| 主权项 |
1. A method for role based access control for a plurality of users in a heterogeneous enterprise environment, the method comprising:
creating, by a processor, a plurality of provisioning units, wherein each provisioning unit represents one or more functional roles with respect to an organizational context; establishing, by the processor, a functional relationship between each of the plurality of provisioning units and one or more applications of a plurality of applications by mapping each of the one or more applications with each of the plurality of provisioning units; mapping, by the processor, a user of a plurality of users with a provisioning unit of the plurality of provisioning units having at least one functional role of the one or more functional roles associated with the user; creating, by the processor, a role-context for the user by mapping 1) the at least one functional role of the one or more functional roles associated with the user, 2) the provisioning unit mapped with the user, 3) an application context of each the one or more applications associated with the mapped provisioning unit, represented by an identity of one or more IT resources, and 4) a business function context represented by categorization of access rights as defined in the one or more IT resources as mentioned in the application context in order to get access to the one or more applications; register, by the processor, one or more services to initialize the at least one functional role of the user to receive the access right with the one or more applications based on the role-context of the user to enable the role-context based access control for the user; and receiving, from a computer of the user, an access permission to the one or more applications, based on the role context of the user, wherein the access permission is received from the processor. |
