ACCESS PERMISSIONS MANAGEMENT SYSTEM AND METHOD
First Claim
1. An access permissions management system comprising:
- a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein;
some of said multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto;
some of said multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited; and
some of said multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions; and
an access permissions redundancy prevention engine operative to ascertain which of said unique access permissions are redundant with inherited access permissions and responsively thereto not to store said unique access permissions which are redundant with inherited access permissions in said repository.
1 Assignment
0 Petitions
Accused Products
Abstract
An access permissions management system including a hierarchical access permissions repository including access permissions relating to data elements arranged in a data element hierarchy, wherein some of the data elements have only access permissions which are inherited from ancestral data elements, some of the multiplicity of data elements are prevented from having inherited access permissions and thus have only unique access permissions which are not inherited and some of the data elements are not prevented from having inherited access permissions and have not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and an access permissions redundancy prevention engine operative to ascertain which of the unique access permissions are redundant with inherited access permissions and not to store the unique access permissions which are redundant with inherited access permissions in the repository.
24 Citations
4 Claims
-
1. An access permissions management system comprising:
-
a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein; some of said multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto; some of said multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited; and some of said multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions; and an access permissions redundancy prevention engine operative to ascertain which of said unique access permissions are redundant with inherited access permissions and responsively thereto not to store said unique access permissions which are redundant with inherited access permissions in said repository.
-
-
2. An access permissions management system comprising:
-
a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein; some of said multiplicity of data elements are inherited data elements, which have associated therewith only access permissions which are inherited from data elements ancestral thereto; some of said multiplicity of data elements are protected data elements, which are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited; and some of said multiplicity of data elements are hybrid data elements, which are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions; and an access permissions overlap prevention engine operative to ascertain which of said unique access permissions associated with a protected data element are identical to access permissions associated with a data element immediately above said protected data element in said hierarchy and responsively thereto not to store said unique access permissions which are associated with said protected data element.
-
-
3. An access permissions management method comprising:
-
maintaining a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein; some of said multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto; some of said multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited; and some of said multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions; and preventing access permissions redundancy by ascertaining which of said unique access permissions are redundant with inherited access permissions and responsively thereto not to store said unique access permissions which are redundant with inherited access permissions in said repository.
-
-
4. An access permissions management method comprising:
-
maintaining a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein; some of said multiplicity of data elements are inherited data elements, which have associated therewith only access permissions which are inherited from data elements ancestral thereto; some of said multiplicity of data elements are protected data elements, which are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited; and some of said multiplicity of data elements are hybrid data elements, which are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions; and preventing access permissions overlap by ascertaining which of said unique access permissions associated with a protected data element are identical to access permissions associated with a data element immediately above said protected data element in said hierarchy and responsively thereto not to store said unique access permissions which are associated with said protected data element.
-
Specification