Method for role and resource policy management
First Claim
Patent Images
1. A method for managing entitlements in an enterprise application, comprising the steps of:
- associating a role with a first enterprise application resource;
associating a policy with a second enterprise application resource, wherein the policy is based at least partially on the role;
mapping the role to a principal in order to determine whether or not the principal can access the second application resource;
wherein the first application resource is hierarchically related to the second application resource;
wherein the second application resource can inherit one or more roles associated with the first application resource;
wherein the role is hierarchically equal or superior to the policy;
the role can supersede a second role associated with a parent of the first application resource; and
wherein the policy can supersede a second policy associated with a parent of the second application resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for adaptively managing entitlements, comprising the steps of providing for the association of a role with a first resource; and providing for the association of a policy with a second resource, wherein the policy is based at least partially on the role; and providing for hierarchically relating the role and the policy; and wherein the role is hierarchically equal or superior to the policy.
139 Citations
28 Claims
-
1. A method for managing entitlements in an enterprise application, comprising the steps of:
-
associating a role with a first enterprise application resource;
associating a policy with a second enterprise application resource, wherein the policy is based at least partially on the role;
mapping the role to a principal in order to determine whether or not the principal can access the second application resource;
wherein the first application resource is hierarchically related to the second application resource;
wherein the second application resource can inherit one or more roles associated with the first application resource;
wherein the role is hierarchically equal or superior to the policy;
the role can supersede a second role associated with a parent of the first application resource; and
wherein the policy can supersede a second policy associated with a parent of the second application resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for managing entitlements, comprising the steps of:
-
associating a first role with a first resource in a hierarchy of resources;
associating a first policy with a second resource in the hierarchy of resources, wherein the first policy is based at least partially on the first role;
wherein the second resource in the hierarchy of resources is capable of inheriting at least one role associated with the first resource in the hierarchy of resources;
wherein the first role can supersede a second role associated with a parent of the first resource; and
wherein the first policy can supersede a second policy associated with a parent of the second resource. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for managing entitlements, comprising the steps of:
-
associating a role with a first resource in a hierarchy of resources;
associating a policy with a second resource in the hierarchy of resources, wherein the policy is based at least partially on the role; and
wherein the second resource in the hierarchy of resources is capable of inheriting at least one role associated with the first resource in the hierarchy of resources;
wherein the second resource in the hierarchy of resources is capable of inheriting at least one policy associated with the first resource in the hierarchy of resources;
wherein the role can block a less local role; and
wherein the policy can block a less local policy. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification