Systems And Methods For Rule Inheritance
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for automating and increasing the efficiency of access to data using inheritance of access rules within an organization based upon the relationship of positions within the organization and the roles associated with the positions. In one embodiment, a role structure is used in conjunction with a hierarchical organization structure to allow access rules to be inherited by some of the positions from other positions based upon the relationship of positions within the organization and the roles associated with the positions. Access rules can be applied across equivalent or similar positions, yet differentiated between distinct portions of the organization and the distinct roles associated with the positions. Consequently, particular access rules are not necessarily inherited by all of the positions subordinate to a particular position with which the rule originates, and are not necessarily inherited by all of the positions that are associated with a particular role.
9 Citations
41 Claims
-
1-19. -19. (canceled)
-
20. A method comprising:
-
defining a hierarchical structure of positions; associating at least a first one of the positions with at least a first user; associating one or more roles with at least one of the group consisting of the first position and the first user; associating one or more rules for one or more business processes with the one or more roles; automatically applying the one or more rules to positions and users that are subordinate to the first position within the hierarchical structure and that are associated with the one or more roles; and controlling access to the one or more business processes according to the rules. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A product comprising a computer-readable medium having instructions encoded thereon which are executable by a computer system to perform the method including:
-
defining a hierarchical structure of positions; associating at least a first one of the positions with at least a first user; associating one or more roles with at least one of the group consisting of the first position and the first user; associating one or more rules for one or more business processes with the one or more roles; and automatically applying the one or more rules to positions and users that are subordinate to the first position within the hierarchical structure and that are associated with the one or more roles. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
-
-
40. A computer-readable medium having instructions encoded thereon which are executable by a computer system to perform the method including:
-
enabling definition of a hierarchical structure of positions; associating at least a first one of the positions with at least a first user; associating one or more roles with at least one of the group consisting of the first position and the first user; associating one or more rules for one or more business processes with the one or more roles; automatically applying the one or more rules to positions and users that are subordinate to the first position within the hierarchical structure and that are associated with the one or more roles; and controlling access to the one or more business processes according to the rules.
-
-
41. A computer-readable medium having instructions encoded thereon which are executable by a computer system to perform the method including:
-
receiving data defining a hierarchical structure of positions; receiving data defining an association of at least a first one of the positions with at least a first user; receiving data defining associations of one or more roles with at least one of the group consisting of the first position and the first user; receiving data defining associations of one or more rules for one or more business processes with one or more of the roles; automatically applying the one or more rules with all positions and users that are subordinate to the first position and that are associated with the one or more roles; and storing data defining associations of the one or more rules with the positions and users that are subordinate to the first position and that are associated with the one or more roles.
-
Specification