ROLE-BASED ACCESS CONTROL MODELING AND AUDITING SYSTEM
First Claim
1. A computer-implemented method, comprising:
- presenting one or more first user interface elements that allow a user to access or create a first security role, the first security role having one or more permissions associated therewith; and
subsequent to the user accessing or creating the first security role via the one or more first user interface elements, presenting one or more second user interface elements that indicate at least one of;
information that can be viewed by a user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with a first software application, andone or more actions that can be performed by the user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with the first software application.
3 Assignments
0 Petitions
Accused Products
Abstract
A role-based access control (RBAC) modeling and auditing system is described that enables a user to access and/or create security roles that can be applied to users of a first software application. When a security role having a particular set of permissions has been accessed or created, the system can present a simulated user interface (UI) that indicates information that can be viewed and/or actions that can be performed by a user to whom the security role has been assigned when interacting with the first software application. The system may further provide “run as” functionality that enables a simulated UI to be generated for a particular user and that can display the security role(s) associated with the particular user. The system may be embodied in a second software application, such as a tool that is associated with the first software application.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
presenting one or more first user interface elements that allow a user to access or create a first security role, the first security role having one or more permissions associated therewith; and subsequent to the user accessing or creating the first security role via the one or more first user interface elements, presenting one or more second user interface elements that indicate at least one of; information that can be viewed by a user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with a first software application, and one or more actions that can be performed by the user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with the first software application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
one or more processors; and a storage medium that stores computer program logic that is executable by the one or more processors, the computer program logic comprising; first computer program logic that is programmed to cause the one or more processors to present one or more first user interface elements that allow a user to access or create a first security role, the first security role having one or more permissions associated therewith; and second computer program logic that is programmed to cause the one or more processors to present one or more second user interface elements concurrently with the one or more first user interface elements, the one or more second user interface elements indicating; information that can be viewed by a user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with a first software application, and one or more actions that can be performed by the user to whom the first security role has been assigned when the user to whom the first security role has been assigned interacts with the first software application. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer-implemented method, comprising:
-
presenting one or more first user interface elements that allow a first user to input an identifier of a second user of a first software application; and subsequent to the user inputting the identifier of the second user via the first user interface; identifying one or more security roles assigned to the second user based on the identifier of the second user; generating one or more second user interface elements based at least on the identified one or more security roles, the one or more second user interface elements indicating of at least one of; information that can be viewed by the second user when the second user interacts with the first software application, and one or more actions that can be performed by the second user when the second user interacts with the first software application; and presenting the one or more second user interface elements. - View Dependent Claims (19, 20)
-
Specification