International Classification:
G06F 1730
Abstract:
Methods, signals, devices, and systems are provided for controlling access to objects and their attributes in a database. The database may be hierarchical, or it may have positional relationships based on a graph structure. In a hierarchical database possible positional relationships include "child", "parent", "grandchild", and so on. A trustee field in an access control property of a target object is furnished with the positional relationship. A positional relationship is evaluated when an access request is made, and the binding of trustee object identifiers with particular targets through access control properties is thereby delayed until such binding is necessary to determine if the access request should be granted. The delayed binding may be combined with inheritance, with conventional access control lists, and with other familiar tools and techniques to enhance access control in the database of objects.