Method for Data Access Control of Third Parties in a Multitenant System
First Claim
1. ) A computer executable method for controlling user'"'"'s access to transaction data in the context of a service in a multitenant data management system comprising data of:
- a first organization,a second organization providing at least one service,at least one user representing the second organization, anda transaction associable by its content with the first organization,wherein the method comprises steps;
receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service,verifying the secondary stakeholder status of the second organization regarding the transaction,verifying the validity of a chain of trust between the user of the request and the second organization in the context, andconditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention discloses, inter alia, a computer executable method for controlling user'"'"'s access to transaction data in the context of a service in a multitenant data management system comprising data of a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization. The method comprises steps for receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service, verifying the secondary stakeholder status of the second organization regarding the transaction, verifying the validity of a chain of trust between the user of the request and the second organization in the context, and conditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service.
15 Citations
11 Claims
-
1. ) A computer executable method for controlling user'"'"'s access to transaction data in the context of a service in a multitenant data management system comprising data of:
-
a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization, wherein the method comprises steps; receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service, verifying the secondary stakeholder status of the second organization regarding the transaction, verifying the validity of a chain of trust between the user of the request and the second organization in the context, and conditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. ) A computer arrangement for controlling user'"'"'s access to transaction data in the context of a service in a multitenant data management system comprising data of:
-
a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization, wherein the arrangement comprises means for; receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service, verifying the secondary stakeholder status of the second organization regarding the transaction, verifying the validity of a chain of trust between the user of the request and the second organization in the context, and conditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service.
-
-
11. ) A computer program product stored in a tangible storage medium for controlling user'"'"'s access to transaction data in the context of a service in a multitenant data management system comprising data of:
-
a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization, wherein the program product comprises computer executable instructions for; receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service, verifying the secondary stakeholder status of the second organization regarding the transaction, verifying the validity of a chain of trust between the user of the request and the second organization in the context, and conditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service.
-
Specification