Access administration using activatable rules
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-003/048
G06F-021/00
출원번호
UP-0142746
(2005-06-01)
등록번호
US-7703033
(2010-05-20)
발명자
/ 주소
Buchholz, Cristina
출원인 / 주소
SAP AG
대리인 / 주소
Buckley, Maschoff & Walwalkar LLC
인용정보
피인용 횟수 :
4인용 특허 :
3
초록▼
Access to information instances is administered using selectively activatable rules. A computer program product includes rules establishing authorizations to information instances in a computer system, each of the rules authorizing a predefined subject to perform a predefined action on a predefined
Access to information instances is administered using selectively activatable rules. A computer program product includes rules establishing authorizations to information instances in a computer system, each of the rules authorizing a predefined subject to perform a predefined action on a predefined object. The computer program product includes an activation function for an administrator to selectively activate at least one of the rules, the activated rule to be applied upon a user seeking to perform an action on any of the information instances.
대표청구항▼
What is claimed is: 1. A computer program product to be used in administrating user access to data, the computer program product being tangibly embodied in a machine-readable storage device and comprising: rules establishing authorizations to data in a computer system, each of the rules to authoriz
What is claimed is: 1. A computer program product to be used in administrating user access to data, the computer program product being tangibly embodied in a machine-readable storage device and comprising: rules establishing authorizations to data in a computer system, each of the rules to authorize a subject to perform an action on data; and an activation function usable by an administrator to selectively indicate whether at least one of the rules is to be applied against a user seeking to perform an action on any of the data, wherein the activation function is to use a first type of graphical indication to graphically indicate that an attribute associated with a first rule cannot be evaluated, and to use a second type of graphical indication to graphically indicate that the first rule will be applied against the user in a case that the attribute can be evaluated, and wherein the activation function is to use a third type of graphical indication to graphically indicate that an attribute associated with a second rule can be evaluated, and to use a fourth type of graphical indication to graphically indicate that the second rule will be applied against the user. 2. The computer program product of claim 1, wherein the activation function is displayed in a graphical user interface generated by the computer program product. 3. The computer program product of claim 1, wherein the rules are grouped in at least one work center software module that can be assigned to one or more users. 4. The computer program product of claim 3, wherein the work center software module is proposed for assignment to the one or more users based on a role of the one or more users. 5. The computer program product of claim 3, wherein the work center software module provides general authorization to perform a plurality of actions. 6. The computer program product of claim 5, wherein the rules are configured to limit the general authorization provided by the work center software module. 7. The computer program product of claim 6, wherein if the attribute associated with the first rule is not specified in the computer system, the first rule does not limit a general authorization to perform an action associated with the first rule. 8. The computer program product of claim 1, included in the computer system upon delivery to a customer. 9. The computer program product of claim 8, wherein the subjects are to be specified by the customer. 10. A computer program product tangibly embodied in a machine-readable storage device, the computer program product comprising instructions that, when executed, generate on a display device a graphical user interface (GUI) for administrating user access to data, the GUI comprising: first items to indicate rules for establishing authorizations to data in a computer system, each of the rules authorizing a user to perform an action on an object; a first type of graphical indication to graphically indicate, for a first rule indicated as to be applied against the user, that an attribute associated with the first rule cannot be evaluated; a second type of graphical indication to graphically indicate that the first rule will be applied against the user in a case that the attribute can be evaluated; a third type of graphical indication to graphically indicate that an attribute associated with a second rule can be evaluated; and a fourth type of graphical indication to graphically indicate that the second rule will be applied against the user. 11. The computer program product of claim 10, wherein the first items are grouped in association with a work center software module that can be assigned to one or more users. 12. The computer program product of claim 11, wherein an administrator may activate at least one of the rules to limit a general authorization provided by the work center software module. 13. The computer program product of claim 12, wherein the GUI provides status information indicating whether the attribute associated with the first rule has been specified in the computer system. 14. A system comprising: a computer device comprising: a repository storing information instances; and an authorization and access management module including rules establishing authorizations to the information instances and user IDs defining subjects, each of the rules to authorize a subject to perform an action on an information instance; and an administration system in communication with the computer device to display an administration graphical user interface to selectively indicate whether at least one of the rules is to be applied against a subject seeking to perform an action on any of the information instances, wherein the administration system is to use a first type of graphical indication to graphically indicate that an attribute associated with the first rule cannot be evaluated, and to use a second type of graphical indication to graphically indicate that the first rule will be applied against the subject in a case that the attribute can be evaluated, and wherein the administration system is to use a third type of graphical indication to graphically indicate that an attribute associated with a second rule can be evaluated, and to use a fourth type of graphical indication to graphically indicate that the second rule will be applied against the subject. 15. A system according to claim 14, wherein if the attribute associated with the first rule is not specified in the computer device, the first rule does not limit a general authorization to perform an action associated with the first rule. 16. A system according to claim 14, wherein the graphical user interface is to provide status information indicating whether the attribute associated with the first rule is specified in the computer device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (3)
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.