Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
1999-12-27
2003-07-15
Metjahic, Safet (Department: 2171)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000
Reexamination Certificate
active
06594661
ABSTRACT:
BACKGROUND OF THE INVENTION
This invention generally relates to managing user access to computer applications; and more specifically, to methods and systems for creating access definitions.
In many situations, computer applications are often designed for limited or restricted access. Present procedures for managing access to applications are not completely satisfactory for a number of reasons. For instance, when developing applications, developers must build functions within each application that manage access to the applications. Many times this entails duplicating the same functions regarding identifying users and groups of users, and mapping these to what access they can perform.
Also, when administrators want to provide user access to a group of applications, those administrators must work with each application individually to define that access. In addition, with typical applications, access constructs such as groups and roles cannot be shared across applications, and these constructs must be defined within each application in the proprietary manner that the application supports.
SUMMARY OF THE INVENTION
An object of this invention is to improve methods and systems for managing access to computer applications.
Another object of the present invention is to manage access to several applications using one controlling application that receives, through a defined protocol, the data elements needed to provide that access.
A further object of this invention is to create single definitions for access constructs such as groups and roles that can be used across many applications.
A still another object of the present invention is to manage access control from one controlling application, with that controlling application sharing these access definitions back to the application being controlled via a defined protocol and format.
These and other objectives are attained with a method and system for controlling access to a source application. The method comprises the steps of providing a controlling application, and binding the source application to the controlling application to allow the controlling application to change access to the source application. Information is passed from the source application to the controlling application to identify the source application and reference data to define access to the source application, and group and role definitions are constructed within the controlling application. An access definition is created by assigning a user access to the source application based on the group and role definitions and the reference data, and that access definition is exported to the source application.
The preferred embodiment of this invention provides a single controlling application and set of protocols whose functions, among others, allow for the binding of a source application with the controlling application so as to form a handshake or agreement that the controlling application has the ability to change access to the source application. Also, with this preferred embodiment, the source application provides what reference data it wants to the controlling application to use in defining access definitions. This reference data are passed via a defined protocol that allows the source application to define and enumerate reference data that it wants to use in controlling access.
REFERENCES:
patent: 5694601 (1997-12-01), White
patent: 5960441 (1999-09-01), Bland et al.
patent: 5987506 (1999-11-01), Carter et al.
patent: 6014666 (2000-01-01), Helland et al.
patent: 6144959 (2000-11-01), Anderson et al.
patent: 6154741 (2000-11-01), Feldman
patent: 6202066 (2001-03-01), Barkley et al.
patent: 6314425 (2001-11-01), Serbinis et al.
patent: 6408336 (2002-06-01), Schneider et al.
Metjahic Safet
Nguyen Cam Linh
Samodovitz, Esq. Arthur J.
LandOfFree
Method and system for controlling access to a source... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for controlling access to a source..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for controlling access to a source... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3092664