CENTRALIZED ENTITLEMENTS

摘要

A method and central entitlement server are presented for centrally storing and providing entitlements to subscribing application servers. The subscribing application servers provide services to bank accounts held by corporate customers. Services are requested by corporate customer users and in service requests. Prior to performing a requested service, the subscribing application servers verify that the requesting corporate customer user has permission to request the service on the account identified in the service request. The subscribing application servers verify requested services using entitlements received from the central entitlement server. Services that can be requested are stored in a hierarchical data structure. The hierarchical data structure includes at least one product as a root. Each product is linked to at least one product function, each product function is linked to at least one function type, each function type is linked to an action, and each action corresponds to a service.

主权项

1. A central entitlement server for centrally storing and providing entitlements to subscribing application servers, each subscribing application server provides services to accounts held by corporate customers at a bank, the corporate customer designating at least one corporate customer user, the server comprising:
a database encoded to a non-transitory computer readable memory storing the entitlements, wherein each entitlement relates to at least one corporate customer user and specifies at least one associated account and at least one approved service the at least one corporate customer user has permission to request, wherein each at least one approved service is one of a plurality of possible services and is mapped to a hierarchical data structure of services, the hierarchical data structure of services comprising:
at least one product, wherein the at least one product is a root and each product is a parent of and links to at least one product function;each product function linking to at least one function type, wherein the product function is a parent of the at least one function type; andeach function type linking to at least one action, wherein:
the function type is a parent of the at least one action;each action corresponds to one of the plurality of possible services;each of the plurality of possible services are represented by a corresponding action; andeach action is identified as approved if the at least one corporate customer user has permission to request the service corresponding to the action or disapproved if the at least one corporate customer user does not have permission to request the service corresponding to the action; a processor configured to determine the entitlements associated with each subscribing application server and instruct a network interface to send each subscribing application server the entitlements stored in the database that are associated with the subscribing application server; and the network interface configured to receive the instruction from the processor and send each subscribing application server the entitlements associated with the subscribing application server.