Apparatus and method for access validation
First Claim
1. An apparatus configured for performing access validation, comprising:
- one or more processors;
an access validation application executable by said one or more processors, said access validation application configured for;
receiving a request to perform access validation of a particular resource to which access had previously been granted;
responsive to receiving the request, determining whether the previously granted access to said resource is valid by using a structure of a hierarchy of resources and a location of the particular resource within the hierarchy and byrequesting access validation from at least two owners of at least two sub-resources of the particular resource, respectively, as defined by the structure of the hierarchy, by sending a request for approval to each of the at least two owners;
in response to determining whether the previously granted access to said resource is valid, responding with any of the following five options;
an affirmation of validity;
a negative indication that said previously granted access to said resource is not valid;
a stronger condition;
an answer indicating that it cannot be determined whether the previously granted access to said resource is valid; and
an exception, wherein it was determined that the previously granted access to the resource is not valid, however that temporary access to the resource is required;
wherein the owner of the particular resource is responsible for validating entities which are in the realm of responsibility of the owner and wherein entities which are in the realm of responsibility of the owner comprise one or more sub-resources, each said sub-resource having a corresponding owner, and wherein each corresponding owner is required to perform access validation for its sub-resource and is responsible for validation entities which are in its realm of responsibility; and
wherein configuring said access validation application does not require business rules.
1 Assignment
0 Petitions
Accused Products
Abstract
One or more techniques for access validation are provided. Access validation may be performed automatically or in real-time. Access validation may be at the resource level or at a sub-resource level. Techniques provided herein may be applied in a large variety of situations and industries, e.g. compliance management or inventory. Access validation reports may be generated in real-time or may link to indications of access validation in real-time. Five outcomes or options are provided, including affirmative, negative, stronger negative with larger implication, undetermined, and negative, however with temporarily granted access. A field for allowing entry of justification for access to a particular resource is provided. Reminders to validate privileges are provided. A continuous access validation process is provided. A technique for extending the hierarchy and corresponding workflow that is generated thereof is provided.
-
Citations
18 Claims
-
1. An apparatus configured for performing access validation, comprising:
-
one or more processors; an access validation application executable by said one or more processors, said access validation application configured for; receiving a request to perform access validation of a particular resource to which access had previously been granted; responsive to receiving the request, determining whether the previously granted access to said resource is valid by using a structure of a hierarchy of resources and a location of the particular resource within the hierarchy and by requesting access validation from at least two owners of at least two sub-resources of the particular resource, respectively, as defined by the structure of the hierarchy, by sending a request for approval to each of the at least two owners; in response to determining whether the previously granted access to said resource is valid, responding with any of the following five options; an affirmation of validity; a negative indication that said previously granted access to said resource is not valid; a stronger condition; an answer indicating that it cannot be determined whether the previously granted access to said resource is valid; and an exception, wherein it was determined that the previously granted access to the resource is not valid, however that temporary access to the resource is required; wherein the owner of the particular resource is responsible for validating entities which are in the realm of responsibility of the owner and wherein entities which are in the realm of responsibility of the owner comprise one or more sub-resources, each said sub-resource having a corresponding owner, and wherein each corresponding owner is required to perform access validation for its sub-resource and is responsible for validation entities which are in its realm of responsibility; and wherein configuring said access validation application does not require business rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method for performing access validation, comprising:
-
receiving a request to perform access validation of a particular resource to which access had previously been granted; responsive to receiving the request, determining whether the previously granted access to said resource is valid by using a structure of a hierarchy of resources and a location of the particular resource within the hierarchy and by requesting access validation from at least two owners of at least two sub-resources of the particular resource, respectively, as defined by the structure of the hierarchy, by sending a request for approval to each of the at least two owners; in response to determining whether the previously granted access to said resource is valid, responding with any of the following five options; an affirmation of validity; a negative indication that said previously granted access to said resource is not valid; a stronger condition; an answer indicating that it cannot be determined whether the previously granted access to said resource is valid; and an exception, wherein it was determined that the previously granted access to the resource is not valid, however that temporary access to the resource is required; wherein the owner of the particular resource is responsible for validating entities which are in the realm of responsibility of the owner and wherein entities which are in the realm of responsibility of the owner comprise one or more sub-resources, each said sub-resource having a corresponding owner, and wherein each corresponding owner is required to perform access validation for its sub-resource and is responsible for validation entities which are in its realm of responsibility; and wherein business rules are not required; and wherein said method is performed by a computer system configured to perform said method. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification