06412070 is referenced by 238 patents.

A method and computing system for extending access control of system objects in a computing environment beyond traditional rights such as read, write, create and delete. According to the invention, a system administrator or user application is able to create control rights that are unique to the type of object. Rights can be created that do not relate to any specific property of the object, but rather define how a user may control the object. A novel object, referred to as a control access data structure, is defined for each unique control right and associates the control right with one or more objects of the computing environment. In order to grant the right to a trusted user, an improved access control entry (ACE) is defined which holds a unique identifier of the trusted user and a unique identifier of the control access data structure.

Title
Extensible security system and method for controlling access to objects in a computing environment
Application Number
9/157882
Publication Number
6412070 (B1)
Application Date
September 21, 1998
Publication Date
June 25, 2002
Inventor
Richard B Ward
Redmond
WA, US
Praerit Garg
Kirkland
WA, US
Michael M Swift
Seattle
WA, US
Peter T Brundrett
Seattle
WA, US
Clifford P Van Dyke
Bellevue
WA, US
Agent
Lee & Hayes PLLC
US
Assignee
Microsoft Corporation
WA, US
IPC
G06F 12/14
View Original Source