Efficient data structures for multi-dimensional security
First Claim
1. A computer-implemented method for providing multi-dimensional security, the method comprising:
- generating, using a processor, models having dimensions;
wherein each dimension includes one of;
a static dimension permission that locks the permissions of the dimension from customization and a dynamic dimension permission that allows permissions to be customized;
associating a group role with one or more of the models, wherein the group role includes a group permission for accessing data associated with the model and the dimensions;
wherein the group role is associated with the one or more models through a selection interface that specifies what models and what dimensions to be associated with the group role;
wherein a default permission for the group role is set by a graphical interface that includes options for setting the default permission to;
a low permission that specifies read and write access;
a medium permission that specifies read access and no write access, and a high permission that specifies no read/write access;
associating a user with the model and the dimensions, wherein the user includes a user permission for accessing data associated with the model and the dimensions;
storing the user permission and the group permission within a relational data store;
generating a collective user permissions table from the user permission and the group permission within the relational data store, wherein the collective user permissions table identifies collective user permissions based on the group permissions for accessing data associated with the model and user permissions for accessing data associated with the model; and
pushing the collective user permissions that is stored in the relational data store to a multi-dimensional store to provide multi-dimensional security for a multi-dimensional representation.
2 Assignments
0 Petitions
Accused Products
Abstract
Efficient data structures are generated to enforce permissions on a multi-dimensional representation in a performance management application. A model site is generated having at least one model with at least one dimension. User permissions and group permissions are set for the model. The user permission and the group permissions are deployed to a relational database. A collective user permission table is generated based on the user permissions and the group permissions. Thus, an end user may receive permissions associated with a model and permissions associated with particular dimensions of a model without an inefficient consumption of resources.
-
Citations
20 Claims
-
1. A computer-implemented method for providing multi-dimensional security, the method comprising:
-
generating, using a processor, models having dimensions;
wherein each dimension includes one of;
a static dimension permission that locks the permissions of the dimension from customization and a dynamic dimension permission that allows permissions to be customized;associating a group role with one or more of the models, wherein the group role includes a group permission for accessing data associated with the model and the dimensions;
wherein the group role is associated with the one or more models through a selection interface that specifies what models and what dimensions to be associated with the group role;
wherein a default permission for the group role is set by a graphical interface that includes options for setting the default permission to;
a low permission that specifies read and write access;
a medium permission that specifies read access and no write access, and a high permission that specifies no read/write access;associating a user with the model and the dimensions, wherein the user includes a user permission for accessing data associated with the model and the dimensions; storing the user permission and the group permission within a relational data store; generating a collective user permissions table from the user permission and the group permission within the relational data store, wherein the collective user permissions table identifies collective user permissions based on the group permissions for accessing data associated with the model and user permissions for accessing data associated with the model; and pushing the collective user permissions that is stored in the relational data store to a multi-dimensional store to provide multi-dimensional security for a multi-dimensional representation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable storage medium that excludes signals and waves having computer-executable instructions encoded thereon for providing multi-dimensional security, the instructions comprising:
-
generating a model site having a plurality of models; actuating models associated with the site, wherein the models includes a dimension that indicates a data category;
wherein the dimension includes one of;
a static dimension permission that locks the permissions of the dimension from customization and a dynamic dimension permission that allows permissions to be customized;associating a group role with one of the models, wherein the group role includes a group permission for accessing the model;
wherein a default permission for the group role is set by a graphical interface that includes options for setting the default permission to;
a low permission that specifies read and write access;
a medium permission that specifies read access and no write access, and a high permission that specifies no read/write access;associating a user with the model, wherein the user is a member of the group role, wherein the user includes a user permission for accessing the model; generating the collective user permissions table, wherein the generation of the collective user permissions table is based on the security table for each of the dimensions and the user membership in the group role; associating the collective user permissions with a multi-dimensional store to provide security for a multi-dimensional representation when a user queries the multi-dimensional representation. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A system for providing multi-dimensional security, the instructions comprising:
-
a processor; and a memory having computer executable instructions stored thereon, wherein the computer executable instructions are configured to; actuate a model, wherein the model includes a plurality of dimensions that indicate a data category;
wherein each dimension includes one of;
a static dimension permission that locks the permissions of the dimension from customization and a dynamic dimension permission that allows permissions to be customized;associate a group role with the model, wherein the group role includes a group permission for accessing the model;
wherein a default permission for the group role is set by a graphical interface that includes options for setting the default permission to;
a low permission that specifies read and write access;
a medium permission that specifies read access and no write access, and a high permission that specifies no read/write access;associate a user with the model, wherein the user is a member of the group role, wherein the user includes a user permission for accessing the model, wherein the user permission includes less access than the group permission; determine a number of dimensions associated with the model; determine user permissions for each of the dimensions; determine group permissions for each of the dimensions; generate a security table for each of the dimensions; determine the user membership in the group role; and generate the collective user permissions table, wherein the generation of the collective user permissions table uses the security table for each of the dimensions and the user membership in the group role; and associate the collective user permissions table with a multi-dimensional store to provide security for a multi-dimensional representation when a user queries the multi-dimensional representation. - View Dependent Claims (18, 19, 20)
-
Specification