发明名称 |
Providing Integrated Role-based Access Control |
摘要 |
An example method includes, identifying a request from a user associated with a user role. The request corresponds to: an application request to access a first module in an enterprise application; and a data request to access a first portion of a database through the first module. The method also includes: responsive to a first determination that, based on the user role, the application request by the user is permissible: granting the application request; and responsive to a second determination that, based on the user role, the data request by the user is permissible: granting the data request to access the first portion of the database through the first module. The user role is associated with a plurality of access permissions, each specifies: an exhaustive set of application requests permitted to the user role; and an exhaustive set of data requests permitted to the user role. |
申请公布号 |
US2016098572(A1) |
申请公布日期 |
2016.04.07 |
申请号 |
US201414504321 |
申请日期 |
2014.10.01 |
申请人 |
Povalyayev Viktor;Chinnathambi Senthil;Hu David;Krishnamohan Lata |
发明人 |
Povalyayev Viktor;Chinnathambi Senthil;Hu David;Krishnamohan Lata |
分类号 |
G06F21/62;H04L29/06 |
主分类号 |
G06F21/62 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method comprising:
at a computing device having one or more processors and memory storing one or more programs for execution by the one or more processors: identifying a request from a user associated with a user role, wherein the request corresponds to:
an application request to access a first module in an enterprise application; anda data request to access a first portion of a database through the first module; responsive to a first determination that, based on the user role, the application request by the user is permissible:
granting the application request to access the first module in the enterprise application; andresponsive to a second determination that, based on the user role, the data request by the user is permissible:
granting the data request to access the first portion of the database through the first module; wherein the user role is associated with a plurality of access permissions;
each access permission in the plurality of access permissions specifies:
an exclusive set of application requests permitted to the user role; andan exclusive set of data requests permitted to the user role. |
地址 |
Palo Alto CA US |