×

Systems and methodologies for managing document access permissions

  • US 9,805,209 B2
  • Filed: 07/29/2014
  • Issued: 10/31/2017
  • Est. Priority Date: 07/29/2013
  • Status: Expired due to Fees
First Claim
Patent Images

1. A computer implemented method for managing access to objects available via a file server by a user, the method including:

  • authenticating the user;

    based on data indicative of an organisational hierarchy, which provides data indicative of memberships of a plurality of users to a plurality of groups, determining a set of groups to which the user belongs, wherein each membership has an associated permission set, wherein the permission set defines a set of permissions that a given user holds in relation to membership of a given group;

    for each user, determining a hierarchy of groups for which that user has membership;

    for each user, creating a concatenated list of the hierarchy of groups for which that user has membership, wherein the concatenated list includes, for membership, the permission set associated with that membership;

    for each group to which the user belongs, and for each unique combination of groups to which the user belongs, defining a respective access token; and

    combining the defined access tokens into a concatenated set of access tokens, such that the concatenated set of access tokens represents an intersection of groups and permission sets, wherein permissions are provided in a subtractive manner rather than an additive manner, wherein a file server accesses the concatenated set of access tokens thereby to determine whether or not to grant the user access to a given object;

    wherein;

    the objects available via the file server are each uniquely associated with a parent group defined in the organisational hierarchy;

    for each object, a subtractive access token is defined based on its parent group in the organisational hierarchy, wherein defining a subtractive access token for a given object includes defining a token that is representative of the parent group and each higher-level group in the organisational hierarchy under which the parent group is nested.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×