User access to a registry of business entity definitions

US 20070143214A1
Filed: 12/12/2003
Published: 06/21/2007
Est. Priority Date: 06/26/2003
Status: Active Grant

First Claim

Patent Images

1-15. -15. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides an apparatus, method and computer program product for a registry, such as a UDDI registry, to restrict access to business entity definitions contained in the registry according to permission details associated with the business service definition. A business entity definition may comprise a plurality of information elements. Permission details, which define users or groups of users with permission to access the information element, are then associated with one or more of these information elements. When a user request is received to access a business entity definition access is restricted to only those information elements for which the user has the required permission.

Citations

29 Claims

1-15. -15. (canceled)

16. A method for a registry of business entity definitions to handle user requests to access business entity definitions, the method comprising:
- receiving a request from a user to access a business entity definition;
  
  obtaining the identity of the user from data associated with the request;
  
  determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user; and
  
  denying the user access to information in the business entity definition if it is determined that the user does not have permission;
  
  wherein the information in the business entity definition comprises a plurality of information elements each having permission details associated therewith;
  
  wherein determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises determining from permission details associated with each information element whether the user has permission to access that information element; and
  
  wherein denying the user access to information in the business entity definition if it is determined that the user does not have permission comprises denying the user access to those information elements for which it is determined that the user does not have permission.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16 wherein the request specifies a search criteria, and wherein the method further comprises:
    - determining what information in the business entity definition the user wishes to access using the search criteria to locate the business entity definition; and
      
      determining whether the user has permission to access the information that the user wishes to access.
  - 18. The method of claim 16, wherein determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises determining whether a user has permission to access an information element from an access policy and permission details associated with a different information element.
  - 19. The method of claim 18 wherein the information elements are in a hierarchy and wherein determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises determining that a user does not have permission to access a first information element if permission details associated with one or more second information elements directly beneath the first information element in the hierarchy indicate that user does not have access to one or more of the second information elements.

20. A registry of business entity definitions for handling requests to access business entity definitions, the registry comprising:
- means for receiving a request from a user to access a business entity definition;
  
  means for obtaining the identity of the user from data associated with the request;
  
  means for determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user; and
  
  means for denying the user access to information in the business entity definition if it is determined that the user does not have permission;
  
  wherein the information in the business entity definition comprises a plurality of information elements each having permission details associated therewith;
  
  wherein the means for determining comprises means for determining from permission details associated with each information element whether the user has permission to access that information element; and
  
  wherein the means for denying comprises means for denying the user access to those information elements for which it is determined that the user does not have permission.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The registry of claim 20 wherein the request specifies a search criteria, and wherein the registry further comprises:
    - means for determining what information in the business entity definition the user wishes to access using the search criteria to locate the business entity definition.
  - 22. The registry of claim 20, wherein the means for determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user further comprises means for determining whether a user has permission to access an information element from an access policy and permission details associated with a different information element.
  - 23. The registry of claim 22 wherein the information elements are in a hierarchy and the access policy specifies that a user does not have permission to access a first information element if permission details associated with one or more second information elements directly beneath the first information element in the hierarchy indicate that user does not have access to one or more of the second information elements.
  - 24. The registry of claim 20, further comprising:
    - means for locating the permission details in a file system in which the permission details are in a location in the file system which is defined according to the information element with which they are associated.
  - 25. The registry of claim 20, wherein the registry is a UDDI registry and the information in the business entity definition is a business entity information element, the business entity information element containing one or more business service entity information elements, each business service entity containing one or more binding template information elements and each binding template containing one or more references each referring to a technical model information element.

26. A computer program product for a registry of business entity definitions to handle user requests to access business entity definitions, the computer program product comprising:
- a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising;
  
  computer usable program code configured to receive a request from a user to access a business entity definition;
  
  computer usable program code configured to obtain the identity of the user from data associated with the request;
  
  computer usable program code configured to determine whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user; and
  
  computer usable program code configured to deny the user access to information in the business entity definition if it is determined that the user does not have permission;
  
  wherein the information in the business entity definition comprises a plurality of information elements each having permission details associated therewith;
  
  wherein the computer usable program code configured to determine whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises computer usable program code configured to determine from permission details associated with each information element whether the user has permission to access that information element; and
  
  wherein the computer usable program code configured to deny the user access to information in the business entity definition if it is determined that the user does not have permission comprises computer usable program code configured to deny the user access to those information elements for which it is determined that the user does not have permission.
- View Dependent Claims (27, 28, 29)
- - 27. The computer program product of claim 26 wherein the request specifies a search criteria, and further comprising:
    - computer usable program code configured to determine what information in the business entity definition the user wishes to access using the search criteria to locate the business entity definition; and
      
      computer usable program code configured to determine whether the user has permission to access the information that the user wishes to access.
  - 28. The computer program product of claim 26, wherein the computer usable program code configured to determine whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises computer usable program code configured to determine whether a user has permission to access an information element from an access policy and permission details associated with a different information element.
  - 29. The computer program product of claim 28 wherein the information elements are in a hierarchy and wherein determining whether the user has permission to access information in the business entity definition from permission details associated with the business entity definition and the identity of the user comprises determining that a user does not have permission to access a first information element if permission details associated with one or more second information elements directly beneath the first information element in the hierarchy indicate that user does not have access to one or more of the second information elements.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Colgrave, John

Granted Patent

US 10,558,983 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/60   Protecting data

G06F 21/6245   Protecting personal data, e...

G06F 2221/2141   Access rights, e.g. capabil...

G06Q 30/018   Certifying business or prod...

User access to a registry of business entity definitions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

User access to a registry of business entity definitions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links