151 results about "Role base access control" patented technology

Systems and methods are disclosed for receiving an access request from a user device, the access request including an identity claim for a user; evaluating a risk of access based on matching an attribute of the user device with attributes stored in a user information database; authenticating the access request based on the identity claim and the risk evaluation to determine an authentication confidence level; generating a token based on the confidence level and the attribute matched; producing an authorization response based on inputs from the token, a risk based access control, a role based access control, and an attribute based access control, in which the authorization response determines whether to allow access to a system, deny access to the system, or request additional input from the user device.

The invention relates to a role-based access control system, including a role definition system for defining roles to be sets of permissions on individual resources thus forming role instances, respectively; and a super role definition system for defining at least one super role by grouping a set of role instances into one super role, wherein the one super role contains all permissions contained in the grouped resource instances. Furthermore, the present invention deals with an appropriate method, a computer program and a computer program product.

An Organizational Role-based Access Controlled Management System capable of controlling role-based access within an organization allows system analysts or managers to build and control access roles for the various application systems within an organization. This system can also allow an end-user to choose the functions of the application systems and logon rights associated with the role. The system includes one or more personal computers and a server based on an event-driven mechanism. System analysts and end-users access synchronized data to manage the end-users' access roles. This system allows a system analyst to build and limit “set and set” relationships, as well as “member and set” relationships to pass information and manage organizational networks, roles, functions, privileges, etc. Different roles under various application systems can have different access rights and functions assigned. This system breaks away from the limitation of the conventional RBAC (Role Based Access Control) and allows system analysts to manage and adapt access roles according to the practical needs of different users and their complicated relationships to the organization and one another.

A role based access control system is described that assigns roles, which otherwise are mutually exclusive, to users based on detecting designated conditions when the user initiates actions or operations on the network. The assignment of the role to a particular user may be conditional upon one or more such designated conditions occurring. In particular, two roles that are mutually exclusive of one another may be occupied by one user for purpose of performing specified operations upon designated conditions being detected when the user initiates one or more of the specified operations. Business rules specify conditions for assigning the conditional roles.

The present invention can enable increasing refinement of role-based permission to access data within a Role Based Access Control (RBAC) controlled computer system by enabling constraints to be written on the role-based permissions. The constraints may utilize each and every type or combination of subject, object, or environment information extracted from sources internal or external to the controlled computer system and may evaluate the content or context of the information extracted to enable refined and dynamic access after the role permission assignment and immediately before every access grant without the reassignment of roles.