Method and system for providing reference architecture pattern-based permissions management

US 9,319,415 B2
Filed: 04/30/2014
Issued: 04/19/2016
Est. Priority Date: 04/30/2014
Status: Active Grant

First Claim

Patent Images

1. A method for providing reference architecture pattern-based permissions management comprising:

identifying, using a first computing system configured to perform the method for providing reference architecture pattern-based permissions management, one or more roles available to be associated with an individual taking part in the development, and/or deployment, and/or operation of two or more computing system applications using a reference architecture pattern;

generating, using the first computing system, role data representing the identified roles;

identifying, using the first computing system, a plurality of reference tiers used to create, and/or deploy, and/or operate a computing system application using the reference architecture pattern, wherein the plurality of identified reference tiers include at least two selected from a development tier, a pre-production tier, a production tier, a staging tier, an integration tier, a security tier, and an external tier;

generating, using the first computing system, reference tier data representing the identified reference tiers;

for each role represented by the role data, associating, using the first computing system, at least one permission with each reference tier represented in the reference tier data;

assigning, using the first computing system, to the individual one of the roles represented by the role data;

for a first one of the reference tiers associated with a first of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a first permission associated with the role assigned to the individual; and

for a second one of the reference tiers associated with a second of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a second permission associated with the role assigned to the individual, wherein the second permission is different from the first permission.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Reference architecture pattern role data representing reference architecture pattern roles to be associated with entities taking part in the development, and/or deployment, and/or operation of an application is generated. Reference architecture pattern tier data representing reference architecture pattern tiers used to create, and/or deploy, and/or operate an application using the reference architecture pattern is generated. For each reference architecture pattern role at least one access and/or operational permission is associated with each reference architecture pattern tier. At least one entity is assigned one of the reference architecture pattern roles and for each reference architecture pattern tier, the at least one entity is automatically provided the at least one access and/or operational permission associated with the reference architecture pattern role assigned to the entity.

122 Citations

32 Claims

1. A method for providing reference architecture pattern-based permissions management comprising:
- identifying, using a first computing system configured to perform the method for providing reference architecture pattern-based permissions management, one or more roles available to be associated with an individual taking part in the development, and/or deployment, and/or operation of two or more computing system applications using a reference architecture pattern;
  
  generating, using the first computing system, role data representing the identified roles;
  
  identifying, using the first computing system, a plurality of reference tiers used to create, and/or deploy, and/or operate a computing system application using the reference architecture pattern, wherein the plurality of identified reference tiers include at least two selected from a development tier, a pre-production tier, a production tier, a staging tier, an integration tier, a security tier, and an external tier;
  
  generating, using the first computing system, reference tier data representing the identified reference tiers;
  
  for each role represented by the role data, associating, using the first computing system, at least one permission with each reference tier represented in the reference tier data;
  
  assigning, using the first computing system, to the individual one of the roles represented by the role data;
  
  for a first one of the reference tiers associated with a first of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a first permission associated with the role assigned to the individual; and
  
  for a second one of the reference tiers associated with a second of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a second permission associated with the role assigned to the individual, wherein the second permission is different from the first permission.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method for providing reference architecture pattern-based permissions management of claim 1 wherein at least part of at least one of the computing system applications are to be deployed in a cloud computing environment.
  - 3. The method for providing reference architecture pattern-based permissions management of claim 1 wherein at least one of the roles represented by the role data is selected from the group of roles consisting of:
    - a supervisory administrator (SuperAdmin) role;
      
      an administrator (Admin) role;
      
      a security role;
      
      an operator role;
      
      a developer role;
      
      a third party role;
      
      a user role; and
      
      a read-only role.
  - 4. The method for providing reference architecture pattern-based permissions management of claim 1 wherein at least one of the reference tiers represented by the reference tier data is selected from the group of reference tiers consisting of:
    - a development tier;
      
      a pre-production tier;
      
      a production tier;
      
      a web tier;
      
      a staging tier;
      
      an integration tier; and
      
      a security tier.
  - 5. The method for providing reference architecture pattern-based permissions management of claim 2 wherein at least one of the reference tiers represented by the reference tier data is an account provided by a cloud infrastructure provider.
  - 6. The method for providing reference architecture pattern-based permissions management of claim 5 wherein at least one of the reference tiers represented by the reference tier data is an account provided by the cloud infrastructure provider selected from the group of accounts consisting of:
    - a development account;
      
      a performance evaluation account;
      
      a security sandbox account;
      
      a pre-production account;
      
      a production account;
      
      a staging account;
      
      an integration account; and
      
      a security account.
  - 7. The method for providing reference architecture pattern-based permissions management of claim 1 wherein at least one permission associated with each tier represented in the reference tier data is a set of two or more permissions associated with each tier represented in the reference tier data.
  - 8. The method for providing reference architecture pattern-based permissions management of claim 7 wherein at least one set of two or more permissions associated with each tier represented in the reference tier data is a set of two or more permissions selected from the group of sets of two or more permissions consisting of:
    - a super broad permissions set;
      
      a broad permissions set;
      
      a moderate permissions set;
      
      a narrow permissions set;
      
      a forensic permissions set;
      
      a broad forensic permissions set;
      
      a moderate forensic permissions set;
      
      a narrow forensic permissions set;
      
      an administrator permissions set;
      
      a broad administrator permissions set;
      
      a moderate administrator permissions set;
      
      a narrow administrator permissions set;
      
      an integrator permissions set;
      
      a broad integrator permissions set;
      
      a moderate integrator permissions set;
      
      a narrow integrator permissions set;
      
      an end-user permissions set;
      
      a broad end-user permissions set;
      
      a moderate end-user permissions set;
      
      a narrow end-user permissions set;
      
      a read-only permissions set;
      
      a broad read-only permissions set;
      
      a moderate read-only permissions set; and
      
      a narrow read-only permissions set.

9. A system for providing reference architecture pattern-based permissions management comprising:
- at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for providing reference architecture pattern-based permissions management, the process for providing reference architecture pattern-based permissions management including;
  
  identifying, using a first computing system configured to perform the method for providing reference architecture pattern-based permissions management, one or more roles available to be associated with individuals taking part in the development, and/or deployment, and/or operation of two or more computing system applications using a reference architecture pattern;
  
  generating, using the first computing system, role data representing the identified roles;
  
  identifying, using the first computing system, a plurality of reference tiers used to create, and/or deploy, and/or operate a computing system application using the reference architecture pattern, wherein the plurality of identified reference tiers include at least two selected from a development tier, a pre-production tier, a production tier, a staging tier, an integration tier, a security tier, and an external tier;
  
  generating, using the first computing system, reference tier data representing the identified reference tiers;
  
  for each role represented by the role data, associating, using the first computing system, at least one permission with each reference tier represented in the reference tier data;
  
  assigning, using the first computing system, to the individual, one of the roles represented by the role data;
  
  for a first one of the reference tiers associated with a first of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a first permission associated with the role assigned to the individual; and
  
  for a second one of the reference tiers associated with a second of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a second permission associated with the role assigned to the individual, wherein the second permission is different from the first permission.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system for providing reference architecture pattern-based permissions management of claim 9 wherein at least part of the two or more computing system applications are to be deployed in a cloud computing environment.
  - 11. The system for providing reference architecture pattern-based permissions management of claim 9 wherein at least one of the roles represented by the role data is selected from the group of roles consisting of:
    - a supervisory administrator (SuperAdmin) role;
      
      an administrator (Admin) role;
      
      a security role;
      
      an operator role;
      
      a developer role;
      
      a third party role;
      
      a user role; and
      
      a read-only role.
  - 12. The system for providing reference architecture pattern-based permissions management of claim 9 wherein at least one of the reference tiers represented by the reference tier data is selected from the group of reference tiers consisting of:
    - a development tier;
      
      a web tiera pre-production tier;
      
      a production tier;
      
      a staging tier;
      
      an integration tier; and
      
      a security tier.
  - 13. The system for providing reference architecture pattern-based permissions management of claim 10 wherein at least one of the reference tiers represented by the reference tier data is an account provided by an cloud infrastructure provider.
  - 14. The system for providing reference architecture pattern-based permissions management of claim 13 wherein at least one of the reference tiers represented by the reference tier data is an account provided by the cloud infrastructure provider selected from the group of accounts consisting of:
    - a development account;
      
      a pre-production account;
      
      a performance evaluation account;
      
      a security sandbox account;
      
      a production account;
      
      a staging account;
      
      an integration account; and
      
      a security account.
  - 15. The system for providing reference architecture pattern-based permissions management of claim 9 wherein at least one permission associated with each tier represented in the reference tier data is a set of two or more permissions associated with each tier represented in the reference tier data.
  - 16. The system for providing reference architecture pattern-based permissions management of claim 15 wherein at least one set of two or more permissions associated with each tier represented in the reference tier data is a set of two or more permissions selected from the group of sets of two or more permissions consisting of:
    - a super broad permissions set;
      
      a broad permissions set;
      
      a moderate permissions set;
      
      a narrow permissions set;
      
      a forensic permissions set;
      
      a broad forensic permissions set;
      
      a moderate forensic permissions set;
      
      a narrow forensic permissions set;
      
      an administrator permissions set;
      
      a broad administrator permissions set;
      
      a moderate administrator permissions set;
      
      a narrow administrator permissions set;
      
      an integrator permissions set;
      
      a broad integrator permissions set;
      
      a moderate integrator permissions set;
      
      a narrow integrator permissions set;
      
      an end-user permissions set;
      
      a broad end-user permissions set;
      
      a moderate end-user permissions set;
      
      a narrow end-user permissions set;
      
      a read-only permissions set;
      
      a broad read-only permissions set;
      
      a moderate read-only permissions set; and
      
      a narrow read-only permissions set.

17. A system for providing reference architecture pattern-based permissions management comprising:
- an individual access system associated with an individual;
  
  two or more computing system applications to be created, and/or deployed, and/or operated by the individual;
  
  a reference architecture pattern associated with the computing system applications to be created, and/or deployed, and/or operated, the reference architecture pattern including;
  
  role data representing one or more roles to be assigned to individuals taking part in the development, and/or deployment, and/or operation of the computing system applications using the reference architecture pattern;
  
  reference tier data representing reference tiers used to create, and/or deploy, and/or operate the computing system applications using the reference architecture pattern; and
  
  permissions data representing at least one permission assigned to each role represented by the role data for each reference tier represented in the reference tier data;
  
  at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for providing reference architecture pattern-based permissions management, the process for providing reference architecture pattern-based permissions management including;
  
  assigning, using a first computing system, the individual one of the reference architecture pattern roles represented by the role data;
  
  for a first one of the reference tiers associated with a first of the one or more computing system applications and represented in the reference tier data, automatically granting, by the first computing system, the individual a first permission associated with the role assigned to the individual; and
  
  for a second one of the reference tiers associated with a second of the one or more computing system applications and represented in the reference tier data, automatically granting, by the first computing system, the individual a second permission associated with the role assigned to the individual, wherein the second permission is different from the first permission.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The system for providing reference architecture pattern-based permissions management of claim 17 wherein at least part of the computing system applications are to be deployed in a cloud computing environment.
  - 19. The system for providing reference architecture pattern-based permissions management of claim 17 wherein at least one of the roles represented by the role data is selected from the group of roles consisting of:
    - a supervisory administrator (SuperAdmin) role;
      
      an administrator (Admin) role;
      
      a security role;
      
      an operator role;
      
      a developer role;
      
      a third party role;
      
      a user role; and
      
      a read-only role.
  - 20. The system for providing reference architecture pattern-based permissions management of claim 17 wherein at least one of the reference tiers represented by the reference tier data is selected from the group of reference tiers consisting of:
    - a development tier;
      
      a pre-production tier;
      
      a production tier;
      
      a staging tier;
      
      an integration tier; and
      
      a security tier.
  - 21. The system for providing reference architecture pattern-based permissions management of claim 18 wherein at least one of the reference tiers represented by the reference tier data is an account provided by a cloud infrastructure provider.
  - 22. The system for providing reference architecture pattern-based permissions management of claim 21 wherein at least one of the reference tiers represented by the reference tier data is an account provided by the cloud infrastructure provider selected from the group of accounts consisting of:
    - a development account;
      
      a pre-production account;
      
      a performance evaluation account;
      
      a security sandbox account;
      
      a production account;
      
      a staging account;
      
      an integration account; and
      
      a security account.
  - 23. The system for providing reference architecture pattern-based permissions management of claim 17 wherein at least one permission associated with each tier represented in the reference tier data is a set of two or more permissions associated with each tier represented in the reference tier data.
  - 24. The system for providing reference architecture pattern-based permissions management of claim 23 wherein at least one set of two or more permissions associated with each tier represented in the reference tier data is a set of two or more permissions selected from the group of sets of two or more permissions consisting of:
    - a super broad permissions set;
      
      a broad permissions set;
      
      a moderate permissions set;
      
      a narrow permissions set;
      
      a forensic permissions set;
      
      a broad forensic permissions set;
      
      a moderate forensic permissions set;
      
      a narrow forensic permissions set;
      
      an administrator permissions set;
      
      a broad administrator permissions set;
      
      a moderate administrator permissions set;
      
      a narrow administrator permissions set;
      
      an integrator permissions set;
      
      a broad integrator permissions set;
      
      a moderate integrator permissions set;
      
      a narrow integrator permissions set;
      
      an end-user permissions set;
      
      a broad end-user permissions set;
      
      a moderate end-user permissions set;
      
      a narrow end-user permissions set;
      
      a read-only permissions set;
      
      a broad read-only permissions set;
      
      a moderate read-only permissions set; and
      
      a narrow read-only permissions set.

25. A method for providing reference architecture pattern-based permissions management comprising:
- defining one or more reference architecture patterns for the development, and/or deployment, and/or operation of two or more computing system applications;
  
  identifying, using a first computing system configured to perform the method for providing reference architecture pattern-based permissions management, one or more roles to be associated with individuals taking part in the development, and/or deployment, and/or operation of the two or more computing system applications using a reference architecture pattern;
  
  generating, by the first computing system, data representing the identified roles;
  
  for each reference architecture pattern, identifying, by the first computing system, reference tiers used to create, and/or deploy, and/or operate a computing system application using the reference architecture pattern, wherein the identified reference tiers include at least two selected from a development tier, a pre-production tier, a production tier, a staging tier, an integration tier, a security tier, and an external tier;
  
  for each reference architecture pattern, generating, by the first computing system, reference tier data representing the identified reference tiers;
  
  for each reference architecture pattern and for each role represented by the role data, associating, using the first computing system, at least one permission with each reference tier represented in the reference tier data;
  
  assigning, using the first computing system, an individual one of the roles represented by the role data;
  
  for a first one of the reference tiers associated with a first of the two or more computing system applications and represented in the reference tier data, automatically granting the individual a first permission associated with the role assigned to the individual; and
  
  for a second one of the reference architecture pattern tiers associated with a first of the one or more computing system applications and represented in the reference tier data, automatically granting the individual a second permission associated with the role assigned to the individual, wherein the second permission is different from the first permission.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The method for providing reference architecture pattern-based permissions management of claim 25 wherein at least part of the computing system application is to be deployed in a cloud computing environment.
  - 27. The method for providing reference architecture pattern-based permissions management of claim 25 wherein at least one of the roles represented by the role data is selected from the group of roles consisting of:
    - a supervisory administrator (SuperAdmin) role;
      
      an administrator (Admin) role;
      
      a security role;
      
      an operator role;
      
      a developer role;
      
      a third party role;
      
      a user role; and
      
      a read-only role.
  - 28. The method for providing reference architecture pattern-based permissions management of claim 25 wherein at least one of the reference tiers represented by the reference tier data is selected from the group of reference tiers consisting of:
    - a development tier;
      
      a web tier;
      
      a pre-production tier;
      
      a production tier;
      
      a staging tier;
      
      an integration tier; and
      
      a security tier.
  - 29. The method for providing reference architecture pattern-based permissions management of claim 26 wherein at least one of the reference tiers represented by the reference tier data is an account provided by an cloud infrastructure provider.
  - 30. The method for providing reference architecture pattern-based permissions management of claim 29 wherein at least one of the reference tiers represented by the reference tier data is an account provided by the cloud infrastructure provider selected from the group of accounts consisting of:
    - a development account;
      
      a pre-production account;
      
      a performance evaluation account;
      
      a security sandbox account;
      
      a production account;
      
      a staging account;
      
      an integration account; and
      
      a security account.
  - 31. The method for providing reference architecture pattern-based permissions management of claim 25 wherein at least one permission associated with each tier represented in the reference tier data is a set of two or more permissions associated with each tier represented in the reference tier data.
  - 32. The method for providing reference architecture pattern-based permissions management of claim 31 wherein at least one set of two or more permissions associated with each tier represented in the reference tier data is a set of two or more permissions selected from the group of sets of two or more permissions consisting of:
    - a super broad permissions set;
      
      a broad permissions set;
      
      a moderate permissions set;
      
      a narrow permissions set;
      
      a forensic permissions set;
      
      a broad forensic permissions set;
      
      a moderate forensic permissions set;
      
      a narrow forensic permissions set;
      
      an administrator permissions set;
      
      a broad administrator permissions set;
      
      a moderate administrator permissions set;
      
      a narrow administrator permissions set;
      
      an integrator permissions set;
      
      a broad integrator permissions set;
      
      a moderate integrator permissions set;
      
      a narrow integrator permissions set;
      
      an end-user permissions set;
      
      a broad end-user permissions set;
      
      a moderate end-user permissions set;
      
      a narrow end-user permissions set;
      
      a read-only permissions set;
      
      a broad read-only permissions set;
      
      a moderate read-only permissions set; and
      
      a narrow read-only permissions set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Lietz, M. Shannon, Cabrera, Luis Felipe, Price, Christian, Nikulshin, Michelle, Godinez, Javier, Philip, Sabu Kuruvila, Rambur, Brad A., Kennedy, Scott Cruickshanks, Naugle, Erik Thomas
Primary Examiner(s)
Vaughan, Michael R

Application Number

US14/266,107
Publication Number

US 20150319177A1
Time in Patent Office

720 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 67/00   Network arrangements or pro...

Method and system for providing reference architecture pattern-based permissions management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

122 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing reference architecture pattern-based permissions management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

122 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links