TOKEN-BASED ACCESS CONTROL
First Claim
1. A method comprising:
- assigning, using a processor, a set of workflow specific tokens to a user in response to a workflow event, wherein the set of workflow specific tokens grant the user temporary access to a portion of data;
receiving a request from a workflow tool to allow the user to access data; and
using the workflow specific tokens assigned to the user to determine which portion of the data can be accessed.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for enabling token-based access control to data are provided. In particular, some embodiments use a token-based access management system to allow or restrict an individual'"'"'s ability to access data. The access management system uses tokens to define rules (e.g., a Boolean matching rule or algorithm that results in a true/false output indicating the decision) within the access management system to determine if the token is valid and if the individual should be granted access to the requested data. Tokens may further have tool constraints for controlling access. In some cases, the tokens may expire upon completion of a task or after a pre-set amount of time. A generic workflow utilizing tokens and at least one specific workflow showing employees utilizing tokens as part of performing a task responsive to a user.
-
Citations
20 Claims
-
1. A method comprising:
-
assigning, using a processor, a set of workflow specific tokens to a user in response to a workflow event, wherein the set of workflow specific tokens grant the user temporary access to a portion of data; receiving a request from a workflow tool to allow the user to access data; and using the workflow specific tokens assigned to the user to determine which portion of the data can be accessed. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A token-based access management system comprising:
-
a database having data stored thereon; a workflow engine to receive an event and generate a workflow specific token to temporarily grant access to a portion of the data in order to respond to the event; a communications module to associate the workflow specific token with a user; and a set of tools configured to access the workflow specific token, verify that the user should be granted access to the portion of the data, and allow the user to access the portion of the data. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer-implemented method comprising:
-
generating, using a processor, a set of default tokens for a specific user; generating, using the processor, a set of workflow tokens based on a workflow event, wherein the at least some of the workflow tokens are assigned to the specific user to allow the specific user temporary access to a selected portions of a data set; and determining, upon receiving a request, which portion of the data set the user can access based on the default tokens and workflow specific tokens assigned to the specific user. - View Dependent Claims (17, 18, 19, 20)
-
Specification