PERMISSION CONTROL

US 20160132686A1
Filed: 11/10/2014
Published: 05/12/2016
Est. Priority Date: 11/10/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-readable medium containing instructions to configure at least one processor to cause operations comprising:

receiving a request to access data;

determining, from the request, one or more attributes representative of an identity of an entity making the request and a type of the data;

sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database;

approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database;

rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database; and

sending, by the permission controller, a conflict request to add another use case to the use case database, when the response to the query indicates the matching use case was not found in the use case database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some example implementations, there is provided a method including determining, from a received request, one or more attributes; sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database; approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database; rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database.

22 Citations

View as Search Results

20 Claims

1. A computer-readable medium containing instructions to configure at least one processor to cause operations comprising:
- receiving a request to access data;
  
  determining, from the request, one or more attributes representative of an identity of an entity making the request and a type of the data;
  
  sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database;
  
  approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database;
  
  rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database; and
  
  sending, by the permission controller, a conflict request to add another use case to the use case database, when the response to the query indicates the matching use case was not found in the use case database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-readable medium of claim 1, wherein the request to access data represents an access to at least one of an application, a service, a feature, or a data item.
  - 3. The computer-readable medium of claim 1, wherein the determining further comprises:
    - determining an owner of the data.
  - 4. The computer-readable medium of claim 3 further comprising:
    - forming the query to include the attributes, the attributes including the identity of the entity making the request, the type of the data, and the owner of the data.
  - 5. The computer-readable medium of claim 1 further comprising:
    - receiving, from the use case database, the response to the query.
  - 6. The computer-readable medium of claim 1, wherein the sending the conflict request further comprises:
    - sending, to an arbitrator, the conflict request including the attributes, the attributes including the identity of the entity making the request, the type of the data, and the owner of the data.
  - 7. The computer-readable medium of claim 6 further comprising:
    - receiving, from the arbitrator, an indication of whether the conflict request resulted in an approval to access the data.
  - 8. The computer-readable medium of claim 7 further comprising:
    - sending, by the permission controller when the indication represents the approval, another query to the use case database, the other query including the identity of the entity making the request, the type of the data, and the owner of the data, wherein the use case includes an update provided by the arbitrator, the update representing a use case matching the other query.
  - 9. The computer-readable medium of claim 7 further comprising:
    - sending, by the permission controller, an access denied message, when the indication represents the approval.
  - 10. The computer-readable medium of claim 1, wherein the matching use case matches the attributes.

11. A system comprising:
- at least one processor; and
  
  at least one memory including program code which when executed by the at least one processor causes operations comprising;
  
  receiving a request to access data;
  
  determining, from the request, one or more attributes representative of an identity of an entity making the request and a type of the data;
  
  sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database;
  
  approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database;
  
  rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database; and
  
  sending, by the permission controller, a conflict request to add another use case to the use case database, when the response to the query indicates the matching use case was not found in the use case database.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, wherein the request to access data represents an access to at least one of an application, a service, a feature, or a data item.
  - 13. The system of claim 11, wherein the determining further comprises:
    - determining an owner of the data.
  - 14. The system of claim 13 further comprising:
    - forming the query to include the attributes, the attributes including the identity of the entity making the request, the type of the data, and the owner of the data.
  - 15. The system of claim 14 further comprising:
    - receiving, from the use case database, the response to the query.
  - 16. The system of claim 15, wherein the sending the conflict request further comprises:
    - sending, by the permission controller when the indication represents the approval, another query to the use case database, the other query including the identity of the entity making the request, the type of the data, and the owner of the data, wherein the use case includes an update provided by the arbitrator, the update representing a use case matching the other query.
  - 17. The system of claim 16 further comprising:
    - receiving, from the arbitrator, an indication of whether the conflict request resulted in an approval to access the data.

18. A method comprising:
- receiving a request to access data;
  
  determining, from the request, one or more attributes representative of an identity of an entity making the request and a type of the data;
  
  sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database;
  
  approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database;
  
  rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database; and
  
  sending, by the permission controller, a conflict request to add another use case to the use case database, when the response to the query indicates the matching use case was not found in the use case database.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the request to access data represents an access to at least one of an application, a service, a feature, or a data item.
  - 20. The method of claim 18, wherein the determining further comprises:
    - determining an owner of the data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Successfactors Incorporated (SAP SE)
Original Assignee
Successfactors Incorporated (SAP SE)
Inventors
Peng, Yang

Granted Patent

US 9,542,570 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/604 Tools and structures for ma...

G06F 21/6218 to a system of files or obj...

PERMISSION CONTROL

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PERMISSION CONTROL

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links