QUALITY ASSURANCE CHECKS OF ACCESS RIGHTS IN A COMPUTING SYSTEM
First Claim
1. A system for ensuring the quality of identity and access management information at a computing system comprising:
- at least one processor; and
a data store that stores access right information respectively corresponding to one or more access rights of a computing system wherein the access right information is stored in accordance with a data model that defines respective relationships between the one or more access rights and i) users having access to the computing system, and ii) computing resources of the computing system;
memory storing instructions that, when executed by the at least one processor, cause the system toretrieve at least a portion of the access right information respectively corresponding to the one or more access rights of the computing system, andperform one or more quality assurance tasks using the portion of the access right information retrieved.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for ensuring the quality of identity and access management information at a computing system are described. Access right information that respectively corresponds to one or more access rights may be stored at a data store. The access right information may be stored in accordance with a data model that defines respective relationships between the access rights and both the users having access to the computing system and the computing resources of the computing system. At least a portion of the access right information may be retrieved, and quality assurance tasks may be performed using the portion of the access right information retrieved.
20 Citations
20 Claims
-
1. A system for ensuring the quality of identity and access management information at a computing system comprising:
-
at least one processor; and a data store that stores access right information respectively corresponding to one or more access rights of a computing system wherein the access right information is stored in accordance with a data model that defines respective relationships between the one or more access rights and i) users having access to the computing system, and ii) computing resources of the computing system; memory storing instructions that, when executed by the at least one processor, cause the system to retrieve at least a portion of the access right information respectively corresponding to the one or more access rights of the computing system, and perform one or more quality assurance tasks using the portion of the access right information retrieved. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-implemented method of ensuring the quality of identity and access management information at a computing system comprising:
-
storing, at a data store, access right information respectively corresponding to one or more access rights of a computing system wherein the access right information is stored in accordance with a data model that defines respective relationships between the one or more access rights and i) users having access to the computing system, and ii) computing resources of the computing system; retrieve at least a portion of the access right information respectively corresponding to the one or more access rights of the computing system; and performing one or more quality assurance tasks using the portion of the access right information retrieved. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. Non-transitory computer-readable media having instructions, that when executed by a processor of a computing device, cause the computing device to:
-
retrieve access right information respectively corresponding to one or more access rights of a computing system; perform one or more quality assurance tasks using the access right information; and wherein the one or more quality assurance tasks include a first quality assurance task comprising determining whether a set of access rights associated with a role defined at the computing system matches a set of requested access rights specified in an access grant request, a second quality assurance task comprising determining whether to provide an access change request to an access request system or deny the access change request based on whether a requested change specified in the access change request has already occurred, a third quality assurance task comprising determining whether a provisioned access right of the computing system corresponds to an access right reported as having been used to access a computing resource of the computing system, and a fourth quality assurance task comprising determining whether an incomplete action item associated with an access right of the computing system has been incomplete for longer than a duration threshold.
-
Specification