System and method for controlling access to documents stored on an internal network
First Claim
1. In a document control system including an internal network, an external interface, and a document server connected to the internal network and to the external interface, wherein the document server belongs to an organization and wherein the document server includes a plurality of go lists, wherein each go list is associated with a role such that a first go list is associated with a first role and a second go list is associated with a second role, wherein each go list indicates whether a Business Partner assigned to that role has access to particular documents in the document server, wherein the Business Partner is a user from outside the organization, a method of modifying a go list, the method comprising:
- defining a plurality of Data Owners including a first Data Owner and a second Data Owner, wherein each Data Owner is a trusted individual within the organization;
delegating control over the go lists from an administrator to Data Owners, wherein delegating includes assigning each Data Owner to one or more roles, wherein assigning includes;
assigning the first Data Owner control over the go list associated with the first role, wherein assigning the first Data Owner control over the go list associated with the first role includes granting the first Data Owner access to the first go list and granting the first Data Owner permission to add one or more Business Partners to the first role; and
assigning the second Data Owner control over the go list associated with the second role, wherein assigning the second Data Owner control over the go list associated with the second role includes granting the second Data Owner access to the second go list and granting the second Data Owner permission to add one or more Business Partners to the second role;
receiving, from one of the Data Owners, a request to modify the go list associated with the second role;
determining if the Data Owner making the request is permitted to modify the go list associated with the second role;
if the Data Owner is permitted to modify the go list associated with the second role, displaying the go list associated with the second role as a directory tree;
modifying the directory tree;
mapping the modified directory tree into a revised go list;
replacing, in the directory server, the go list associated with the second role with the revised go list; and
allowing Business Partners assigned to the second role to access documents stored in the document server according to the revised go list.
12 Assignments
0 Petitions
Accused Products
Abstract
A system and method of limiting access from an external network to documents stored on an internal network. A client list is built in which each client is assigned to one or more roles. Each role has access to one or more documents as defined on a document list. A request from an external network is reviewed and, if possible, the request is associated with a client on the client list. The requested document is then compared to the document list associated with the client'"'"'s role and, if the requested document is in the list of documents available to a client in the client'"'"'s role, the requested document is fetched, cleaned and sent to the client.
91 Citations
14 Claims
-
1. In a document control system including an internal network, an external interface, and a document server connected to the internal network and to the external interface, wherein the document server belongs to an organization and wherein the document server includes a plurality of go lists, wherein each go list is associated with a role such that a first go list is associated with a first role and a second go list is associated with a second role, wherein each go list indicates whether a Business Partner assigned to that role has access to particular documents in the document server, wherein the Business Partner is a user from outside the organization, a method of modifying a go list, the method comprising:
-
defining a plurality of Data Owners including a first Data Owner and a second Data Owner, wherein each Data Owner is a trusted individual within the organization; delegating control over the go lists from an administrator to Data Owners, wherein delegating includes assigning each Data Owner to one or more roles, wherein assigning includes; assigning the first Data Owner control over the go list associated with the first role, wherein assigning the first Data Owner control over the go list associated with the first role includes granting the first Data Owner access to the first go list and granting the first Data Owner permission to add one or more Business Partners to the first role; and assigning the second Data Owner control over the go list associated with the second role, wherein assigning the second Data Owner control over the go list associated with the second role includes granting the second Data Owner access to the second go list and granting the second Data Owner permission to add one or more Business Partners to the second role; receiving, from one of the Data Owners, a request to modify the go list associated with the second role; determining if the Data Owner making the request is permitted to modify the go list associated with the second role; if the Data Owner is permitted to modify the go list associated with the second role, displaying the go list associated with the second role as a directory tree; modifying the directory tree; mapping the modified directory tree into a revised go list; replacing, in the directory server, the go list associated with the second role with the revised go list; and allowing Business Partners assigned to the second role to access documents stored in the document server according to the revised go list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 12)
-
-
8. A document control system, including:
-
an internal network; an external interface; a document server connected to the internal network and to the external interface, wherein the document server belongs to an organization and wherein the document server controls access to a plurality of documents, including a first document; a document control server connected to the internal network and to the external interface, wherein the document control server includes a go list processor; and a data owner interface, wherein the data owner interface is operable to; define a plurality of Data Owners, wherein each Data Owner is a trusted individual within the organization; and delegate control over a document list of available documents for each role from an administrator to Data Owners, wherein the delegation includes assigning each Data Owner one or more roles, wherein assigning includes granting the Data Owner access to the document list of available documents for his role and granting the Data Owner permission to add one or more end users to his role, wherein each end user is a user from outside the organization; wherein the document control server receives a document request from the external interface for the first document, determines an end user associated with the document request, authenticates the end user and determines whether the end user has been assigned to one of the one or more roles associated with a corresponding Data Owner; and wherein if the end user has been assigned to one of the one or more roles associated with the corresponding Data Owner, the document control server accesses the go list processor and determines whether to allow the end user to access said first document based on the document list for the role associated with the corresponding Data Owner. - View Dependent Claims (9, 10, 11, 13, 14)
-
Specification