ACCESS CONTROL MANAGEMENT MAPPING RESOURCE/ACTION PAIRS TO PRINCIPALS
First Claim
1. A computer-implemented process for managing access control to one or more resources, comprising:
- using a computing device for;
mapping to each resource/action pair of a set of resource/action pairs a corresponding list of authorized principals that are authorized to perform the action on the resource; and
displaying names of the authorized principals mapped to each resource/action pair on a display device of the computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
The access control management technique described herein manages access control to one or more resources. Rather than mapping individuals or groups to permissions, the technique maps each permission (the right to perform an action on a resource) to the list of authorized principals (the users and groups authorized to perform the action on the resource). These lists are written in text form just as one would write the list of recipients (individuals and groups) of an email composition window. The technique also provides various operations to allow a user to manage the list of authorized principals and the authorizations assigned to a principal to access the resource/action pair.
26 Citations
20 Claims
-
1. A computer-implemented process for managing access control to one or more resources, comprising:
using a computing device for; mapping to each resource/action pair of a set of resource/action pairs a corresponding list of authorized principals that are authorized to perform the action on the resource; and displaying names of the authorized principals mapped to each resource/action pair on a display device of the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. An access control management system for managing access control of one or more actions that a user is authorized to perform on a resource, comprising:
-
a general purpose computing device; a computer program comprising program modules executable by the general purpose computing device, wherein the computing device is directed by upon execution of the program modules of the computer program to, map to a resource/action pair a list of one or more authorized principals authorized to perform the corresponding action of the resource/action pair on the resource of the resource/action pair. - View Dependent Claims (14, 15, 16)
-
-
17. A computer-implemented process for managing access control to one or more resources, comprising:
using a computing device for; mapping to each resource/role pair of a set of resource/role pairs, wherein a role further comprises a set of authorized actions, a list of the names of one or more authorized principals that are authorized to perform the corresponding set of authorized actions of the resource/role pair on the corresponding resource; displaying the names of the authorized principals on the list of authorized principals next to the corresponding resource/role pairs on a display device of the computing device; and allowing a user to manipulate the displayed names of authorized principals on the list of authorized principals mapped to each resource/role pair in order to manage the action authorization an authorized principal has on the corresponding resource. - View Dependent Claims (18, 19, 20)
Specification