1. Technical Field
The present invention relates generally to computer systems, and particularly to a system and method of identifying common and unique files to a group of machines and presenting the identified files to a user.
2. Description of Related Art
A file system is used for storing and retrieving files from a storage device in a data processing system. A file system defines the directory structure for keeping track of files and metadata required to access those files. Further, a file system also defines the way files are named as well as the size of a file or volume.
The typical structure used in current file systems is a directory tree structure. In a tree structure, data files are organized in a hierarchical format and displayed for viewing. Microsoft Windows is an example of a file system that organizes files into a tree structure using directories. Directories are often referred to as folders, and may contain files or other directories. Within the tree structure, a user may select and manipulate files represented by members within the tree utilizing a mouse, keyboard or other input device. User selection via a mouse can be accomplished by “pointing and clicking” on a selectable feature on the computer display.
In addition to using a file system to view files contained on a particular computer, current file systems also allow users to view files across machines in a computer network or in a “network neighborhood”. However, as users may subsequently access the content of multiple computers in the network, system administrators may desire to limit or deny a user's access to certain files. One product available to system administrators for limiting a user's access to certain files in the network is IBM Tivoli Access Manager for Operating Systems (AMOS), which permits an administrator to set a “common” security policy on a group of machines. IBM Tivoli Access Manager for Operating Systems provides a layer of authorization policy enforcement in addition to that provided by the native operating using fine-grained access controls (e.g., controls based on user identity, group membership, type of operation, time of day or day of week, and accessing application) that restrict or permit access to key system resources. Machines in the network may require the same or similar authorization policy since they are used for the same or similar purposes, and the policy may be grouped for similar machines under user-defined policy branches. Machines are configured to subscribe to a particular policy branch, and all machines subscribing to the same policy branch are subject to the same authorization policy.
One problem that exists with defining security policies is that presently there is no way to analyze and correlate resources across the various machines in the network. Currently available file viewing mechanisms, such as Windows Explorer on Windows-based computers and File Viewer on Unix-based computers, may display the files contained in each machine to the user. However, these existing viewing mechanisms lack an automated tool that compares resources across the machines in the network to determine the subset of resources that are common or unique to the machines. Identifying common files among the machines in the network and then applying a common set security policy would help limit the size of the central policy database, as well as making the administration of the policy applicable to the files easier. Thus, having a way to view and analyze the files on various computers in a system and to present consolidated views would be beneficial in performing such tasks as setting common security policies and other administrative tasks.
Therefore, it would be advantageous to have an improved method of identifying the resources that are common or unique to the machines in a network and presenting this consolidated information to users via a file system.