| 摘要 |
One or more techniques for access validation are provided. Access validation may be performed automatically or in real-time. Access validation may be at the resource level or at a sub-resource level. Techniques provided herein may be applied in a large variety of situations and industries, e.g. compliance management or inventory. Access validation reports may be generated in real-time or may link to indications of access validation in real-time. Five outcomes or options are provided, including affirmative, negative, stronger negative with larger implication, undetermined, and negative, however with temporarily granted access. A field for allowing entry of justification for access to a particular resource is provided. Reminders to validate privileges are provided. A continuous access validation process is provided. A technique for extending the hierarchy and corresponding workflow that is generated thereof is provided. |
| 主权项 |
1. An apparatus configured for performing access validation, comprising:
one or more processors; an access validation application executable by said one or more processors, said access validation application configured for:
receiving a request to perform access validation of a particular resource to which access had previously been granted;responsive to receiving the request, determining whether the previously granted access to said resource is valid by using a structure of a hierarchy of resources and a location of the particular resource within the hierarchy and by requesting access validation from at least one owner of at least one sub-resource of the particular resource, respectively, as defined by the structure of the hierarchy, by sending a request for approval to the at least one owner;wherein the owner of the particular resource is responsible for validating entities which are in the realm of responsibility of the owner and wherein entities which are in the realm of responsibility of the owner comprise one or more sub-resources, each said sub-resource having a corresponding owner, and wherein each corresponding owner is required to perform access validation for its sub-resource and is responsible for validating entities which are in its realm of responsibility; andin response to determining whether the previously granted access to said resource is valid, responding with any of the following five options:
an affirmation of validity;a negative indication that said previously granted access to said resource is not valid;a stronger condition;an answer indicating that it cannot be determined whether the previously granted access to said resource is valid; andan exception, wherein it was determined that the previously granted access to the resource is not valid, however that temporary access to the resource is required; wherein configuring said access validation application does not require business rules. |
