Determining roles for automated tasks in a role-based access control environment
First Claim
1. A computer implemented method for performing an automated task in a role-based access control environment, the computer implemented method comprising:
- assigning by one or more processors a set of roles to a user to form assigned roles, wherein the role-based access control environment allows the user to assume a subset of the assigned roles at a given time;
responsive to receiving a request to execute an automated task, identifying by the one or more processors an identity of the user creating the automated task, wherein the step of identifying the set of session roles based on the identity of the user further comprises;
determining a set of most frequently assumed roles for the user by ranking roles the user has historically assumed based on how frequently the user assumed each role; and
setting the set of most frequently assumed roles as the set of session roles;
responsive to a determination that the user creating the automated task is not logged in, identifying by the one or more processors a set of session roles based on the identity of the user;
creating by the one or more processors a session for the automated task; and
performing by the one or more processors the automated task in the session using the set of session roles.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer implemented method, apparatus, and computer program product for performing an automated task in a role-based access control environment. A set of roles is assigned to a user to form assigned roles, wherein the role-based access control environment allows the user to assume a subset of the assigned roles at a given time. Responsive to receiving a request to execute an automated task, an identity of the user creating the automated task is identified. Responsive to determining that the user creating the automated task is not logged in, a set of session roles are identified based on the identity of the user. A session is created for the automated task. The automated task is performed in the session using the set of session roles.
-
Citations
17 Claims
-
1. A computer implemented method for performing an automated task in a role-based access control environment, the computer implemented method comprising:
-
assigning by one or more processors a set of roles to a user to form assigned roles, wherein the role-based access control environment allows the user to assume a subset of the assigned roles at a given time; responsive to receiving a request to execute an automated task, identifying by the one or more processors an identity of the user creating the automated task, wherein the step of identifying the set of session roles based on the identity of the user further comprises; determining a set of most frequently assumed roles for the user by ranking roles the user has historically assumed based on how frequently the user assumed each role; and
setting the set of most frequently assumed roles as the set of session roles;responsive to a determination that the user creating the automated task is not logged in, identifying by the one or more processors a set of session roles based on the identity of the user; creating by the one or more processors a session for the automated task; and performing by the one or more processors the automated task in the session using the set of session roles. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product comprising a computer usable hardware medium including computer usable program code for performing an automated task in a computer having a role-based access control environment, the computer program product comprising:
-
computer usable code for assigning a set of roles to a user to form assigned roles, wherein the role-based access control environment allows the user to assume a subset of the assigned roles at a given time; computer usable code for, responsive to receiving a request to execute an automated task, identifying an identity of the user creating the automated task; responsive to a determination that the user creating the automated task is not logged in, computer usable code for identifying a set of session roles based on the identity of the user, wherein the computer usable code for identifying the set of session roles based on the identity of the user further comprises;
computer usable code for determining a set of most frequently assumed roles for the user by ranking roles the user has historically assumed based on how frequently the user assumed each role; and
computer usable code for setting the set of most frequently assumed roles as the set of session roles;computer usable code for creating a session for the automated task; and computer usable code for performing the automated task in the session using the set of session roles. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A data processing system for performing an automated task in a computer having a role-based access control environment, the data processing system comprising:
-
a bus; a storage device connected to the bus, wherein the storage device contains computer usable code; a communications unit connected to the bus; and a processing unit connected to the bus for executing the computer usable code, wherein the processing unit executes the computer usable code to assign a set of roles to a user to form assigned roles in response to input from an administrator, wherein the role-based access control environment allows the user to assume a subset of the assigned roles at a given time;
create the automated task, in response to input from the user, wherein the input specifies the automated task;
responsive to receiving a request to execute the automated task, identify an identity of the user who created the automated task;
responsive to a determination that the user creating the automated task is not logged in, identify a set of session roles based on the identity of the user, wherein in executing the computer usable program code to identify the set of session roles based on the identity of the user, the processing unit further executes the computer usable program code to identify the set of session roles based on the identity of the user by further executing the computer usable code to determine a set of most frequently assumed roles for the user by ranking roles the user has historically assumed based on how frequently the user assumed each role, and set the set of most frequently assumed roles as the set of session roles;
create a session for the automated task; and
perform the automated task in the session using the set of session roles. - View Dependent Claims (14, 15, 16, 17)
-
Specification