Access Reviews at IAM System Implementing IAM Data Model
First Claim
1. A computer-implemented method for conducting access reviews of access rights to logical computing resources comprising:
- receiving, at an access reviewer, a selection that indicates a user having access to one or more logical computing resources of a computer system;
identifying, by the access reviewer, a set of current logical computing resources the user has access to;
identifying, by the access reviewer, a set of current logical entitlements associated with the user; and
generating an access review summary based on a comparison of one or more of the current logical computing resources to one or more of the current logical entitlements.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods of conducting access reviews of access rights to logical computing resources are provided. An access reviewer may receive a selection indicating a user having access to one or more logical computing resources of a computer system. The access reviewer may identify a set of current logical computing resources that the user has access to and a set of current logical entitlements associated with the user. The access reviewer may generate an access review summary based on a comparison of the current logical computing resources to one or more of the current logical entitlements.
9 Citations
20 Claims
-
1. A computer-implemented method for conducting access reviews of access rights to logical computing resources comprising:
-
receiving, at an access reviewer, a selection that indicates a user having access to one or more logical computing resources of a computer system; identifying, by the access reviewer, a set of current logical computing resources the user has access to; identifying, by the access reviewer, a set of current logical entitlements associated with the user; and generating an access review summary based on a comparison of one or more of the current logical computing resources to one or more of the current logical entitlements. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for conducting access reviews of access rights to logical computing resources comprising:
-
a processor; an access request handler that, in operation, receives an access request, derives a set of logical entitlements for a user based at least in part on the access request, and initiates provisioning of access to a logical computing resource specified in the access request; and an access reviewer that, in operation, identifies a set of current logical computing resources the user has access to, identifies a set of current logical entitlements associated with the user, and generates an access review summary based on a comparison of the set of current logical computing resources to the set of current logical entitlements. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform steps for conducting access reviews of access rights to logical computing resources, the steps comprising:
-
receiving, at an access reviewer, a selection that indicates a user having access to one or more logical computing resources of a computer system; obtaining, by the access reviewer, a set of current logical computing resources the user has access to and a set of current logical entitlements associated with the user; presenting the set of current logical computing resources and the set of current logical entitlements at a display device for comparison. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification