User interface driven access control system and method
First Claim
1. A graphical user interface for representing and facilitating user manipulation of access control settings for a resource comprising:
- one or more display regions for graphical representations of access control settings for the resource which result from transformations applied to the structured data which defines the access control settings for the resource; and
one or more display regions for representation of the resource;
wherein the set of display regions for representations of the settings and the display region for representation of the resource appear to the operator as in an integrated graphical user interface.
1 Assignment
0 Petitions
Accused Products
Abstract
User Interface Driven Access Control Display regions for representations of results of transformations applied to access control settings for a resource appear integrated with a familiar representation of the resource, e.g. word processor, or Web browser. A number of functions modify layout and transformations, and those functions are available for invocation, e.g. through mouse gestures or key combinations. Users are graphically represented by displays comprising photographic likenesses. Groups can be shown as individual users. Giving someone access to a resource can be as easy as dragging that person'"'"'s likeness. Access log information can be shown together with access control settings. Reviewing the subset of resources available to a user is made easier. Overflow indicators replace scroll bars. Macros effect snapshots of volatile sets of users. Sections within documents can be omitted automatically if a user lacks authorization. Access control settings for one resource can be linked to be dependent on settings for other resources.
186 Citations
27 Claims
-
1. A graphical user interface for representing and facilitating user manipulation of access control settings for a resource comprising:
-
one or more display regions for graphical representations of access control settings for the resource which result from transformations applied to the structured data which defines the access control settings for the resource; and
one or more display regions for representation of the resource;
wherein the set of display regions for representations of the settings and the display region for representation of the resource appear to the operator as in an integrated graphical user interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A graphical user interface for representing access log information and access control settings for a resource, wherein at least one display region contains a graphical representation of a set comprising one or more individual users, and wherein each of the individual users is graphically represented by a visual element which comprises:
-
the identity of the individual user having read privilege for the resource; and
a differing visual element for indicating that the user has write privilege for the resource; and
one or more of the following visual elements;
the time of the most recent read access by the user to the resource;
the time of the most recent write access by the user to the resource;
indication whether the most recent write access by the user to the resource is the most recent write access by any user to the resource;
indication whether the most recent read access by the user to the resource has been before the most recent write access by any user to the resource;
indication whether the most recent read access by the user to the resource has been since the most recent write access by any user to the resource; and
indication whether the user currently is without read privilege for the resource. - View Dependent Claims (11, 12)
-
-
13. A graphical user interface for representing access privileges for a user for one or more member resources in a collection of resources, wherein at least one display region contains a navigable structured graphical representation of the collection of resources, and wherein each member resource is graphically represented by a visual element which identifies the resource and which, by applying a predetermined set of steps, indicates the user'"'"'s effective access privileges for the resource by variations in at least one appearance parameter selected from the set comprising:
- indicative icons;
color;
transparency;
height;
width; and
font parameters, and wherein in the visual element representing the resource can be designated by the operator, regardless of variations in appearance, and wherein dynamic graphic feedback for a visual element designated by the operator indicates information comprising the identity of the selected resource; and
dynamic graphical feedback for a resource approached for being designated by the operator indicates information comprising the identity of the approached resource. - View Dependent Claims (14, 15, 16)
- indicative icons;
-
17. A graphical user interface for representing a set of a variable number of items in limited display space comprising:
- a visible region, a virtual plane, and overflow indicators, wherein each of the represented items is graphically represented by a predetermined visual element;
each of the visual elements is positioned in the virtual plane;
the virtual plane is masked by the visible region, permitting display of only a part of the virtual plane;
the overflow indicators are located inside the visible region;
the overflow indicators are located near such edges of the visible region beyond which more of the item displays are not visible;
the number of overflow indicators is zero in case all of the item displays fit inside the visible region;
a plurality of functions are implemented which change the position of the virtual plane relative to the visible region;
a context dependent subset of the functions is available for selection by the operator for immediate and subsequent use;
the visible region remains constant in size and shape, even when the number and locations of the overflow indicators are changing; and
the overflow indicators are graphically represented by using at least one method selected from the group of transparency, color change, saturation change, brightness change and anti-aliasing, whereby there is a smooth transition between the appearance of the user interface when all items fit and the appearance when there is overflow. - View Dependent Claims (18, 19, 20)
- a visible region, a virtual plane, and overflow indicators, wherein each of the represented items is graphically represented by a predetermined visual element;
-
21. A user interface for representing and manipulating access control settings for a resource, comprising structured data representing access control settings for users related to the resource, and stored executable macros for invoking steps to manipulate the structured data, wherein the structured data also contains data that results from expansion of one or more of the macros.
-
22. A method for controlling access to one or more elements from a document encoded in a markup language, comprising the steps of:
-
(a) determining the identity of a user attempting to access the document;
(b) processing the document by recursively (1) parsing each element of the document, comprising an evaluation of access control function attributes which may be present within an element using attribute values that reference resources to determine access privileges of the determined user for the referenced resources; and
(2) permitting or denying access to the element based on the determined access privileges. - View Dependent Claims (23)
-
-
24. A method for access control to resources wherein the step of permitting access to a resource comprises evaluation of whether a user has the right to access a resource that references the requested resource, and is currently accessing the referencing resource, and if so, permitting access to the requested resource.
-
25. A system for access control for resources in a branching hierarchy of resources, comprising structured data that defines access control settings for a resource which may optionally contain references to other resources within the hierarchy of resources;
- wherein access control settings of the referenced other resources are merged by a predetermined algorithm with the structured data to determine effective access control settings.
- View Dependent Claims (26, 27)
Specification