Reconciliation of access rights in a computing system
First Claim
Patent Images
1. A system for reconciling access rights of a computing system comprising:
- at least one processor;
a data store storing access right information that indicates access rights of a computing system that have been respectively provisioned for users of the computing system and that indicates at least one approved request to grant one of the access rights to one of the users; and
memory storing instructions that, when executed by the at least one processor, cause the system to generate a reconciliation report that indicates at least one of the access rights should either be provisioned or revoked wherein the reconciliation report is generated by performing one or more reconciliation tasks using the access right information; and
wherein the one or more reconciliation tasks include a first reconciliation task associated with instructions stored at the memory that, when executed by the at least one processor, cause the system to;
determine, from the access right information, one or more provisioned access rights that have actually been provisioned for one of the users,determine, from the access right information, one or more approved access grant requests wherein each of the one or more approved access grant requests indicates an approval of a grant of one of the access rights to the user,determine, for each provisioned access right of the one or more provisioned access rights, whether the provisioned access right corresponds to one of the one or more approved access grant requests, andconfigure the reconciliation report to indicate, for each provisioned access right of the one or more provisioned access rights, that the provisioned access right is either an approved access right responsive to determining that the provisioned access right does correspond to one of the one or more approved access grant requests or an unapproved access right responsive to determining that the provisioned access right does not correspond to any of the one or more approved access grant requests.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provide for reconciling access rights of a computing system are described. Access right information that respectively corresponds to access rights of a computing system may be obtained and evaluated. Reconciliation tasks may be performed using the access right information, and a reconciliation report may be generated during performance of at least one of the reconciliation tasks. The reconciliation report may indicate that one or more of the access rights should either be provisioned or revoked at the computing system.
-
Citations
17 Claims
-
1. A system for reconciling access rights of a computing system comprising:
-
at least one processor; a data store storing access right information that indicates access rights of a computing system that have been respectively provisioned for users of the computing system and that indicates at least one approved request to grant one of the access rights to one of the users; and memory storing instructions that, when executed by the at least one processor, cause the system to generate a reconciliation report that indicates at least one of the access rights should either be provisioned or revoked wherein the reconciliation report is generated by performing one or more reconciliation tasks using the access right information; and wherein the one or more reconciliation tasks include a first reconciliation task associated with instructions stored at the memory that, when executed by the at least one processor, cause the system to; determine, from the access right information, one or more provisioned access rights that have actually been provisioned for one of the users, determine, from the access right information, one or more approved access grant requests wherein each of the one or more approved access grant requests indicates an approval of a grant of one of the access rights to the user, determine, for each provisioned access right of the one or more provisioned access rights, whether the provisioned access right corresponds to one of the one or more approved access grant requests, and configure the reconciliation report to indicate, for each provisioned access right of the one or more provisioned access rights, that the provisioned access right is either an approved access right responsive to determining that the provisioned access right does correspond to one of the one or more approved access grant requests or an unapproved access right responsive to determining that the provisioned access right does not correspond to any of the one or more approved access grant requests. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method for reconciling access rights of a computing system comprising:
-
generating, by a computing device, a reconciliation report that indicates at least one access right of a computing system should either be provisioned or revoked wherein the reconciliation report is generated by performing one or more reconciliation tasks using access right information that indicates access rights of the computing system that have been respectively provisioned for users of the computing system and that indicates at least one approved request to grant one of the access rights to one of the users; and wherein the one or more reconciliation tasks include a first reconciliation task comprising; determining, by the computing device from the access right information, one or more provisioned access rights that have actually been provisioned for one of the users, determining, by the computing device and from the access right information, one or more approved access grant requests wherein each of the one or more approved access grant requests indicates an approval of a grant of one of the access rights to the user, determining, by the computing device and for each provisioned access right of the one or more provisioned access rights, whether the provisioned access right corresponds to one of the one or more approved access grant requests, and configuring, by the computing device, the reconciliation report to indicate, for each provisioned access right of the one or more provisioned access rights, that the provisioned access right is either an approved access right responsive to determining that the provisioned access right does correspond to one of the one or more approved access grant requests or an unapproved access right responsive to determining that the provisioned access right does not correspond to any of the one or more approved access grant requests. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. Non-transitory computer-readable media comprising instructions that, when executed by a processor of a computing device, cause the computing device to perform steps for reconciling access rights of a computing system, the steps comprising:
-
generating, by a computing device, a reconciliation report that indicates at least one access right of a computing system should either be provisioned or revoked wherein the reconciliation report is generated by performing one or more reconciliation tasks using access right information that indicates access rights of the computing system that have been respectively provisioned for users of the computing system and that indicates at least one approved request to grant one of the access rights to one of the users; and wherein the one or more reconciliation tasks include a first reconciliation task comprising; determining, from the access right information, one or more provisioned access rights that have actually been provisioned for one of the users, determining, from the access right information, one or more approved access grant requests wherein each of the one or more approved access grant requests indicates an approval of a grant of one of the access rights to the user, determining, by the computing device and for each provisioned access right of the one or more provisioned access rights, whether the provisioned access right corresponds to one of the one or more approved access grant requests, and configuring the reconciliation report to indicate, for each provisioned access right of the one or more provisioned access rights, that the provisioned access right is either an approved access right responsive to determining that the provisioned access right does correspond to one of the one or more approved access grant requests or an unapproved access right responsive to determining that the provisioned access right does not correspond to any of the one or more approved access grant requests. - View Dependent Claims (14, 15, 16, 17)
-
Specification