Browse Prior Art Database

Triplet approach for achieving instance based access control in systems management applications

IP.com Disclosure Number: IPCOM000227803D
Publication Date: 2013-May-17
Document File: 3 page(s) / 155K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is an approach to leveraging role based access control, by allowing a systems administrator to a assign role to users and also specify the specific systems one can operate on in the given role. Basically this provides a triplet relationship between Roles, Users/user groups, Resource/Resource group.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 01 of 3

Triplet approach for achieving instance based access control in systems management applications

Most of the instance based access controls are implemented by creating a user - resource based ACL, to determine who can do what on a given resource. This is a problem for many enterprises, as the users are not permanent. The users change as people leave the company etc. The Role based access control solves the basic problem of isolating applications from the users, using the concept of roles. But still we cannot achieve instance based access control with out the use of ACL. An approach is needed to enhance the existing Role based access control (RBAC) to support instance based access control.

Figures 1 and 2 show the basic data model that introduces the schema representation of the triplet relationship.

Figure 1

1


Page 02 of 3

Figure 2

Figure 3 suggests how the idea is implemented using a user interface. As part of role association, user will be asked to identify which resources/ group of resources that the user in role will be able to access.

2


Page 03 of 3

Figure 3

3