TECHNIQUES FOR PROJECT LIFECYCLE STAGED-BASED ACCESS CONTROL
First Claim
Patent Images
1. A method, comprising:
- acquiring access control rights for a first stage of a first processing environment, wherein the first stage is one of a plurality of other stages associated with a lifecycle of a project; and
enforcing the access control rights against requesting resources that access the first processing environment in response to identities associated with the requesting resources and policies associated with the identities that map to portions of the access control rights, and wherein the access control rights are additional security limitations layered on top of and in addition to existing security limitations for the first processing environment.
7 Assignments
0 Petitions
Accused Products
Abstract
Techniques for project lifecycle staged-based access control are provided. Access control rights are defined for a stage of a project'"'"'s lifecycle. As requestors transition to the stage, the access control rights are enforced on top of any existing security restrictions. In an embodiment, selective resources are not visible to requesters within the stage in response to the access control rights.
-
Citations
26 Claims
-
1. A method, comprising:
-
acquiring access control rights for a first stage of a first processing environment, wherein the first stage is one of a plurality of other stages associated with a lifecycle of a project; and enforcing the access control rights against requesting resources that access the first processing environment in response to identities associated with the requesting resources and policies associated with the identities that map to portions of the access control rights, and wherein the access control rights are additional security limitations layered on top of and in addition to existing security limitations for the first processing environment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
authenticating a requesting resource to a first stage of a project within a first processing environment, wherein the first stage includes a plurality of first resources; acquiring access control rights in response to an authenticated identity associated with the requesting resource; enforcing existing security restrictions for the first resources, wherein the existing security restrictions are defined outside the context of the access control rights and are associated with the first processing environment or the first resources; and selectively presenting to the requesting resource some of the first resources or some attributes or operations of the first resources in response to enforcing the access control rights on top of the existing security restrictions. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system, comprising:
-
an identity service implemented in a machine-accessible and readable medium and to process on a machine; and a staged-based access control service implemented in a machine-accessible and readable medium and to process on the machine or a different machine, wherein the staged-based access control service is to enforce access control rights against requesting resources attempting to access target resources and within a context of a particular stage of a particular project, the staged-based access control service interacts with the identity service to authenticate the requesting resources before enforcing the access control rights and the access control rights are enforced on top of existing security restrictions associated with a particular processing environment having the target resources. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system, comprising:
-
a graphical user interface (GUI) tool implemented in a machine-accessible and readable medium and is accessible to one or more machines; and a policy repository implemented in a machine-accessible and readable medium and accessible to the GUI tool, wherein the GUI tool dynamically interacts with an administrative resource to define access control rights for a stage associated with a lifecycle of a project, wherein the stage includes a variety of stage-specific resources, and wherein the access control rights are defined via policies for the stage and housed in the policy repository and subsequently dynamically enforced against requesting resources that transition into the stage and the policies also subsequently enforced on top of existing security limitations associated with a processing environment of the stage-specific resources. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification