Distributed Environment Controlled Access Facility
First Claim
1. A distributed control access facility which comprises:
- an application interface connected to an application for which access is controlled, to which remote networked users can obtain access and from which authorization requests for the user can be issued;
at least one server comprising an access control facility connected to the application server the access control facility comprising;
a master setup which provides information to the control facility relating to the application and entitlements;
a request for access facility which receives the user request through a user interface, compares user information, to the information in the master setup;
to determine whether the request should be approved; and
an access repository which acts on the information from the access facility and returns the appropriate authorization to the application.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer implemented web based access control facility for a distributed environment, which allows users to request for access, take the request through appropriate approval work flow and finally make it available to the users and applications. This program also performs an automatic task of verifying the health of data, access control data as well as the entitlements, to avoid malicious user access. The system also provides an active interface to setup a backup, to delegate the duty in absence. Thus this system provides a comprehensive facility to grant, re-certify and control the entitlements and users in a distributed environment.
32 Citations
30 Claims
-
1. A distributed control access facility which comprises:
-
an application interface connected to an application for which access is controlled, to which remote networked users can obtain access and from which authorization requests for the user can be issued;
at least one server comprising an access control facility connected to the application server the access control facility comprising;
a master setup which provides information to the control facility relating to the application and entitlements;
a request for access facility which receives the user request through a user interface, compares user information, to the information in the master setup;
to determine whether the request should be approved; and
an access repository which acts on the information from the access facility and returns the appropriate authorization to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A distributed control access facility which comprises:
-
a plurality of servers that are networked;
at least one of the servers comprising an application for which access is controlled, to which remote networked users can obtain access and from which authorization requests for the user can be issued;
at least one of the servers comprising an access control facility connected to the application server the access control facility comprising;
a master setup which provides information to the control facility relating to the application and entitlements;
a request for access facility which receives the user request through a user interface, compares user information, to the information in the master setup;
to determine whether the request should be approved; and
an access repository which acts on the information from the access facility and returns the appropriate authorization to the application.
-
-
17. A method for controlling access to an application in a distributed computer networked environment, the networked environment comprising an application area and a distributed access control facility, comprising the steps of:
-
submitting a user request for access to an application;
issuing through the application the request to the distributed access control facility along with pertinent user information;
performing a separation of duties check based on the application and the user information;
determining the type of user;
seeking separation of duties approval based on type of user; and
providing for an override if the user failed the override. - View Dependent Claims (18, 19, 20)
-
-
21. A method for controlling access to an application in a distributed computer networked environment, the networked environment comprising an application area and a distributed access control facility, comprising the steps of:
-
attempting through a user to access an application in the application area;
requesting through the application area information regarding the user;
sending through the application area an authorization request;
comparing the information received from the application area and the application to information created in the distributed access control facility in an access repository;
sending the results of such comparison to the application, and having the application grant access to the application based on the results of such comparison. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for controlling access to an application in a distributed computer networked environment, the networked environment comprising an application area and a distributed access control facility, the method comprising the steps of:
-
attempting through a user to access an application in the application area;
requesting through the application area information regarding the user;
sending through the application area an authorization request;
comparing the information received from the application area and the application to information created in the distributed access control facility in an access repository;
sending the results of such comparison to the application, and having the application grant access to the application based on the results of such comparison. - View Dependent Claims (27, 28, 29, 30)
-
Specification