Browse Prior Art Database

Access / Permissions Based on Demonstrated Skill

IP.com Disclosure Number: IPCOM000237131D
Publication Date: 2014-Jun-04
Document File: 2 page(s) / 29K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a mechanism to automatically grant users access to higher levels of functionality or permissions within a system. The mechanism monitors and/or tests the user’s proficiency at basic tasks and, when those tasks are accomplished, allows the user to graduate to a higher level of access rights or permissions.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 2

Access / Permissions Based on Demonstrated Skill

In typical application implementations that require some form of user access control to its functions, these access rights tend to be a static set of rules: User of type A cannot run function X or User of type B cannot read function Y. When a user wishes to access any function outside of the current permission level, a request is submitted to an administrator, and then this person modifies the permissions table granting the user access or upgrading the permissions level to one that includes the function the user is trying to access. This process can take some time. Once contacted, the administrator evaluates the request, determines whether the use of the function is necessary, obtains the proper approvals, trains the user for the new access rights, etc.

The disclosed method can not only bypass the time delay, but also possibly preempt the request and automatically grant rights based on a set of predetermined rules. The novel contribution is a mechanism that monitors the user's success at basic tasks and, when those tasks are accomplished, allows the user to graduate to a higher level of access rights or permissions. The mechanism encompasses two related approaches.

First, administrators can configure the application with a set of criteria, tasks, or skills required to gain access to each level of user rights. These criteria are kept together in a database that contains all the different access rights and assigned users. For example, a junior administrator may start with access to a specific virtual server. During normal use of the management utility, the application tracks a user's progress through the required steps for each access level. The mechanism can be set to automatically grant access to these tasks when the user meets the requirements. In addition, the mechanism can alert the user and/or the administrator when the user meets the requirements and indicate that the user is qualified for the next level. This also allows the user to...