Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Reference Monitor - Destroying Affinity Relationships

IP.com Disclosure Number: IPCOM000100105D
Original Publication Date: 1990-Mar-01
Included in the Prior Art Database: 2005-Mar-15
Document File: 1 page(s) / 50K

Publishing Venue

IBM

Related People

Janis, FL: AUTHOR

Abstract

This article describes a feature that relates to Reference Monitor Services. The Reference Monitor Service concept is designed to provide access control for applications and objects within the application. Access control is where users or subjects are limited in the actions they may perform upon resources or objects. A Reference Monitor is defined as the program or service where access control decisions are made and access control information is kept. This concept allows the decision-making process and information to be kept in one location for a host which can be used by all applications or services within the host. The information may be interchanged to other applications and services located in other hosts.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 64% of the total text.

Reference Monitor - Destroying Affinity Relationships

       This article describes a feature that relates to
Reference Monitor Services. The Reference Monitor Service concept is
designed to provide access control for applications and objects
within the application.  Access control is where users or subjects
are limited in the actions they may perform upon resources or
objects. A Reference Monitor is defined as the program or service
where access control decisions are made and access control
information is kept. This concept allows the decision-making process
and information to be kept in one location for a host which can be
used by all applications or services within the host. The information
may be interchanged to other applications and services located in
other hosts.

      The functionality of the Reference Monitor Services is built in
three ways. First, there are the basic blocks of access control
information, called profiles. Second, there is the basic form of
interchange, commands and their operands. Third, there are the
functions that can be accomplished as the different types of profiles
interact, and the commands to be used to create and destroy
relationships between profiles.

      The DIA Reference Monitor Services allows the REVOKE command to
destroy an Affinity Relationship between two users, by specifying one
User Profile as the PROFILE-ID or Source Profile and another User
Profile as the TO-PROFILE-ID or Target Profile. This ends the
relation...