The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Apr. 21, 2025
Filed:
Aug. 30, 2022
Palo Alto Research Center Incorporated, Palo Alto, CA (US);
Marc E. Mosko, Kensington, CA (US);
Xerox Corporation, Norwalk, CT (US);
Abstract
A system and method are provided to facilitate securing windows discretionary access control. During operation, the system determines a Windows domain model including: user-specified desired effective permissions as capability assignments of principals on resources, wherein a respective capability assignment comprises a permission of a respective principal to a respective resource and wherein a respective principal comprises a user or a group of users; and user-specified policies and rules for relationships between principals, groups, and resources. The system creates a domain graph and an access control graph based on the Windows domain model. The domain graph maps paths between nodes representing users, groups, and resources based on the policies and rules. The access control graph allows for calculation of actual permissions of principals on resources based on the desired effective permissions. The system determines a set of optimal policy-conformant configurations based on the domain graph and the access control graph.