Graphical user interface for managing security in a database system
First Claim
1. A graphical user interface for manipulating task groups, the task groups including actions that may be performed on a database system, comprising:
- a graphical display;
a first activation point on the graphical display, for activating creation of a task group;
a second activation point on the graphical display, for activating changes to a task group; and
a display within the graphical display, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group;
wherein the display within the graphical display includes a mechanism for specifying organizational units within a business that the task groups may operate on.
11 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a method for managing security in a database system. The method includes producing a plurality of task groups, the task groups including actions that may be performed on the database. Functional roles are created from these task groups, and a security profile for a user is created by assigning to the user at least one functional role. In one embodiment, the security profile for a user may only be created by assigning functional roles to users. Thus, users may only perform actions on the database that are dictated by defined task groups and functional roles. This allows database security to be controlled by controlling definitions of task groups and functional roles, without requiring exhaustive examination of security profiles for large numbers of individual users.
-
Citations
26 Claims
-
1. A graphical user interface for manipulating task groups, the task groups including actions that may be performed on a database system, comprising:
-
a graphical display; a first activation point on the graphical display, for activating creation of a task group; a second activation point on the graphical display, for activating changes to a task group; and a display within the graphical display, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the graphical display includes a mechanism for specifying organizational units within a business that the task groups may operate on. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A graphical user interface for manipulating a functional role for users of a database system, the functional role including actions that may be performed on a database system, comprising:
-
a graphical interface including a first screen and a second screen; a first activation point on the first screen, for activating creation of a functional role; a second activation point on the first screen, for activating changes to a functional role; a display of task groups within the first screen, the task groups specifying actions that may be performed on the database, the display including activation points for activating task groups to be included in the functional role; a third activation point on the second screen, for activating creation of a task group; a fourth activation point on the second screen, for activating changes to a task group; and a display within the second screen, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the second screen includes a mechanism for specifying organizational units within a business that the task groups may operate on. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A graphical user interface for manipulating a security profile for a user of a database system, the security profile including actions that may be performed on the database system by the user, the graphical user interface comprising:
-
a graphical interface including a first screen and a second screen; a first activation point on the first screen, for activating creation of a security profile for the user; a second activation point on the first screen, for activating changes to a security profile for the user; and a display of functional roles within the first screen, the functional roles specifying actions that may be performed on the database, the display including activation points for activating functional roles to be included in the security profile for the user; a third activation point on the second screen, for activating creation of a task group; a fourth activation point on the second screen, for activating changes to a task group; and a display within the second screen, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the second screen includes a mechanism for specifying organizational units within a business that the task groups may operate on. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A computer readable storage medium storing instructions that when executed by a computer implement a graphical user interface for manipulating task groups, the task groups including actions that may be performed on a database system, the graphical user interface comprising:
-
a graphical display; a first activation point on the graphical display, for activating creation of a task group; a second activation point on the graphical display, for activating changes to an existing task group; and a display within the graphical display, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the graphical display includes a mechanism for specifying organizational units within a business that the task groups may operate on.
-
-
25. A computer readable storage medium storing instructions that when executed by a computer implement a graphical user interface for manipulating a functional role for users of a database system, the functional role including actions that may be performed on a database system, the graphical user interface comprising:
-
a graphical interface including a first screen and a second screen; a first activation point on the first screen, for activating creation of a functional role; a second activation point on the first screen, for activating changes to a functional role; a display of task groups within the first screen, the task groups specifying actions that may be performed on the database, the display including activation points for activating task groups to be included in the functional role; a third activation point on the second screen, for activating creation of a task group; a fourth activation point on the second screen, for activating changes to a task group; and a display within the second screen, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the second screen includes a mechanism for specifying organizational units within a business that the task groups may operate on.
-
-
26. A computer readable storage medium storing instructions that when executed by a computer implement a graphical user interface for manipulating a security profile for a user of a database system, the security profile including actions that may be performed on the database system by the user, the graphical user interface comprising:
-
a graphical interface including a first screen and a second screen; a first activation point on the first screen, for activating creation of a security profile for the user; a second activation point on the first screen, for activating changes to a security profile for the user; a display of functional roles within the first screen, the functional roles specifying actions that may be performed on the database, the display including activation points for activating functional roles to be included in the security profile for the user; a third activation point on the second screen, for activating creation of a task group; a fourth activation point on the second screen, for activating changes to a task group; and a display within the second screen, for displaying a plurality of actions that may be performed on the database, including activation points for activating actions to be included in the task group; wherein the display within the second screen includes a mechanism for specifying organizational units within a business that the task groups may operate on.
-
Specification