Many methods of computing system security exist. Examples include: access control lists, public/group/private access, User ID, password, etc. Basically all such security methods answer the same question: "May this Function happen, yes or no?"
The problem with many of the security systems is that their memory requirements increase at an exponential rate, dependent upon the number of securable objects which can be accessed by a number of users to carry out a variety of functions. In this regard, a User is identified by an identifier, an Object by a name and a Function by a brief descriptor of its operation. For example a Function may be a read, a write or a delete function (or any combination thereof) with respect to a database entry. Further, the function may evidence a constraint, e.g. access allowed only during set business hours; access allowed at all hours; etc.
In the prior art some systems have required that all permutations of (Objects, Users, Functions) be maintained. In such a case when User-Y wants to perform Function-Z with respect to Object-X, the security check examines the security state for (Object-X, User-Y, Function-Z).
The problem with this solution is that X*Y*Z security states need to be maintained (where X=number of Objects, Y=number of Users, and Z=number of Functions). The storage required is of the order of N.sup.3 for a large value of N.
Different security systems may require more than Object, User, and Function. Examples might be when the Object is acted upon or the location of the User attempting the access the Object. For systems of this type, the storage costs grow at the rate of N.sup.4, N.sup.5, or more. In such cases, the value of N has a more profound effect. Hereafter, the discussion will focus on N.sup.3 storage costs.
The prior art includes a variety of teachings regarding security systems for protecting data. For instance, U.S. Pat. No. 5,539,906 to Abraham et al. (assigned to the same Assignee as this application) describes a security system which protects data pertaining to an industrial process (or a series of industrial process steps). Abraham et al. enable access to data that derives from a process step which is currently active, but only to a select group. Thus, access to the process data is prevented, based on the status of the data, in addition to the category or type of data. For instance, users may have access to data elements at some steps in the process, but are denied access to those data elements at other steps in the process. Abraham et al. further suggest that their method for controlling security based on the data status and location may be used with password control, security level control and other classifications based on groups of users or type of data.
U.S. Pat. No. 5,504,814 to Miyahara describes a computer security mechanism that includes an access control table that specifies predetermined access rights of each of a plurality of predetermined security subjects relative to predetermined security objects. The access control table further includes a collection of mutually exclusive execution domains for each of the security subjects so that the executing processes of the security subject can only directly access code and data contained within the collection of domains of such security subject.
Howell et al. in U.S. Pat. No. 5,450,590, assigned to the same assignee as this Application, describe a security system wherein data access is controlled in accord with a time-based schedule.
Fabbio et al. in U.S. Pat. No. 5,335,346, assigned to the same Assignee as this Application, describe a security system wherein entries in an access control list include permissions for read write and execute. Those entries can be assigned to each of a number of identifiers that represent users or groups of users. Upon receiving a list of user IDs and group IDs, the access control routine performs a logical AND operation across the set of credentials represented by the different IDs and returns the least amount of privilege.
Notwithstanding the many and varied teachings in the prior art regarding security systems, there is still a need for a security system which evidences reduced memory requirements, even in the event of multiple security interrelationships.