System and method for hierarchical role-based entitlements
First Claim
Patent Images
1. A method for authorization to adaptively control access to a resource, comprising the steps of:
- providing for the mapping of a principal to at least one role, wherein the at least one role is hierarchically related to the resource;
providing for the evaluation of a policy based on the at least one role; and
providing for the determination of whether to grant the principal access to the resource based on the evaluation of the policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for authorization to adaptively control access to a resource, comprising the steps of providing for the mapping of a principal to at least one role, wherein the at least one role is hierarchically related to the resource; providing for the evaluation of a policy based on the at least one role; and providing for the determination of whether to grant the principal access to the resource based on the evaluation of the policy.
196 Citations
60 Claims
-
1. A method for authorization to adaptively control access to a resource, comprising the steps of:
-
providing for the mapping of a principal to at least one role, wherein the at least one role is hierarchically related to the resource;
providing for the evaluation of a policy based on the at least one role; and
providing for the determination of whether to grant the principal access to the resource based on the evaluation of the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for authorization for adaptively controlling access to a resource, comprising the steps of:
-
providing for the evaluation of a policy based on at least one role applicable to a principal attempting to access the resource;
providing for the granting of access to the resource based on the evaluation; and
wherein the resource, the policy and the at least one role are hierarchically related. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for authorization for adaptively controlling access to a resource, comprising the steps of:
-
providing to a security framework information pertaining to a principal and the resource; and
utilizing the security framework to provide an authorization result based on evaluating at least one security policy by associating at least one role to the principal; and
wherein the resource, the security policy, and the at least one role are hierarchically related. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for authorization adapted for controlling access to a resource, comprising:
-
at least one role-mapper to map a principal to at least one role, wherein the at least one role is hierarchically related to the resource;
at least one authorizer coupled to the at least one role-mapper, the at least one authorizer to determine if a policy is satisfied based on the at least one role; and
an adjudicator coupled to the at least one authorizer, the adjudicator to render a final decision based on the determination of the at least one authorizer. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A machine readable medium having instructions stored thereon that when executed by a processor cause a system to:
-
map a principal to at least one role, wherein the at least one role is hierarchically related to the resource;
evaluate a policy based on the at least one role; and
determine whether to grant access to the resource based on the evaluation of the policy. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A method for authorization to adaptively control access to a resource in an enterprise application, comprising the steps of:
-
providing for the mapping of a principal to at least one role, wherein the at least one role is hierarchically related to the resource;
providing for the evaluation of a policy based on the at least one role; and
providing for the determination of whether to grant the principal access to the resource based on the evaluation of the policy; and
wherein the at least one role, the policy and the resource are part of an enterprise application. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60)
-
Specification