公开(公告)号：US10360355B2

公开(公告)日：2019-07-23

申请号：US15433200

申请日：2017-02-15

Applicant: Rockwell Automation Technologies, Inc.

Inventor： Robert A. Brandt ,  Clark L. Case ,  John C. Wilkinson

IPC: G06F21/31 ,  H04L29/06 ,  G05B19/4155

Abstract: Techniques to facilitate protecting control programs used in an industrial automation environment are disclosed herein. In at least one implementation, control system content provided by a primary entity is received along with a primary security authority provided by the primary entity, wherein the primary security authority defines primary usage rights for the control system content granted to a secondary entity. A secondary security authority provided by the secondary entity is received, wherein the secondary security authority defines secondary usage rights for the control system content that further restrict the primary usage rights. A request is received from a user associated with the secondary entity to perform an action associated with the control system content, and the request is processed with the secondary security authority to determine if the user is authorized to perform the action associated with the control system content based on the secondary usage rights.

公开(公告)号：US20160350559A1

公开(公告)日：2016-12-01

申请号：US15167479

申请日：2016-05-27

Applicant: Rockwell Automation Technologies, Inc.

Inventor： John C. Wilkinson ,  Robert A. Brandt ,  Clark L. Case

IPC: G06F21/70

CPC classification number: G06F21/6218 ,  G06F21/70

Abstract: Techniques to facilitate controlling access to objects associated with an industrial automation environment are disclosed. In at least one implementation, a policy set associated with an object type is created, wherein the policy set defines one or more actions that are allowed for at least one user group to perform with respect to the object type. An object of the object type is identified for security configuration, and a selection of the policy set associated with the object type to apply to the object is received. In response to the selection of the policy set, security is configured for the object by applying the policy set associated with the object type to the object.

Abstract translation: 公开了有助于控制对与工业自动化环境相关联的物体的访问的技术。 在至少一个实现中，创建与对象类型相关联的策略集，其中策略集定义允许至少一个用户组相对于对象类型执行的一个或多个动作。 识别对象类型的对象用于安全配置，并且接收与对象类型相关联的策略集的选择以应用于该对象。 响应于策略集的选择，通过将与对象类型相关联的策略集应用于对象来为对象配置安全性。

公开(公告)号：US20160350521A1

公开(公告)日：2016-12-01

申请号：US15160976

申请日：2016-05-20

Applicant: Rockwell Automation Technologies, Inc.

Inventor： Robert A. Brandt ,  Clark L. Case ,  John C. Wilkinson

IPC: G06F21/31 ,  G05B19/4155

CPC classification number: G06F21/31 ,  G05B19/4155 ,  G05B2219/24159 ,  G05B2219/31229 ,  G06F2221/2113 ,  H04L63/104

Abstract: Techniques to facilitate protecting control programs used in an industrial automation environment are disclosed herein. In at least one implementation, control system content provided by a primary entity is received along with a primary security authority provided by the primary entity, wherein the primary security authority defines primary usage rights for the control system content granted to a secondary entity. A secondary security authority provided by the secondary entity is received, wherein the secondary security authority defines secondary usage rights for the control system content that further restrict the primary usage rights. A request is received from a user associated with the secondary entity to perform an action associated with the control system content, and the request is processed with the secondary security authority to determine if the user is authorized to perform the action associated with the control system content based on the secondary usage rights.

Abstract translation: 本文公开了有助于保护在工业自动化环境中使用的控制程序的技术。 在至少一个实现中，由主要实体提供的控制系统内容与主要实体提供的主要安全机构一起被接收，其中主要安全机构定义了授权给次级实体的控制系统内容的主要使用权限。 接收由次级实体提供的辅助安全机构，其中辅助安全机构定义进一步限制主要使用权限的控制系统内容的次要使用权限。 从与第二实体相关联的用户接收到请求以执行与控制系统内容相关联的动作，并且该请求与辅助安全机构一起处理以确定用户是否被授权执行与控制系统内容相关联的动作 基于二次使用权。

公开(公告)号：US09767308B2

公开(公告)日：2017-09-19

申请号：US15167479

申请日：2016-05-27

Applicant: Rockwell Automation Technologies, Inc.

Inventor： John C. Wilkinson ,  Robert A. Brandt ,  Clark L. Case

IPC: G06F21/70 ,  G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/70

Abstract: Techniques to facilitate controlling access to objects associated with an industrial automation environment are disclosed. In at least one implementation, a policy set associated with an object type is created, wherein the policy set defines one or more actions that are allowed for at least one user group to perform with respect to the object type. An object of the object type is identified for security configuration, and a selection of the policy set associated with the object type to apply to the object is received. In response to the selection of the policy set, security is configured for the object by applying the policy set associated with the object type to the object.

公开(公告)号：US20170161475A1

公开(公告)日：2017-06-08

申请号：US15433200

申请日：2017-02-15

Applicant: Rockwell Automation Technologies, Inc.

Inventor： Robert A. Brandt ,  Clark L. Case ,  John C. Wilkinson

IPC: G06F21/31

CPC classification number: G06F21/31 ,  G05B19/4155 ,  G05B2219/24159 ,  G05B2219/31229 ,  G06F2221/2113 ,  H04L63/104

Abstract: Techniques to facilitate protecting control programs used in an industrial automation environment are disclosed herein. In at least one implementation, control system content provided by a primary entity is received along with a primary security authority provided by the primary entity, wherein the primary security authority defines primary usage rights for the control system content granted to a secondary entity. A secondary security authority provided by the secondary entity is received, wherein the secondary security authority defines secondary usage rights for the control system content that further restrict the primary usage rights. A request is received from a user associated with the secondary entity to perform an action associated with the control system content, and the request is processed with the secondary security authority to determine if the user is authorized to perform the action associated with the control system content based on the secondary usage rights.

公开(公告)号：US09613195B2

公开(公告)日：2017-04-04

申请号：US15160976

申请日：2016-05-20

Applicant: Rockwell Automation Technologies, Inc.

Inventor： Robert A. Brandt ,  Clark L. Case ,  John C. Wilkinson

IPC: G06F21/31 ,  G05B19/4155

CPC classification number: G06F21/31 ,  G05B19/4155 ,  G05B2219/24159 ,  G05B2219/31229 ,  G06F2221/2113 ,  H04L63/104

Abstract: Techniques to facilitate protecting control programs used in an industrial automation environment are disclosed herein. In at least one implementation, control system content provided by a primary entity is received along with a primary security authority provided by the primary entity, wherein the primary security authority defines primary usage rights for the control system content granted to a secondary entity. A secondary security authority provided by the secondary entity is received, wherein the secondary security authority defines secondary usage rights for the control system content that further restrict the primary usage rights. A request is received from a user associated with the secondary entity to perform an action associated with the control system content, and the request is processed with the secondary security authority to determine if the user is authorized to perform the action associated with the control system content based on the secondary usage rights.