Role-based access control utilizing token profiles having predefined roles
First Claim
1. A method comprising:
- assigning a token processing system (TPS) client a token profile for a group comprising a plurality of tokens, the token profile stored in a profile data structure, wherein the token profile specifies at least one of a plurality of predefined roles for the TPS client, and wherein each of the plurality of predefined roles is associated with predefined access to entries of a token database;
receiving, by a TPS executing on a computing system, a request from the TPS client over a network to perform an operation on the entries of the token database that correspond to the group, wherein the TPS is configured to communicate with the token database and configured to communicate over the network with one or more additional clients each having at least one of the plurality of tokens; and
allowing the TPS client access to the token database to perform the operation when permitted by the predefined roles specified in the token profile on the entries of the token database that correspond to the group identified by the token profile.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for managing role-based access control of token data using token profiles having predefined roles is described. In one method, a token processing system (TPS) assigns a TPS client a token profile for a group of multiple tokens, the token profile being stored in a profile data structure. The token profile specifies at least one of multiple predefined roles for the TPS client, each role associated with predefined access to entries of a token database. The TPS receives a request from the TPS client over a network to perform an operation on the entries of the token database that correspond to the group, and allows the TPS client access to the token database to perform the operation when permitted by the predefined roles specified in the token profile on the entries of the token database that correspond to the group identified by the token profile.
-
Citations
24 Claims
-
1. A method comprising:
-
assigning a token processing system (TPS) client a token profile for a group comprising a plurality of tokens, the token profile stored in a profile data structure, wherein the token profile specifies at least one of a plurality of predefined roles for the TPS client, and wherein each of the plurality of predefined roles is associated with predefined access to entries of a token database; receiving, by a TPS executing on a computing system, a request from the TPS client over a network to perform an operation on the entries of the token database that correspond to the group, wherein the TPS is configured to communicate with the token database and configured to communicate over the network with one or more additional clients each having at least one of the plurality of tokens; and allowing the TPS client access to the token database to perform the operation when permitted by the predefined roles specified in the token profile on the entries of the token database that correspond to the group identified by the token profile. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A certificate system, comprising:
-
a data storage device to store a token profile assigned to a user, wherein the token profile corresponds to a group comprising a plurality of tokens, the token profile stored in a profile data structure, wherein the token profile specifies at least one of a plurality of predefined roles for the user, and wherein each of the plurality of predefined roles is associated with predefined access to entries of a token database; and a first server, comprising a token processing system (TPS), coupled to the data storage device, wherein the TPS is configured to receive a request from the TPS client over a network to perform an operation on the entries of the token database that correspond to the group, wherein the TPS is configured to communicate over the network with one or more additional clients each having at least one of the plurality of tokens, and wherein the TPS is configured to allow the TPS client access to the token database to perform the operation when permitted by the predefined roles specified in the token profile on the entries of the token database that correspond to a group identified by the token profile. - View Dependent Claims (19, 20, 21)
-
-
22. A non-transitory machine-readable storage medium having instructions, which when executed, cause a computing system to perform a method, the method comprising:
-
assigning a token processing system (TPS) client a token profile for a group comprising a plurality of tokens, the token profile stored in a profile data structure, wherein the token profile specifies at least one of a plurality of predefined roles for the TPS client, and wherein each of the plurality of predefined roles is associated with predefined access to entries of a token database; receiving, by a TPS executing on the computing system, a request from the TPS client over a network to perform an operation on the entries of the token database that correspond to the group, wherein the TPS is configured to communicate with the token database and configured to communicate over the network with one or more additional clients each having at least one of the plurality of tokens; and allowing the TPS client access to the token database to perform the operation when permitted by the predefined roles specified in the token profile on the entries of the token database that correspond to the group identified by the token profile. - View Dependent Claims (23, 24)
-
Specification