Attribute-based allocation of resources to security domains
2 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for the optimized assignment of access rights to IT resources managed by means of a security management system and to a correspondingly adapted security management system. According to the invention a security domain is defined on the basis of at least one attribute of IT resources and a plurality of authorization profiles is provided for the security domain. User groups are assigned to the domain and linked to profiles provided for the domain. IT resources for which the security management is responsible are allocated to the domain in accordance with the attribute defining the security domain, as a result of which user groups assigned to the domain receive access rights to the IT resources allocated to the domain in accordance with the profiles linked to them. The invention permits the user groups to be issued with authorizations that are tailored to the requirements of the individual groups.
-
Citations
15 Claims
-
1-5. -5. (canceled)
-
6. A method for allocating access rights to resources managed via a security management system, comprising:
-
providing an attribute of a resource;
defining a security domain defined by an attribute;
providing a plurality of authorization profiles for the security domain;
assigning a plurality of user groups to the domain;
linking the user groups assigned to the domain to the profiles provided for the domain;
assigning resources to the security domain in accordance with the resource attribute; and
receiving access rights by user groups assigned to the domain receive. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification