Identity management maturity system and method

US 20070233600A1
Filed: 04/03/2006
Published: 10/04/2007
Est. Priority Date: 04/03/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing identity management for an organization, the method comprising:

providing for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users within an organization, for each of the plurality of system users the compilation of data comprising;

an identifier that is unique within the organization; and

a current relationship with the organization;

providing for automated generation of an audit report on a periodic basis, wherein the audit report provides an indication of current user accounts for at least one of the plurality of users included within the one or more authoritative identity sources; and

providing for automated user-account changes, for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a status change for the one or more of the plurality of system users.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment, a method for providing identity management for an organization includes providing for the creation and maintenance of one or more authoritative identity sources, providing for automated generation of an audit report on a periodic basis, and providing for automated user-account changes. Each authoritative identity source includes a compilation of data for a plurality of system users within an organization. The compilation includes, for each of the plurality of system users, an identifier that is unique within the organization and a current relationship with the organization. The audit report provides an indication of current user accounts for at least one of the plurality of users included within the one or more authoritative identity sources. The automated user-account changes are provided for one or more of the plurality of system users included within the one or more authoritative identity sources in response to a status change for the one or more of the plurality of system users.

82 Citations

View as Search Results

45 Claims

1. A method for providing identity management for an organization, the method comprising:
- providing for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users within an organization, for each of the plurality of system users the compilation of data comprising;
  
  an identifier that is unique within the organization; and
  
  a current relationship with the organization;
  
  providing for automated generation of an audit report on a periodic basis, wherein the audit report provides an indication of current user accounts for at least one of the plurality of users included within the one or more authoritative identity sources; and
  
  providing for automated user-account changes, for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a status change for the one or more of the plurality of system users.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - in response to a release of a software application within the organization, providing for access by one or more of the plurality of system users to the software application.
  - 3. The method of claim 1, wherein at least one of the one or more authoritative identity sources is created and maintained by a human resources department.
  - 4. The method of claim 1, wherein for each of the plurality of system users, the compilation of data further comprises an indication of one or more current responsibilities.
  - 5. The method of claim 1, wherein the audit report provides an indication of current user accounts for each of the plurality of users included within the one or more authoritative identity sources.
  - 6. The method of claim 1, wherein for at least one of the plurality of system users, the compilation of data further comprises an indication of at least one supervisor or manager.
  - 7. The method of claim 1, wherein the status change for the one or more of the plurality of system users comprises a change in access level.
  - 8. The method of claim 1, wherein the status change for the one or more of the plurality of system users comprises a change in home office location.
  - 9. The method of claim 1, wherein the status change for the one or more of the plurality of system users comprises a change in current responsibilities.
  - 10. The method of claim 1, wherein the current relationship with the organization comprises an employment status.
  - 11. The method of claim 2, wherein the software application is operable to access at least a portion of the compilation of data for one or more of the authoritative identity sources.

12. A method for providing identity management for an organization, the method comprising:
- providing for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users within an organization, for each of the plurality of system users the compilation of data comprising;
  
  an identifier that is unique within the organization; and
  
  an indication of one or more current responsibilities;
  
  providing for automated generation of an audit report on a periodic basis, wherein the audit report provides an indication of current entitlements for at least one of the plurality of users included within the one or more authoritative identity sources; and
  
  providing for automated entitlements changes, for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a change in one or more current responsibilities as indicated in the associated authoritative identity source.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12, further comprising:
    - providing for externalized security for at least one software application utilized within the organization.
  - 14. The method of claim 12, further comprising providing for the creation and maintenance of at least one authoritative identity source comprising a compilation of data for at least one system user outside of the organization, the compilation of data comprising:
    - an identifier that is unique within the organization; and
      
      a current relationship with the organization.
  - 15. The method of claim 14, wherein the at least one system user outside of the organization comprises a customer of the organization.
  - 16. The method of claim 12, wherein:
    - at least one of the plurality of system users is an employee of the organization; and
      
      the one or more current job responsibilities for the employee of the organization is associated with a job title of the employee of the organization.
  - 17. The method of claim 12, wherein for at least one of the plurality of system users, the compilation of data further comprises an indication of at least one supervisor or manager.
  - 18. The method of claim 12, wherein the audit report further identifies discrepancies between current entitlements and current responsibilities for the at least one of the plurality of users included within the one or more authoritative identity sources.
  - 19. The method of claim 13, wherein the externalized security comprises a security services application that controls system user accessibility for the at least one software application utilized within the organization, the security services application being a separate application from the at least one software application utilized within the organization.
  - 20. The method of claim 12, wherein the at least one software application utilized within the organization comprises substantially all of the business-related software applications utilized within the organization.

21. A method for providing identity management for an organization, the method comprising:
- providing for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users, for each of the plurality of system users the compilation of data comprising an identifier that is unique within an organization;
  
  providing for automated generation of a plurality of entitlements for one or more of the plurality of system users, wherein the plurality of entitlements comprise at least one information technologies related entitlement and at least one facilities related entitlement; and
  
  providing for automated generation of an audit report on a periodic basis, wherein the audit report provides an indication of current information technologies related entitlements for at least one of the plurality of users included within the one or more authoritative identity sources.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The method of claim 21, further comprising providing for automated entitlements changes, for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a change in one or more current responsibilities.
  - 23. The method of claim 21, further comprising providing for federated entitlements for at least one system user outside of the organization.
  - 24. The method of claim 23, wherein:
    - providing for federated entitlements includes enabling external SPML requests; and
      
      the at least one system user outside of the organization is associated with an authorized business partner of the organization.
  - 25. The method of claim 21, further comprising providing for externalized security for at least one software application utilized within the organization.
  - 26. The method of claim 21, wherein at least one of the plurality of system users is an employee of the organization.
  - 27. The method of claim 21, wherein the at least one information technologies related entitlement comprises access to at least one database and access to at least one software application.
  - 28. The method of claim 21, wherein the at least one facilities related entitlement comprises access to at least one physical location.
  - 29. The method of claim 28, wherein the access to at least one physical location is carried out through the use of one or more of an RFID tag, a barcode, and an encoded magnetic strip.

30. Software for providing identity management for an organization, the software embodied in a computer-readable medium and when executed using one or more processors, operable to:
- generate a graphical interface operable to receive instructions necessary for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users within an organization, for each of the plurality of system users the compilation of data comprising;
  
  an identifier that is unique within the organization; and
  
  a current relationship with the organization;
  
  generate an audit report on a periodic basis, wherein the audit report provides an indication of current user accounts for at least one of the plurality of users included within the one or more authoritative identity sources; and
  
  modify one or more user-accounts for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a status change for the one or more of the plurality of system users.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
- - 31. The software of claim 30, wherein the instructions necessary for the creation and maintenance of at least one of the one or more authoritative identity sources is generated by a human resources department.
  - 32. The software of claim 30, wherein for each of the plurality of system users, the compilation of data further comprises an indication of one or more current responsibilities.
  - 33. The software of claim 30, wherein the audit report provides an indication of current user accounts for each of the plurality of users included within the one or more authoritative identity sources.
  - 34. The software of claim 30, wherein for at least one of the plurality of system users, the compilation of data further comprises an indication of at least one supervisor or manager.
  - 35. The software of claim 30, wherein the status change for the one or more of the plurality of system users comprises a change in access level.
  - 36. The software of claim 30, wherein the status change for the one or more of the plurality of system users comprises a change in home office location.
  - 37. The software of claim 30, wherein the status change for the one or more of the plurality of system users comprises a change in current responsibilities.

38. A system for use in providing identity management for an organization, the system comprising:
- one or more memory modules; and
  
  one or more processing modules operable to;
  
  generate a graphical interface operable to receive instructions necessary for the creation and maintenance of one or more authoritative identity sources, each authoritative identity source comprising a compilation of data for a plurality of system users within an organization, for each of the plurality of system users the compilation of data comprising;
  
  an identifier that is unique within the organization; and
  
  a current relationship with the organization;
  
  generate an audit report on a periodic basis, wherein the audit report provides an indication of current user accounts for at least one of the plurality of users included within the one or more authoritative identity sources; and
  
  modify one or more user-accounts for one or more of the plurality of system users included within the one or more authoritative identity sources, in response to a status change for the one or more of the plurality of system users.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 45)
- - 39. The system of claim 38, wherein the instructions necessary for the creation and maintenance of at least one of the one or more authoritative identity sources is generated by a human resources department.
  - 40. The system of claim 38, wherein for each of the plurality of system users, the compilation of data further comprises an indication of one or more current responsibilities.
  - 41. The system of claim 38, wherein the audit report provides an indication of current user accounts for each of the plurality of users included within the one or more authoritative identity sources.
  - 42. The system of claim 38, wherein for at least one of the plurality of system users, the compilation of data further comprises an indication of at least one supervisor or manager.
  - 43. The system of claim 38, wherein the status change for the one or more of the plurality of system users comprises a change in access level.
  - 44. The system of claim 38, wherein the status change for the one or more of the plurality of system users comprises a change in home office location.
  - 45. The system of claim 38, wherein the status change for the one or more of the plurality of system users comprises a change in current responsibilities.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
McMahon, Piers

Application Number

US11/397,647
Publication Number

US 20070233600A1
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06Q 10/06 Resources, workflows, human...

Identity management maturity system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

82 Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

Identity management maturity system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links