Browse Prior Art Database

User Definition in a Network System

IP.com Disclosure Number: IPCOM000048210D
Original Publication Date: 1981-Dec-01
Included in the Prior Art Database: 2005-Feb-08
Document File: 3 page(s) / 58K

Publishing Venue

IBM

Related People

Mingot, C: AUTHOR

Abstract

This article relates to a procedure allowing the security and controls to be improved in a network where a a user at a given location has access to several computing systems. This allows the management of the identification, the rights and the attributes of a given user. According to this article, access to a network node is controlled for a given user in the location where he resides by using the Personnel Data Base of the site.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 55% of the total text.

Page 1 of 3

User Definition in a Network System

This article relates to a procedure allowing the security and controls to be improved in a network where a a user at a given location has access to several computing systems. This allows the management of the identification, the rights and the attributes of a given user. According to this article, access to a network node is controlled for a given user in the location where he resides by using the Personnel Data Base of the site.

In the above figure, three locations (A. B, C) are connected in a network through their data processing center. Assume that a user in location (A) wants to access the applications (X), (Y) and (Z) which are stored respectively in (A), (B) and (C).

To access these applications, user (A) must be previously identified and defined by Data Processing Centers (DPCs) in (A), (B), and (C), and this will be the first contact of user (A) with the network. A conversational system hereafter called UDIN (User Definition In a Network). using display terminals connected to the network, is provided.
1) The user in location (A) asks his DPC center representative to

define and to authorize him to use applications (X), (Y), and

(Z).
2) The DPC representative (generally a librarian), who has the

authority to use UDIN, defines user (A), with valid procedure

information. He is notified each time an invalid keyword is

entered; then the request is automatically stored in a

historical

file and sent to Plans and Controls services of location (A).
3) Using system UDIN at any time, Plans and Controls services of

location (A) can enter the "accept" or "reject" command on the

pending user requests. When "accept" is entered, the tables

which are under the Plans and Controls responsibility (user,

account group, etc.) are automatically updated, then the user

request is stored again in the historical file and sent to the

system administrator of application (X), (Y) or (Z), when

necessary.
4) At any time, the system administrator of application (Y), for

instance, can display (or print) all the user requests pending

for this application. He defines user (A) in the system of

location (B) to authorize him to access application (Y). Then

using system UDIN, he enters the "done" command on that

pending user request which notifies the DPC representative

of location (A) that user (A) can use application (Y).

As can be seen in the above figure, using UDIN, the responsibility for a user definition is automatically distributed all over the network.

The DPC representative is well informed to assign the project box or any procedure information related to this user. Plans and Controls has a security responsibility (Is the user authorized to work on location (B) and to access

1

Page...