Role based access controls
First Claim
Patent Images
1. A method of providing access control in a computer system arranged to include an operation system layer and an application layer, the method comprising:
- loading a policy module within the operating system layer;
generating a profile associated with a role within an organization by analyzing with an analyzer tasks performed by a user associated with said profile using a role shell, and determining based upon said analyzing a set of rules that define said storing the profile within the policy module in the operating system layer;
enforcing the profile with respect to one or more users associated with the role;
associating the role shell with the role; and
facilitating communication between the operating system and application layers using the role shell.
11 Assignments
0 Petitions
Accused Products
Abstract
Role-based access controls improve user access in a computer system. A profile associated with a role is generated. The profile is enforced with respect to one or more users associated with the role. Optionally, the profile is generated based at least in part on a user interaction.
152 Citations
18 Claims
-
1. A method of providing access control in a computer system arranged to include an operation system layer and an application layer, the method comprising:
-
loading a policy module within the operating system layer; generating a profile associated with a role within an organization by analyzing with an analyzer tasks performed by a user associated with said profile using a role shell, and determining based upon said analyzing a set of rules that define said storing the profile within the policy module in the operating system layer; enforcing the profile with respect to one or more users associated with the role; associating the role shell with the role; and facilitating communication between the operating system and application layers using the role shell. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system of providing access control comprising a processor, coupled to a memory, configured to:
-
load a policy module within an operating system layer; generate a profile associated with a role by analyzing with an analyzer tasks performed by a user associated with said profile using a role shell, and determining based upon said analyzing a set of rules that define said profile; enforce the profile with respect to one or more users associated with the role;
store the profile in the policy module in the operating system layer;associate the shell with the role; and facilitate communication between the operating system layer and an application layer using the role shell. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A computer program product to provide access control, the computer program product being embodied in a computer readable medium and comprising computer instructions to:
-
load a policy module within an operating system layer; generate a profile associated with a role by analyzing with an analyzer tasks performed by a user associated with said profile using a role shell, and determining based upon said analyzing a set of rules that define said profile; store the profile in the policy module in the operating system layer of the computer; associate the role shell with the role; facilitate communication between the operating system layer and an application layer using the role shell; and enforce the profile with respect to one or more users associated with the role.
-
Specification