Security architecture for a process control platform executing applications
First Claim
1. A security component within a supervisory process control and manufacturing information system comprising:
- a set of user roles corresponding to different types of users within the information system;
a set of security groups defining a set of security permissions with regard to a set of objects, wherein each security group includes an access definition relating the security permissions to at least one of the set of user roles; and
a set of user accounts assigned to at least one of the defined roles thereby indirectly defining access rights with regard to the set of objects having restricted access within the system;
wherein the security permissions are assigned at an object attribute level.
4 Assignments
0 Petitions
Accused Products
Abstract
A security component within a supervisory process control and manufacturing information system comprising a set of user roles corresponding to different types of users within the information system, a set of security groups defining a set of security permissions with regard to a set of objects, wherein each security group includes an access definition relating the security permissions to at least one of the set of user roles, and a set of user accounts assigned to at least one of the defined roles thereby indirectly defining access rights with regard to the set of objects having restricted access within the system. The security permissions within the supervisory process control and manufacturing information system are assigned at an object attribute level.
-
Citations
18 Claims
-
1. A security component within a supervisory process control and manufacturing information system comprising:
-
a set of user roles corresponding to different types of users within the information system;
a set of security groups defining a set of security permissions with regard to a set of objects, wherein each security group includes an access definition relating the security permissions to at least one of the set of user roles; and
a set of user accounts assigned to at least one of the defined roles thereby indirectly defining access rights with regard to the set of objects having restricted access within the system;
wherein the security permissions are assigned at an object attribute level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18)
-
-
16. A method of editing an attribute of a security component within a supervisory process control and manufacturing information system, the method comprising:
-
receiving the authentication materials from a user;
obtaining the proposed changes to the attribute;
checking the permissions of the user inputting the proposed changes;
accepting the proposed changes in the event that the permissions of the user are validated; and
denying the proposed changes in the event that the permissions of the user are invalidated.
-
Specification