Method and system for providing access security to controls in a graphical user interface

US 5,550,968 A
Filed: 04/12/1994
Issued: 08/27/1996
Est. Priority Date: 04/12/1994
Status: Expired due to Fees

First Claim

Patent Images

1. A method for limiting access to information in predetermined controls of windows in a graphical user interface, comprising the steps of:

during creation of a window having a predetermined control, sizing an opening for the predetermined control and defining an area for the predetermined control within the window;

sizing an obscuring member and defining an area for the obscuring member within the window so that the information in the predetermined control will be obscured from view when the window is displayed; and

displaying the window with the information in the predetermined control obscured from view by the obscuring member.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing restricted access to controls of a graphical user interface. An object-oriented subclass is selectively applied to individual controls, so that upon creation or opening of a window having any such controls, a region of obscuration is defined which shields control information from view. Access may then be obtained by entry of an authorized password. Alternatively, a determination may be made during the creation or opening of a window as to whether the user or terminal is authorized, and if not, a region of obscuration is defined and displayed over the control information. Different levels of access to the control information may also be provided, such as view only and view and manipulate.

Citations

33 Claims

1. A method for limiting access to information in predetermined controls of windows in a graphical user interface, comprising the steps of:
- during creation of a window having a predetermined control, sizing an opening for the predetermined control and defining an area for the predetermined control within the window;
  
  sizing an obscuring member and defining an area for the obscuring member within the window so that the information in the predetermined control will be obscured from view when the window is displayed; and
  
  displaying the window with the information in the predetermined control obscured from view by the obscuring member.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method according to claim 1, further comprising the step of:
    - during creation of the window, sizing a secure control access button and defining an area for the button within the window,wherein said displaying step further comprises displaying the secure control access button.
  - 3. A method according the claim 2, further comprising the steps of:
    - upon selection of the secure control access button by a user, sizing a password control and defining an area for the password control within the window;
      
      displaying the password control;
      
      upon entry of a password by the user, determining whether the password is authorized;
      
      if the entered password is authorized, deleting the obscuration and providing a password dependent level of access to the information of the predetermined control; and
      
      if the password is not authorized, denying access to the information of the predetermined control.
  - 4. A method according to claim 3, further comprising the step of:
    - terminating the user session if the user unsuccessfully attempts to enter a password more than a predetermined number of times.
  - 5. A method according to claim 3, further comprising the step of:
    - re-obscuring the information of the predetermined control if the information has been visible for more than a predetermined amount of time.
  - 6. A method according to claim 3, wherein in said deleting and providing step, the level of access to the information is view only if the password is a view-only level password and is view and manipulate only if the password is a view and manipulate level password.
  - 7. A method according to claim 1, wherein the obscuring member is a slide panel which fits over the area of the predetermined control.
  - 8. A method according to claim 1, wherein the obscuring member has characteristics such that the existence of the predetermined control is not determinable by viewing the window.

9. In a computing environment including a processor, memory and a display, a system for limiting access to selected controls of a window of a software application, comprising:
- means for obscuring information of a selected control of a window normally presented to a user via the display upon creation of the window;
  
  means for recognizing a request from the user to access the obscured information of the selected control; and
  
  means for determining whether the user is authorized to access the obscured information and permitting access if the user is authorized.
- View Dependent Claims (10, 11, 12, 13)
- - 10. A system according to claim 9, wherein said determining means further comprises means for requesting entry of a password, means for receiving an entered password, and means for determining whether the entered password is valid for gaining access to the obscured information.
  - 11. A system according to claim 9, wherein said determining means provides different levels of access to the obscured information depending on an authorization level of the user.
  - 12. A system according to claim 9, further comprising means for closing the application upon the user unsuccessfully requesting access to the obscured information a predetermined number of attempts.
  - 13. A system according to claim 9, further comprising means for re-obscuring the information in the selected control after the information has been accessible for a predetermined amount of time.

14. A method for restricting access to information in predetermined controls of windows in a graphical user interface, comprising the steps of:
- during creation of a window having a predetermined control, determining whether a user requesting creation of the window is authorized to access the control;
  
  if the requesting user is authorized, sizing and defining the predetermined control within the window and displaying the predetermined control within the window so that the information in the predetermined control is accessible;
  
  if the requesting user is not authorized, sizing and defining the predetermined control within the window, sizing and defining a region of obscuration coincidental with at least the information in the predetermined control, and displaying the predetermined control within the window so that the information is obscured from view by the region of obscuration.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. A method according to claim 14, further comprising the step of, after the elapse of a predetermined period of time following the displaying of the predetermined control with the information accessible, sizing and defining a region of obscuration coincidental with at least the information in the predetermined control and displaying the region of obscuration over the information.
  - 16. A method according to claim 14, wherein said determining step further comprises checking a user identification of the user with an authorization repository to determine an authorization level of the user.
  - 17. A method according to claim 14, wherein said determining step further comprises determining a level of access permitted for a workstation for which the window is being created by checking on identification for the workstation with an authorization repository.
  - 18. A method according to claim 14, further comprising, if the requesting user is not authorized, the steps of:
    - sizing and defining in the window and displaying a control access request button;
      
      upon selection of the control access button by the user, sizing a password control and defining an area for the password control within the window;
      
      displaying the password control;
      
      upon entry of a password by the user, determining whether the password is authorized;
      
      if the entered password is authorized, deleting the obscuration and providing a password dependent level of access to the information of the predetermined control; and
      
      if the password is not authorized, denying access to the information of the predetermined control.
  - 19. A method according to claim 18, further comprising the step of:
    - terminating the user session if the user unsuccessfully attempts password entry more than a predetermined number of times.

20. In a computing environment including a processor, memory and a display, a system for selectively permitting access by users to limited access controls included in windows of a software program, comprising:
- means for determining whether a user is authorized to access a limited access control of a window during creation of the window;
  
  means for denying access to the limited access control if said determining means determines that the user is not authorized; and
  
  means for providing an authorized level of access to the limited access control if said determining means determines that the user is authorized.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. A system according to claim 20, wherein the authorized levels of access include view only access to information in the limited access control and view and manipulate access to information in the limited access control.
  - 22. A system according to claim 20, when said access denying means comprises an obscuring member positioned coincidentally within the window to at least information included in the limited access control.
  - 23. A system according to claim 22, wherein the obscuring member is a slide panel which covers the limited access control.
  - 24. A system according to claim 23, wherein the obscuring member covers the limited access control so that whether the limited access control exists cannot be determined by viewing the window.
  - 25. A system according to claim 20, further comprising means for recognizing a request from the user to access the limited access control to which said denying means initially denied access.
  - 26. A system according to claim 20, further comprises means for terminating access to the limited access control after access to the limited access control has been provided for a limited access period of time.
  - 27. A system according to claim 20, wherein said determining means establishes an identity of a workstation being used by the user and compares the identity with an access authorization list to determine whether the user is authorized to access the limited access control.

28. A class included on media for providing limited user interaction to controls defined in a graphical user interface to which said object class is applied, comprising:
- means for defining and sizing a limited access region within the graphical user interface coincidental to at least information included in a control to which said object class has been applied during creation of the control for display purposes;
  
  means for limiting user interaction to the information in the control within the limited access region; and
  
  means for processing requests to interact with the information in the limited access region.
- View Dependent Claims (29, 30, 31)
- - 29. A class according to claim 28, wherein said processing means further comprises means for sizing and defining a password access request control within the graphical user interface and causing the password access request control to be displayed, means for determining a level of access to the information to which an input password corresponds, and means for providing the user with the determined level of access to the information.
  - 30. A class according to claim 29, wherein the levels of access include no access, view only, and view and manipulate.
  - 31. A class according to claim 28, wherein the limited access region is a region of obscuration which shields the information from view and prevents user manipulation of the information.

32. A class stored on media for providing limited user interaction to controls defined in a graphical user interface to which said object class is applied, comprising:
- means for discovering a level of access to a control to which said object class has been applied to which a user is authorized upon a user requesting creation of a window including the control; and
  
  means for limiting user interaction to the information in the control in accordance with the level of access.
- View Dependent Claims (33)
- - 33. A class according to claim 32, further comprising:
    - means for processing requests to interact with the information in the control.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Miller, Steven M., Redpath, Richard J.
Primary Examiner(s)
Powell, Mark R.
Assistant Examiner(s)
HO, RUAY L

Application Number

US08/226,529
Time in Patent Office

868 Days
Field of Search

395/153, 395/154, 395/155, 395/156, 395/157, 395/158, 395/159, 395/160, 395/161, 395/187.01, 380/55, 370/85.6
US Class Current

715/741
CPC Class Codes

G06F 21/31   User authentication

G06F 21/84   output devices, e.g. displa...

G06F 3/0481   based on specific propertie...

Method and system for providing access security to controls in a graphical user interface

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing access security to controls in a graphical user interface

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links