Systems and methods for event-based provisioning of elevated system privileges
First Claim
1. A computing system implemented method for provisioning access to technical support person to work a ticket in a computing infrastructure, wherein the computing system includes a processor and memory and executable instructions stored in memory and executable on the processor to perform the method, comprising:
- creating the ticket in accordance with information received regarding an incident and external rules;
querying a configuration management database to determine privileges needed to access systems identified in the ticket;
assigning the ticket to a technical support person, the technical support person being identified by a user ID;
provisioning access privileges to the systems to the user ID;
maintaining an association between the access privileges and the user ID;
placing the ticket in a queue to be pulled by the technical support person identified by the user ID;
querying a configuration management database to determine privileges needed to access systems affected by the incident; and
provisioning the user ID with the levels of privileges on the systems affected by the incident.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for providing elevated system access to users based on an alert from a monitoring tool or a request for change (RFC). Using the alert or RFC information, a provisioning server may reference the name of an impacted system against a database of privileges needed to allow elevated access to that system. The provisioning server may then initiate a task to provision a user'"'"'s existing ID or a new ID with the necessary elevated privileges. Once the person closes the alert or RFC, the provisioning server may then remove access for that person, thus providing indirect and temporary access to a company'"'"'s IT infrastructure and business applications without the use of a group ID or other mechanism to affect repairs on the impacted system(s).
53 Citations
18 Claims
-
1. A computing system implemented method for provisioning access to technical support person to work a ticket in a computing infrastructure, wherein the computing system includes a processor and memory and executable instructions stored in memory and executable on the processor to perform the method, comprising:
-
creating the ticket in accordance with information received regarding an incident and external rules; querying a configuration management database to determine privileges needed to access systems identified in the ticket; assigning the ticket to a technical support person, the technical support person being identified by a user ID; provisioning access privileges to the systems to the user ID; maintaining an association between the access privileges and the user ID; placing the ticket in a queue to be pulled by the technical support person identified by the user ID; querying a configuration management database to determine privileges needed to access systems affected by the incident; and provisioning the user ID with the levels of privileges on the systems affected by the incident. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable medium comprising computer-readable instructions for provisioning access to technical support person to work a ticket in a computing infrastructure, comprising:
-
creating the ticket in accordance with information received regarding an incident and external rules; querying a configuration management database to determine privileges needed to access systems identified in the ticket; assigning the ticket to a technical support person, the technical support person being identified by a user ID; provisioning access privileges to the systems to the user ID; maintaining an association between the access privileges and the user ID; placing the ticket in a queue to be pulled by the technical support person identified by the user ID; querying a configuration management database to determine privileges needed to access systems affected by the incident; and provisioning the user ID with the levels of privileges on the systems affected by the incident. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computing system having a processor and memory and a number of subsystems therein for provisioning access to technical support person to work a ticket in a computing infrastructure, comprising:
-
at least one subsystem that creates the ticket in accordance with information received regarding an incident and external rules; at least one subsystem that queries a configuration management database to determine privileges needed to access systems identified in the ticket; at least one subsystem that assigns the ticket to a technical support person, the technical support person being identified by a user ID; at least one subsystem that provisions access privileges to the systems to the user ID; at least one subsystem that maintains an association between the access privileges and the user ID; placing the ticket in a queue to be pulled by the technical support person identified by the user ID; querying a configuration management database to determine privileges needed to access systems affected by the incident; and provisioning the user ID with the levels of privileges on the systems affected by the incident. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification