05941947 is referenced by 535 patents and cites 73 patents.

Access rights of users of a computer network with respect to data entities are specified by a relational database stored on one or more security servers. Application servers on the network that provide user access to the data entities generate queries to the relational database in order to obtain access rights lists of specific users. An access rights cache on each application server caches the access rights lists of the users that are connected to the respective application server, so that user access rights to specific data entities can rapidly be determined. Each user-specific access rights list includes a series of category identifiers plus a series of access rights values. The category identifiers specify categories of data entities to which the user has access, and the access rights values specify privilege levels of the users with respect to the corresponding data entity categories. The privilege levels are converted into specific access capabilities by application programs running on the application servers.

Title
System and method for controlling access to data entities in a computer network
Application Number
8/516573
Publication Number
5941947
Application Date
August 18, 1995
Publication Date
August 24, 1999
Inventor
Richard G Greenberg
Redmond
WA, US
Ross M Brown
Bellvue
WA, US
Agent
Leydig Voit & Mayer
Assignee
Microsoft Corporation
WA, US
IPC
G06F 17/00
View Original Source