Role Engineering Scoping and Management
First Claim
1. A method, in a data processing system, for performing a role engineering project for applying security roles to access operations targeting resources, comprising:
- receiving, by the data processing system, a plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system;
receiving, by the data processing system, one or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project, wherein the one or more filter criteria specify a scope of the role engineering project;
applying, by the data processing system, the one or more filter criteria to generate the subset of data objects;
performing, in the data processing system, role engineering project operations on the subset of data objects to generate one or more security roles; and
deploying, by the data processing system, the one or more security roles to the organization computing system to control access operations targeting resources of the organization computing system.
1 Assignment
0 Petitions
Accused Products
Abstract
Mechanisms are provided for performing a role engineering project for applying security roles to access operations targeting resources. A plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system are received. One or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project are received. The one or more filter criteria specify a scope of the role engineering project. The one or more filter criteria are applied to generate the subset of data objects. Role engineering project operations are performed on the subset of data objects to generate one or more security roles. The one or more security roles are deployed to the organization computing system to control access operations targeting resources of the organization computing system.
26 Citations
10 Claims
-
1. A method, in a data processing system, for performing a role engineering project for applying security roles to access operations targeting resources, comprising:
-
receiving, by the data processing system, a plurality of data objects representing one or more user identities, permissions, and resources of an organization computing system; receiving, by the data processing system, one or more filter criteria for filtering the plurality of data objects to generate a subset of data objects for consideration during the role engineering project, wherein the one or more filter criteria specify a scope of the role engineering project; applying, by the data processing system, the one or more filter criteria to generate the subset of data objects; performing, in the data processing system, role engineering project operations on the subset of data objects to generate one or more security roles; and deploying, by the data processing system, the one or more security roles to the organization computing system to control access operations targeting resources of the organization computing system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10-25. -25. (canceled)
Specification