ROLE-BASED ACCESS CONTROL UTILIZING TOKEN PROFILES
First Claim
Patent Images
1. A method, implemented by a token processing system (TPS) of a computing system programmed to perform operations, comprising:
- receiving, by the TPS, a request of a TPS user to perform an operation on entries of a token database, wherein each of the entries of the token database is associated with a token assigned to one of a plurality of groups;
identifying a subset of the plurality of groups that corresponds to the token entries indicated in the request of the TPS user;
determining to which of the identified groups the TPS user belongs;
for each group the TPS user belongs, determining a corresponding role for the TPS user, wherein the corresponding role defines the TPS user'"'"'s access privileges to the entries corresponding to tokens in the respective group; and
for each group the TPS user belongs, allowing the TPS user access to the entries of the respective group to perform the operation when the TPS user has the appropriate role assigned within the respective group.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for managing role-based access control of token data using token profiles is described.
44 Citations
20 Claims
-
1. A method, implemented by a token processing system (TPS) of a computing system programmed to perform operations, comprising:
-
receiving, by the TPS, a request of a TPS user to perform an operation on entries of a token database, wherein each of the entries of the token database is associated with a token assigned to one of a plurality of groups; identifying a subset of the plurality of groups that corresponds to the token entries indicated in the request of the TPS user; determining to which of the identified groups the TPS user belongs; for each group the TPS user belongs, determining a corresponding role for the TPS user, wherein the corresponding role defines the TPS user'"'"'s access privileges to the entries corresponding to tokens in the respective group; and for each group the TPS user belongs, allowing the TPS user access to the entries of the respective group to perform the operation when the TPS user has the appropriate role assigned within the respective group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A certificate system, comprising:
-
a data storage device to store a plurality of token profiles, wherein each of the plurality of token profiles corresponds to one of a plurality of groups, each of the plurality of groups having a plurality of tokens, and wherein each of the plurality of token profiles specifies a role that defines the TPS user'"'"'s access privileges to entries of a token database corresponding to the tokens in the respective group; and a first server, comprising a token processing system (TPS), coupled to the data storage device, wherein the TPS is configured to receive a request of a TPS user to perform an operation on the entries of the token database, to identify a subset of the plurality of groups that corresponds to the token entries indicated in the request of the TPS user, and to determine to which of the identified groups the TPS user belongs, and for each group the TPS user belongs, the TPS is configured to determine a corresponding role for the TPS user and to allow the TPS user access to entries of the respective group to perform the operation when the TPS user has the appropriate role assigned within the respective group. - View Dependent Claims (16, 17)
-
-
18. A machine-readable storage medium having instructions, which when executed, cause a token processing system (TPS) of a computing system to perform a method, the method comprising:
-
receiving, by the TPS, a request of a TPS user to perform an operation on entries of a token database, wherein each of the entries of the token database is associated with a token assigned to one of a plurality of groups; identifying a subset of the plurality of groups that corresponds to the token entries indicated in the request of the TPS user; determining to which of the identified groups the TPS user belongs; for each group the TPS user belongs, determining a corresponding role for the TPS user, wherein the corresponding role defines the TPS user'"'"'s access privileges to the entries corresponding to tokens in the respective group; and for each group the TPS user belongs, allowing the TPS user access to the entries of the respective group to perform the operation when the TPS user has the appropriate role assigned within the respective group. - View Dependent Claims (19, 20)
-
Specification