Methods and systems for managing user access to computer software application programs
First Claim
Patent Images
1. A method of operating a computer system, the method comprising:
- installing a plurality of application software programs in a plurality of server computers in said computer system;
defining user access assignments in said server computers for each of said application software programs for a respective plurality of users;
loading user access assignment data from each of said plurality of servers to an authorization monitoring server computer in said computer system;
storing, in a user access repository in said authorization monitoring server computer, said loaded user access assignment data, said loaded user access assignment data representing all of said user access assignments;
defining a user access rule, said user access rule forbidding at least one user access assignment or at least one combination of user access assignments; and
analyzing said user access assignment data stored in said user access repository to determine whether said user access rule is violated by said user access assignments.
3 Assignments
0 Petitions
Accused Products
Abstract
According to some embodiments, a method of operating a computer system includes installing a plurality of application software programs in the computer system. The method further includes defining user access assignments for each of the application software programs for a respective plurality of users. The method further includes storing, in a user access repository, data which represents all of the user access assignments. The method further includes defining a user access rule, and analyzing the data in the user access repository to determine whether the user access rule is violated by the user access assignments.
-
Citations
35 Claims
-
1. A method of operating a computer system, the method comprising:
-
installing a plurality of application software programs in a plurality of server computers in said computer system; defining user access assignments in said server computers for each of said application software programs for a respective plurality of users; loading user access assignment data from each of said plurality of servers to an authorization monitoring server computer in said computer system; storing, in a user access repository in said authorization monitoring server computer, said loaded user access assignment data, said loaded user access assignment data representing all of said user access assignments; defining a user access rule, said user access rule forbidding at least one user access assignment or at least one combination of user access assignments; and analyzing said user access assignment data stored in said user access repository to determine whether said user access rule is violated by said user access assignments. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of operating a computer system, the method comprising:
-
installing a plurality of application software programs in a plurality of server computers in said computer system; defining user access assignments in said server computers for each of said application software programs for a respective plurality of users; loading user access assignment data from each of said plurality of servers to an authorization monitoring server computer in said computer system; storing, in a user access repository in said authorization monitoring server computer, said loaded user access assignment data, said loaded user access assignment data representing all of said user access assignments; and archiving said user access assignment data stored in said user access repository on each of a plurality of occasions. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
-
27. A method of operating a computer system, the method comprising:
-
installing a plurality of application software programs in a plurality of server computers in said computer system; defining user access assignments in said server computers for each of said application software programs for a respective plurality of users; loading user access assignment data from each of said plurality of servers to an authorization monitoring server computer in said computer system; storing, in a user access repository in said authorization monitoring server computer, said loaded user access assignment data, said loaded user access assignment data representing all of said user access assignments; displaying in a screen display some of said data, said screen display including a display element to indicate that one of said user access assignments is to be revoked; detecting actuation of said display element; and responding to said detected actuation of said display element by sending an electronic mail message to a system administrator or another computer system to indicate that said one of said user access assignments is to be revoked. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35)
-
Specification