COMPUTERIZED MANAGEMENT OF GROUPING ACCESS RIGHTS
First Claim
Patent Images
1. A method comprising:
- receiving transaction activity;
analyzing the transaction activity by comparing actual utilization of one or more transactions in the transaction activity to a permitted list of transactions to determine a set of one or more transactions to be assigned to a grouping,assigning the set of one or more transactions to the grouping; and
assigning the grouping to one or more users.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus determine a set of transactions that may be assigned to a grouping within a computer system or application. The set of transactions may be analyzed and assigned on the basis of statistical analysis of the actual usage versus current authorizations. In addition, the set of transactions may be analyzed for policy conflicts. The assignment of transactions to groupings may further be determined according to the presence of policy conflicts. Additionally, groupings may be assigned to users based on organizational characteristics such as membership in a company, division, department, business unit, or vocation.
65 Citations
21 Claims
-
1. A method comprising:
-
receiving transaction activity; analyzing the transaction activity by comparing actual utilization of one or more transactions in the transaction activity to a permitted list of transactions to determine a set of one or more transactions to be assigned to a grouping, assigning the set of one or more transactions to the grouping; and assigning the grouping to one or more users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable medium having computer executable instructions for causing one or more processors to perform a method, the method comprising:
-
receiving transaction activity; analyzing the transaction activity by comparing actual utilization of one or more transactions in the transaction activity to a permitted list of transactions to determine a set of one or more transactions to be assigned to a grouping; and assigning the set of one or more transactions to the grouping.
-
-
21. A system comprising:
-
A group data manager operable to receive a set of transaction activity representing actual access patterns and to produce a set of activity records for a set of users; and a group building engine operable to; receive a set of permitted activities, receive the set of activity records, receive a set of rules, analyze the set of activity records and the set of permitted activities to determine according to the set of rules a set of one or more transactions to be assigned to a grouping, assign the set of one or more transactions to the grouping, and assigning the grouping to one or more users.
-
Specification