Extensible role based authorization for manageable resources
First Claim
Patent Images
1. A method for dynamically providing access to a plurality of resources in a computer based application, the method comprising:
- detecting a change associated with the application potentially affecting an access scheme of the application, wherein the application includes a plurality of components;
determining which of said plurality of resources of the application are affected by the change;
determining which of said plurality of components of the application are affected by the change;
determining at least one user account among a plurality of user accounts affected by the change; and
modifying or creating a dynamic role of said one user account to accommodate the change.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems are provided for dynamically altering the access capabilities to the data resources for users of a computer based application. The access capabilities are defined by a dynamic role that specifies which of the resources a user may access, and a set of permissions associated with the dynamic role to define. New dynamic roles may be created when additional resources and components are added to an application. Methods and systems are provided for creating new dynamic roles to temporarily access resources, and for deleting a dynamic role after it is no longer needed.
87 Citations
19 Claims
-
1. A method for dynamically providing access to a plurality of resources in a computer based application, the method comprising:
-
detecting a change associated with the application potentially affecting an access scheme of the application, wherein the application includes a plurality of components;
determining which of said plurality of resources of the application are affected by the change;
determining which of said plurality of components of the application are affected by the change;
determining at least one user account among a plurality of user accounts affected by the change; and
modifying or creating a dynamic role of said one user account to accommodate the change. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product for dynamically providing access to a plurality of resources in a computer based application, the computer program product comprising a computer useable medium including a computer readable program, wherein the computer readable program upon being executed on a computer causes the computer to:
-
detect a change associated with the application potentially affecting an access scheme of the application, wherein the application includes a plurality of components;
determine which of said plurality of resources of the application are affected by the change;
determine which of said plurality of components of the application are affected by the change;
determine at least one user account among a plurality of user accounts affected by the change; and
modify or create a dynamic role of said one user account to accommodate the change. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A system for dynamically providing access to a plurality of resources in a computer based application, the system comprising:
-
a memory configured to store the plurality of resources and the computer based application;
logic for detecting a change associated with the application potentially affecting an access scheme of the application, wherein the application includes a plurality of components;
logic for determining which of said plurality of resources of the application are affected by the change;
logic for determining which of said plurality of components of the application are affected by the change;
logic for determining at least one user account among a plurality of user accounts affected by the change; and
logic for modifying or creating a dynamic role of said one user account to accommodate the change. - View Dependent Claims (17, 18, 19)
-
Specification