992B2

公开(公告)日：2016-05-03

申请号：US13967208

申请日：2013-08-14

申请人： Dell Software Inc.

发明人： Clifford Lee Hannel ,  Anthony May

IPC分类号： G06F17/30 ,  H04L29/06 ,  G06F21/62

CPC分类号： H04L63/105 ,  G06F21/6227 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/08 ,  H04L63/20

摘要： A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.

摘要翻译： 可扩展访问过滤器，与虚拟专用网络中的其他人一起使用，以控制网络中客户端的用户对网络中的服务器提供的信息资源的访问。 每个访问过滤器使用访问控制数据库的本地副本来确定用户是否进行访问请求。 每个用户属于一个或多个用户组，每个信息资源属于一个或多个信息集。 根据访问策略允许或拒绝访问，这些访问策略根据用户组和信息集来定义访问。 路径中的第一个访问过滤器执行访问检查，对请求进行加密和验证; 路径中的其他访问过滤器不重复访问检查。 应用程序用于确定用户是否可以访问实体的界面现在是SQL实体。 策略服务器将来自各种信息源的查询响应所需的信息组合起来，包括策略服务器外部的源。

公开(公告)号：US09276920B2

公开(公告)日：2016-03-01

申请号：US13967205

申请日：2013-08-14

申请人： Dell Software Inc.

发明人： Clifford Lee Hannel ,  Anthony May

IPC分类号： G06F17/30 ,  H04L29/06 ,  G06F21/62

CPC分类号： H04L63/105 ,  G06F21/6227 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/08 ,  H04L63/20

摘要： A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.

摘要翻译： 可扩展访问过滤器，与虚拟专用网络中的其他人一起使用，以控制网络中客户端的用户对网络中的服务器提供的信息资源的访问。 每个访问过滤器使用访问控制数据库的本地副本来确定用户是否进行访问请求。 每个用户属于一个或多个用户组，每个信息资源属于一个或多个信息集。 根据访问策略允许或拒绝访问，这些访问策略根据用户组和信息集来定义访问。 路径中的第一个访问过滤器执行访问检查，对请求进行加密和验证; 路径中的其他访问过滤器不重复访问检查。 应用程序用于确定用户是否可以访问实体的界面现在是SQL实体。 策略服务器将来自各种信息源的查询响应所需的信息组合起来，包括策略服务器外部的源。

公开(公告)号：US20170118221A1

公开(公告)日：2017-04-27

申请号：US15257747

申请日：2016-09-06

申请人： DELL SOFTWARE INC.

发明人： Clifford Lee Hannel ,  Anthony May

IPC分类号： H04L29/06

CPC分类号： H04L63/105 ,  G06F21/6227 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/08 ,  H04L63/20

摘要： A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.

公开(公告)号：US09438577B2

公开(公告)日：2016-09-06

申请号：US13967202

申请日：2013-08-14

申请人： Dell Software Inc.

发明人： Clifford Lee Hannel ,  Anthony May

IPC分类号： G06F17/30 ,  H04L29/06 ,  G06F21/62

CPC分类号： H04L63/105 ,  G06F21/6227 ,  H04L63/0272 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/08 ,  H04L63/20

摘要： A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server.