User interface for variable access control system
First Claim
Patent Images
1. A visual display hardware unit displaying a graphical user interface displaying who in the course of time will be allowed by means of a computer access control system to access a specific document while at the same time displaying the document'"'"'s contents, comprising:
- a first display region on the visual display unit displaying the document'"'"'s contents at normal size, legibly scaled, and unabridged; and
a second display region in a comprehensible manner simultaneously;
indicating for a plurality of different times in the future for each time a set of individually indicated persons who are predicted, by at said time having a specific role of a computer access control system with role based access control, at said time to be allowed by means of said computer access control system to access said document, in contrast to being denied access at other times; and
indicating a plurality of respective time spans;
wherein among said different times said sets of individually indicated persons are different;
wherein at least one of said persons at the present point in time is not allowed to access said document and nonetheless is predicted to be allowed access in the future;
wherein differences among said different sets of individually indicated persons at said different times are caused at least in part by said computer access control system;
wherein said first display region for contents and said second display region for persons are concurrently visible, are concurrently operable, and appear to an operator as in an integrated graphical user interface; and
wherein a plurality of said different sets of individually indicated persons comprise each and every person predicted to be allowed to access said document during their respective time spans; and
wherein data being used for determining its display indicating sets of individually indicated persons and time spans comprises;
access control settings for said document;
data that defines role memberships; and
data for predicting times of changes of persons being in roles.
1 Assignment
0 Petitions
Accused Products
Abstract
To balance a tendency towards faceless decisions in using role based access control, photographic likenesses of people in roles can be used in access control user interface. For a meaningful representation of different people being in a role at a different times, a near future time chart of people who are predicted to be in roles to access a document or a resource can be displayed next to document contents and resource representations.
80 Citations
14 Claims
-
1. A visual display hardware unit displaying a graphical user interface displaying who in the course of time will be allowed by means of a computer access control system to access a specific document while at the same time displaying the document'"'"'s contents, comprising:
-
a first display region on the visual display unit displaying the document'"'"'s contents at normal size, legibly scaled, and unabridged; and a second display region in a comprehensible manner simultaneously; indicating for a plurality of different times in the future for each time a set of individually indicated persons who are predicted, by at said time having a specific role of a computer access control system with role based access control, at said time to be allowed by means of said computer access control system to access said document, in contrast to being denied access at other times; and indicating a plurality of respective time spans; wherein among said different times said sets of individually indicated persons are different; wherein at least one of said persons at the present point in time is not allowed to access said document and nonetheless is predicted to be allowed access in the future; wherein differences among said different sets of individually indicated persons at said different times are caused at least in part by said computer access control system; wherein said first display region for contents and said second display region for persons are concurrently visible, are concurrently operable, and appear to an operator as in an integrated graphical user interface; and wherein a plurality of said different sets of individually indicated persons comprise each and every person predicted to be allowed to access said document during their respective time spans; and wherein data being used for determining its display indicating sets of individually indicated persons and time spans comprises; access control settings for said document; data that defines role memberships; and data for predicting times of changes of persons being in roles. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A digital computer comprising at least:
-
a processing unit connected to memory; further connected to a visual display unit hardware device, the computer programmed to produce a graphical user interface displaying who in the course of time will be allowed by means of a computer access control system to access a specific document while at the same time displaying the document'"'"'s contents, comprising; a first display region on the visual display unit displaying the document'"'"'s contents at normal size, legibly scaled, and unabridged; and a second display region in a comprehensible manner simultaneously; indicating for a plurality of different times in the future for each time a set of individually indicated persons who are predicted, by at said time having a specific role of a computer access control system with role based access control, at said time to be allowed by means of said computer access control system to access said document, in contrast to being denied access at other times; and indicating a plurality of respective time spans; wherein among said different times said sets of individually indicated persons are different; wherein at least one of said persons at the present point in time is not allowed to access said document and nonetheless is predicted to be allowed access in the future; wherein differences among said different sets of individually indicated persons at said different times are caused at least in part by said computer access control system; wherein said first display region for contents and said second display region for persons are concurrently visible, are concurrently operable, and appear to an operator as in an integrated graphical user interface; and wherein a plurality of said different sets of individually indicated persons comprise each and every person predicted to be allowed to access said document during their respective time spans; and wherein data being used for determining its display indicating sets of individually indicated persons and time spans comprises; access control settings for said document; data that defines role memberships; and data for predicting times of changes of persons being in roles. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification