| 发明名称 |
CATALOG DRIVEN ORDER MANAGEMENT FOR RULE DEFINITION |
| 摘要 |
Centralized single sign-on service for entitlement for multiple different application interface objects to relational database objects is provided as a function of a set of relational extensible mark-up language links. Roles are mapped to a unique user identification by a first extensible mark-up language link. A permission value within a second extensible mark-up language link that specifies a type of access to a unique data object identification is linked to the roles mapped in the first link. An object type and an object name within another extensible mark-up language link are linked to the determined permission value and to the unique data object identification. Access to a data object within a database by different external applications is enabled pursuant to the determined permission value as a function of the data object having the unique data object identification, the first and the second external applications using different application formats. |
| 申请公布号 |
US2015135296(A1) |
申请公布日期 |
2015.05.14 |
| 申请号 |
US201314079880 |
申请日期 |
2013.11.14 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Cason Stanley P.;Majumdar Gautam;Sharma Prabhat |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for a centralized single sign-on service for entitlement for multiple different application interface objects to relational database objects as a function of a set of relational extensible mark-up language links, the method comprising:
in response to a secure, single sign-on validation of a unique user identification, determining at least one role that is mapped to the unique user identification by a first extensible mark-up language link; determining a permission value that is within a second extensible mark-up language link and that is linked to the at least one role in the first extensible mark-up language link, wherein the permission value specifies a type of access to a unique data object identification; determining an object type and an object name that are each within a third extensible mark-up language link and that are linked to the determined permission value and to the unique data object identification; and enabling first and second external applications to access a data object within a database pursuant to the determined permission value as a function of the data object having the unique data object identification, wherein the first and the second external applications use different application formats. |
| 地址 |
Armonk NY US |
