Administrative roles that govern access to administrative functions
First Claim
1. A method of distributing administration functions of an access control computer system to multiple users of the system, comprising the computer implemented steps of:
- storing information that defines one or more administrative roles, in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions;
storing information that associates one or more of the administrative roles with at least one of the users of the access control computer;
receiving from the user a request to execute one of the administrative functions; and
executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing the administrative function.
6 Assignments
0 Petitions
Accused Products
Abstract
Described is a method that comprises storing information that defines administration roles, that associates a user with one or more of the administrative roles, and that associates each administration role with one or more administrative privileges. An administrative privilege authorizes at least one administrative function. When the user requests the execution of an administrative function, the requests is honored only when one of the user'"'"'s administrative roles includes an administrative privilege that authorizes the requested administrative function. In addition, information is stored that associates each of a plurality of users with one or more administrative roles. At least two users administer the access control computer system from different locations, or from computers connected to two different local area networks. Information associating a user with one or more administrative roles may be stored in a cookie, which may be encrypted. The information stored in the cookie is used to determine whether an administrative function requested by a user may be executed on behalf of the user.
997 Citations
23 Claims
-
1. A method of distributing administration functions of an access control computer system to multiple users of the system, comprising the computer implemented steps of:
-
storing information that defines one or more administrative roles, in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions; storing information that associates one or more of the administrative roles with at least one of the users of the access control computer; receiving from the user a request to execute one of the administrative functions; and executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing the administrative function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-readable medium carrying one or more sequences of one or more instructions for distributing administration functions of an access control computer system, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
-
storing information that defines one or more administrative roles, in which each of the administrative roles includes one or more administrative privileges that authorizes one or more administrative functions; storing information that associates one or more of the administrative roles with at least one user of the access control computer; receiving from the user a request to execute one of the administrative functions; and executing the one of the administrative functions only when the user is associated with one of the administrative roles that includes an administrative privilege authorizing said administrative function. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 21, 22)
-
-
20. In a computer system that controls access by networked users of the system to one or more World Wide Web applications, a method of enabling multiple administrators at different locations to carry out administrative functions of the computer system, the method comprising the computer implemented steps of:
-
storing information that defines one or more administrative roles, in which each of the administrative roles defines a successively more limited set of administrative privileges, in which each set of administrative privileges authorizes one or more administrative functions; storing information that associates one or more of the administrative roles with at least one of the administrators; receiving from one of the administrators a request to execute a particular one of the administrative functions; and executing the one of the administrative functions only when the administrator is associated with one of the administrative roles that includes an administrative privilege authorizing the administrative function.
-
-
23. A computer-readable medium carrying one or more sequences of one or more instructions for enabling multiple administrators at different locations to carry out administrative functions for a computer system that controls access by networked users of the computer system to one or more World Wide Web applications, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
-
storing information that defines one or more adminstrative roles, in which each of the administrative roles defines a successively more limited set of administrative privileges, in which each set of administrative privileges authorizes one or more administrative functions; storing information that associates one or more of the administrative roles with at least one of the administrators; receiving from one of the administrators a request to execute a particular one of the administrative functions; and executing the one of the administrative functions only when the administrator is associated with one of the administrative roles that includes an administrative privilege authorizing the administrative function.
-
Specification