SYSTEM AND METHOD FOR MANAGING USER PROFILES
1 Assignment
0 Petitions
Accused Products
Abstract
A system and a method for managing user and data profiles utilizing a web-enabled interactive database to organize, store and retrieve the information to create a consistent security model through centralized administration, are disclosed. The system captures various rules and pre-determined methodologies to provide on-line, up-to-date decisions to the users when users request access to a set of specific data or an application. The system further provides the capability to the user to request access to information that the user currently does not have access to, tracks the status of the request, obtains approval/disapproval decision from the data owner, implements the decision, and notifies requester within a reasonable time.
35 Citations
26 Claims
-
1-4. -4. (canceled)
-
5. A method for managing user profile information, including managing access control to applications and data by implementing a level of security across the different applications that is the same for each application, using a web-based system that includes a server system coupled to a centralized interactive database and at least one client system, said method comprising the steps of:
-
providing capabilities for a user to request access to information that the user currently does not have access to;
tracking a status of a request using a tracking component coupled to the centralized interactive database;
determining whether to grant the user access to a user requested application from an owner of the application requested;
implementing the decision comprising;
if the user is denied access to the application, notifying the user of the denial to access the application;
if the user is granted access to the application, determining whether to grant the user access to a set of specific data within the application after completing an evaluation based on the electronic profiles, pre-determined rules, and operating methodology in response to a request from the user for access to the set of specific data;
if the user is denied access to the set of specific data;
prompting the user to complete a request for quick approval wherein the request for quick approval includes a list of data for approval;
automatically determining, using an internal exception access process an approval or a disapproval of quick access based on pre-established criteria and the list of data for approval;
if the request for quick approval is approved, at least one of automatically adding a rule to the centralized interactive database and automatically adding the user to the centralized interactive database for access to the set of specific data;
if the rule is added, updating an exception list;
if the user is added, updating the centralized interactive database to permit the user access to the set of specific data;
notifying the user of the approval of the request for quick approval;
if the request for quick approval is denied, notifying the user of the denial of the request for quick approval; and
if the user is granted access to the set of specific data, making the set of specific data available to the user. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 21, 22, 23, 24, 25, 26)
-
-
6. (canceled)
-
16. A computer-implemented database embodied on a computer-readable medium configured to be protected from access by unauthorized individuals by managing user and data profiles by an administrator, said database providing access to users based on pre-determined rules and criteria further comprising:
-
pre-established criteria data developed from access rules and criteria including at least one of Rule Based Access guidelines, Group Based Access guidelines, Search &
Subscribe Utilities guidelines, Active Positioning Monitoring guidelines, Hard Exclusion Rules guidelines, and Access Audits guidelines;
applications data including system administrator defined attributes that cross-references the applications profile data against unique identifiers;
user data that includes a user'"'"'s organization and citizenship, that cross-references the users profile data against unique identifiers; and
pre-determined rules and methodologies data that facilitates accurate user access decision making.
-
-
17-20. -20. (canceled)
Specification