AU2003200813B2 - System and method for selectively defining access to application features - Google Patents
System and method for selectively defining access to application features Download PDFInfo
- Publication number
- AU2003200813B2 AU2003200813B2 AU2003200813A AU2003200813A AU2003200813B2 AU 2003200813 B2 AU2003200813 B2 AU 2003200813B2 AU 2003200813 A AU2003200813 A AU 2003200813A AU 2003200813 A AU2003200813 A AU 2003200813A AU 2003200813 B2 AU2003200813 B2 AU 2003200813B2
- Authority
- AU
- Australia
- Prior art keywords
- attribute
- user
- value
- parent
- attributes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000000034 method Methods 0.000 title claims description 45
- 101000772194 Homo sapiens Transthyretin Proteins 0.000 description 18
- 102100029290 Transthyretin Human genes 0.000 description 18
- UGODCLHJOJPPHP-AZGWGOJFSA-J tetralithium;[(2r,3s,4r,5r)-5-(6-aminopurin-9-yl)-4-hydroxy-2-[[oxido(sulfonatooxy)phosphoryl]oxymethyl]oxolan-3-yl] phosphate;hydrate Chemical compound [Li+].[Li+].[Li+].[Li+].O.C1=NC=2C(N)=NC=NC=2N1[C@@H]1O[C@H](COP([O-])(=O)OS([O-])(=O)=O)[C@@H](OP([O-])([O-])=O)[C@H]1O UGODCLHJOJPPHP-AZGWGOJFSA-J 0.000 description 9
- KJBWWVTTZNVMKW-LPYMAVHISA-N 1-(dipyridin-2-ylmethylideneamino)-3-[(E)-(2-hydroxyphenyl)methylideneamino]thiourea Chemical compound Oc1ccccc1\C=N\N\C([S-])=[NH+]/N=C(c1ccccn1)c1ccccn1 KJBWWVTTZNVMKW-LPYMAVHISA-N 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000003252 repetitive effect Effects 0.000 description 2
- 230000007717 exclusion Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Description
AUSTRALIA
Patents Act 1990 ELECTRONIC DATA SYSTEMS CORPORATION COMPLETE SPECIFICATION STANDARD PATENT Invention Title: System and method for selectively defining access to application features The following statement is a full description of this invention including the best method of performing it known to us:- SYSTEM AND METHOD FOR SELECTIVELY DEFIING ACCESS TO APPLICATION FEATURES TEHIICAL aQ.JQ The following invention relates generally to defining user access to*~ computer systems, and in particular, to the ability to define selectively and flexibly the limits of each of a plurality of users' access to the features of one or more' applications capable of being run on a computer system.
In an environment such as a shared-resource service bureau environment, where many employees and/or clients have access to a computer system capable of running numerous applications, it is often desirable to have the ability to restrict access by certain users or classes of users to one or more features of such applications. As used herein, the :enn "features" includes any of the nearly infinite possible application functions such as, by way of example, accessing data from database tables, generating, viewing and printing reports, and sending and/or receiving e-mail.
Presently, such flexibility in restricting user access is unavailable.
With respect to restricting access to data, one method presently employed by Oracle' Corporation in its database programs is to limit,4 at the database level, a user's ability to access particular data tables. Oracle* Corporation accomplishes this by providing for the assiprment of "ivies"to users which restrict access, not specifically to the data itself, but to the tables holding the data.
Thec need for more flexibility in restricting access to application features, including the data access feature restricted by the Oracle roles, can be illustrated by a simple example, The following is a hypothetical data table of confidential financial transactions made by clients A, B and C on the morning of June 1998, where WDRWVL indicates a withdrawal, DPST indicates a deposit, and PYMNT indicates a payment.
Table 1 Client Time Type Amount 1 A 9:15A WDRWL 1000.00 2 B 9:17A DPST 2500.00 3 B 9:24A DPST 1750.00 4 A 9:35A PYMNT 5000.00 C 10:02A WDRWL 50.46 6 A 10:41A DPST 106.08 7 C 10:47A PYMNT 530.06 In order to prepare a report regarding the confidential transactions of only client A for the month of June, one needs access to the data in rows 1, 4 and 6, but not rows 2, 3, 5 and 7. Since this data is highly sensitive, restriction of access to the data pertinent only to the assignment reporting of client A's transactions is highly desirable.
In addition, the application used to prepare a report of A's past transactions may have the ability to generate several different types of reports, including reports projecting future performance in addition to showing past performance. Depending on who is given the assignment, it may not be desirable to permit access to both types of report-generating abilities. It may also be undesirable to permit printing of the reports generated.
Any discussion of documents, acts, materials, devices, articles or the like which has been included in the present specification is solely for the purpose of providing a context for the present invention. It is not to be taken as an admission that any or all of these matters form part of the prior art base or were common general knowledge in the field relevant to the present invention as it existed before the priority date of each claim of this application.
SUMMARY OF THE INVENTION O Throughout this specification the word "comprise", or variations such as "comprises" or "comprising", will be understood to imply the inclusion of a stated F- element, integer or step, or group of elements, integers or steps, but not the exclusion of any other element, integer or step, or group of elements, integers or steps.
The present invention provides in a computer system capable of running at Cc least one application and maintaining a database, each application having at least one feature, a method for defining a user's access to said at least one feature comprising 00 the steps of: c, 10 assigning at least one attribute to said user; e¢3 storing said at least one attribute in a first table in said database; Sassigning a parent value for each actual value of said at least one attribute, whereby one or more parent-child relationships are created; storing said one or more parent-child value relationships in a second table in said database; running an application in said computer system; receiving from said first table one or more of said at least one attribute assigned to the user; retrieving said one or more parent-child value relationships from said second table; determining whether any of the retrieved attributes may be discarded in accordance with the retrieved parent-child value relationships; and enforcing the retrieved attributes, whereby the user's access to said at least one feature of said application is defined in accordance with the retrieved attributes.
The present invention also provides in a computer system capable of running at least one application and maintaining a database, each application having at least one feature, a method for defining a user's access to said at least one feature comprising the steps of: assigning at least one attribute to said user; storing said at least one attribute in a first table in said database; assigning a parent value for each actual value of said at least one attribute; and storing parent-child value relationships in a second table in said database; running an application in said computer system; retrieving from said first table in the database one or more of said at least one attribute assigned to the user; providing the retrieved attributes to said running application; retrieving said parent-child value relationships from said second table; determining whether any of the retrieved attributes may be discarded in accordance with the retrieved parent-child value relationships; and enforcing the attributes, whereby the user's access to said at least one feature of said application is defined in accordance with the retrieved attributes.
The present invention further provides a computer system comprising: means for running an application, said application having at least one feature; means for maintaining a database; means for assigning at least one attribute to a user; 00 Smeans for storing said at least one attribute in a first table in said database; IN 10 means for assigning a parent value for each actual value of said at least one Sattribute, whereby one or more parent-child relationships are created; means for storing said one or more parent-child value relationships in a second table in said database; means for retrieving from said first table said at least one attribute assigned to the user; means for retrieving said one or more parent-child value relationships from said second table; means for determining whether any of the retrieved attributes may be discarded in accordance with said parent-child value relationships; and means for enforcing the retrieved attributes, whereby the user's access to said at least one feature of said application is defined in accordance with said at least one attribute assigned to the user.
The present invention further also provides a computer system comprising: means for running an application, said application having at least one feature; means for maintaining a database; means for assigning at least one attribute to a user; means for storing said at least one attribute in a first table in said database; means for assigning a parent value for each actual value of said at least one attribute; means for storing parent-child value relationships in a second table in said database; means for retrieving from said first table said at least one attribute assigned to the user; means for retrieving said parent-child value relationships from said second table; means for determining whether any of the retrieved attributes may be discarded in accordance with the retrieved parent-child value relationships; t means for providing the retrieved attributes to said application; and means for enforcing the attributes, whereby the user's access to at least one feature of said application is defined in accordance with at least one attribute assigned to the user.
It is therefore an advantage of the present invention to provide the ability to selectively define access to application features available to a given user or group of users of a computer system.
It is a further advantage of the present invention to provide greater flexibility oO 0than is presently available in the ability to restrict user access to data contained in S 10 table-oriented databases.
For a better understanding of the present invention, together with other and Sfurther advantages, reference is made to the following description, taken in conjunction with the accompanying drawings and its scope will be pointed out in the appended claims.
BRIEF DESCRIPTION OF THE DRAWINGS FIGURE 1 is a block diagram depicting an exemplary system according to the present invention; FIGURE 2 is a block diagram depictig an example of the user attributes system grouping scheme of the present invention; and FIGURE 3 is a flow diagram depicting one embodiment of the method of the present invention.
DETAIL ED DESCRIPTION OF THE INENION UserLAttriuo FIGURE 1 is a block diagram depicting an exemplary system according to the present invention. A computer 5 runs database softare 8 which maintains data tables represented by tables 11, 13 and 15. Numerous applications, represented by applications ABC, DEE and GHI, are also run on computer 5, some providing mean for retrieving and manipulating the data in tables 11, 13 and Each of the users of the system, X, Y and 7, has access to computer 5 via terminals, represented by computers 18, 21 and 24, respectively. According to the present invention, users X, Y and Z are assigned one or more "attributes." Each attribute has a name which designates an application feaure to which access is being defined (e~g, the ability to access data within the database) and a value defining the limits of access, explained in rater detail below. Unless the context indicates otherwise, as used herein, the term attributes will be used to refer to a name-value pair.
Attributes are maintained in a table by database software 8, and define the users' respective abilities to run applications ABC, DEF and GHI, By way of example, two useful attributes art DATA -SCOPE and USER-LEVEL.
DATA-SCOPE defines the data to which the user is permitted access, and, using Table I above as an example, has possible values of A, B, C or ALL which represent the data associated with clients A, B, C or all three clients, respectively.
USER-LEVEL is a broad attribute which defines generally the level of access to the particular features of a given application which a user chooses to run. USER -LEVEL preferably has values of ADMIN, REGULAR and RESTRICTED, where ADMIN is the least restrictive, granting access to all available features of a particular application, report retrieval, e-mail, printing. RESTRICTED limits users to the most basic application features, report generation. REGULAR level users are permitted access to fewer features than ADMIN level users, but more than RESTRICTED level users. Each application can interpret the USER-LEVEL attribute based on the 3 0 different features it provides It will be understood that several narrowly focused attributes, relating to report generation or printing, may be used in lieu of the USER-LEVEL attribute.
The two attributes DATA_-SCOPE and USER-LEVEL, and their respective values, are, of course, only examples. One skilled 'in the art will appreciate the unlimited potential for defining attributes limiting access to application features.
Gwouing Attributes may be assigned to users individually, or, in a preferred embodiment a grouping scheme may be implemented, an example of which is il lustrated in FIGURE 2. Attributes such as DATA-SCOPE and USER LEVEL are represented by squares, "attribute groups" are represented by triangles and "assignee groups" are represented by circles. Attribute groups consist only of attributes and their values, while assignee groups consist of attribute groups and/or other assignee groups, but not individual attributes. In a preferred embodiment of the grouping scheme, each attribute group is limited to attributes for a single application, thereby providing the ability to assign different attributes and values for different applications.
In an alternative embodiment, attribute groups may be created independent of particular applications such that one group may contain attributes for all applications.
Although providing less flexibility in defining access to features of individual applications, such a system would be simpler to implement.
In the preferred embodiment, a table APPS, which contains at least one column called APP CODE, defines the list of valid applications that may have associated attributes. With reference back to FIGURE 1, the valid APP CODE values in this example are ABC, DEE and GHI. Other columns in the APPS table would contain whatever information that is needed by each of the applications. For example, in a menuing system which provides icons from which a user chooses an application to run, a column APP_-NAME would contain the character string that is used as the visible label of the icon associated with the application in the APP CODE column.
Each attribute group defines a set of zero or more attributes for a specific application identified by an APP_CODE. An attribute group of zero attributes could be used to indicate that default values for the attributes should be assigned for that application. Typically, the default values will be the most restrictive.
Alternatively, an attribute group of 'zero attributes could be used to indicate that there are no features of the application identified by the APP -CODE to which access is to be defined other than the ability to run the application.
The grouping examp le of FIGURE 2 depicts a more complex user structure than the example previously under discussion in connection with FIGURE I and Tablet1. The attribute groups 106, 115, 130, 145 and 148 of FIGURE 2 have attributes assigned as follows: Iaaac Attribute Application Attribute Name Attribute Value 106 GHI DATA-SCOPE
ALL
USER-LEVEL
ADMIN
115 DEF DATA-SCOPE
ALL
USER-LEVEL
REGULAR
130 ABC. DATA-SCOPE
A
DATA-SCOPE
B
______USER-LEVEL
REGULAR
145 ABC DATA-SCOPE
A
DATA-SCOPE
B
USER-LEVIEL
RESTRICTED
148 DEF DATA-.SCOPE
B
DATA-SCOPE
C
USER-LEVEL RESTRICTED In this preferred embodiment, the application to which each attribute group applies is specified at the time the group is created, and, in the example under discussion, is indicated in the above Table 2 in the second column.
Returning to FIGURE 2. a user assigned attribute group 106 will have attributes DATA-SCOPE 107 and USER-LEVEL 108 with values of ALL and ADMIN, respectively, as shown in Table 2. According to the attributes, the user should be permitted ADMIN access to application OH] and will be granted access to data relating to each of clients A, B and C when running that application. A user assigned attribute group 130 will have three attributes DATA_-SCOPE 133, DATA-SCOPE 136 and USER-LEVEL 139 with values of A, B and REGULAR, respectively. According to the attributes, this user will be able to access data relating to clients A or B and will be able to access the features of application ABC which are pro-defined for a user of REGULAR status. A user assigned attribute group 145 will have RESTRICTED access to application ABC and will be granted access to data relating to clients A and B. A user assigned attribute group 148 will be permitted RESTRICTED access to application DEF and will be granted access to data relating to clients B and C.
One or more attribute groups can be assigned to assignee groups. In FIGURE 2, assignee group 142, for example, may consist of attribute groups 145 and 148 and may include all of the attribute name-value pairs listed in the last two columns of the following Table 3: Assignee JAttribute Application jAttribute Name j ttValue 142 145 ABC DATA-SCOPE
A
DATA-SCOPE
B
USER-LEVEL RESTRICTED 148 DEF DATA-SCOPE 8 DATA-SCOPE
C
ER LEVEL RESTRICTED Assignee groups can also be assigned to other assignee groups. This is illustrated in FIGURE 2 by assignee group 103, which includes all attributes in assignee group 142 as well as all attributes in attribute groups 130 and 115. Assignee group 100 at the top of the figure consists of assignee group 103 and attribute group 106. Assignee group 100, therefore, contains all attributes in each of the five attribute groups 130, 145, 148, 115 and 106.
The attribute grouping system is particularly well-suited for assigning attributes to employees of differing levels of responsibility. For example, attribute groups 115, 130, 145 and 148 may be assigned to low- or mid-level employees, while assignee groups 100, 103 and 142 and attribute group 106 may be assigned to management personnel whose responsibility it is to oversee the work of the lowerlevel employees and, with respect to attribute group 106, run their own applications.
In this preferable grouping system, the assignment of attributes to attribute groups, assignee groups and users are kept in a table, ATTRIBUTES. The ATTRIBUTES table has three columns: ASSIGNEE, ATTRIBUTE NAME and ATTRIBUTEVALUE. ASSIGNEE may be an attribute group name, an assignee group name or a user. ATTRIBUTE NAME is the name of the attribute DATA-SCOPE). ATTRIBUTE VALUE is a specific value for the named attribute
ALL).
The ATTRIBUTES table is maintained.using seven basic commands.
These exemplary commands are set forth below as Oracle procedures for use in an Oracle database epvironment. Those skilled in the art will appreciate that analogous commands may be derived for other environments. In the following descriptions, parameters are in single quotes and literal strings are in double quotes.
£2mmand N2.
atutrutils.creategroup ('groupname', 'grouptype', 'appcode') 'group name': name of group 'group type': "ATTRIBUTE" or "ASSIGNEE" 'appcode': if the 'grouptype' is "ATTRIBUTE", this field is required; otherwise, it will be ignored This procedure will create a group of the specified type. It will exit with an error if the 'groupname' already exists as a group or an Oracle' user.
According to the procedure, the 'groupname' and 'group type' values are converted to upper case. Then, a record with the following column values is inserted in the ATTRIBUTES table: Set ASSIGNEE 'group_name' Set ATTRIBUTE NAME "ASSIGNEE TYPE" Set ATTRIBUTE VALUE "ATTRIBUTE_GROUP" or "ASSIGNEE_GROUP" based on the value of 'group_type.' In addition, if the 'group_type' is "ATTRIBUTE", then another record with the following column values will be inserted into the ATTRIBUTES table: Set ASSIGNEE 'groupname' Set ATTRIBUTE NAME "APP CODE" Set ATTRIBUTE_VALUE 'app_code'.
Command No. 2 attrutils.assign_group ('assignee', 'group_name') 'assignee': user or assignee group that will have the 'group_name' assigned.
'group_name': group to be assigned to the assignee This procedure will assign one group to another group or user. An error will be returned if the 'assignee' doesn't exist as an assignee group or a user. An error will also be returned if the 'groupname' doesn't exist.
This procedure will first convert the 'assignee' and 'group name' values to upper case. Second, a record with the following column values is inserted into the ATTRIBUTES table: Set ASSIGNEE 'assignee' Set ATTRIBUTENAME "ASSIGNED_GROUP" Set ATTRIBUTE_VALUE 'group_name'.
Command No. 3 attr_utils.assign_attribute ('assignee', 'attribute_name', 'attribute_value') 'assignee': attribute group name. This must be an attribute group.
'attribute_name': the name of the attribute 'attribute_value': the value of the specified attribute This procedure will assign an attribute with the identified value to the 'assignee'. Errors will be returned if the assignee doesn't exist as an attribute group or if the attribute name is reserved.
This procedure will first convert the 'assignee' and 'attribute name' values to upper case, and then insert a record with the following column values into the ATTRIBUTES table: Set ASSIGNEE 'assignee' Set ATTRIBUTE NAME 'attribute name' Set ATTRIBUTEVALUE= 'attribute_value'.
Command No. 4 attr utils.drop_group ('group_name') 'group_name': name of group or user that will be deleted along with all references to this group or user.
This procedure will drop a group or user along with all references to the group or user. An error will be returned if the 'groupname' does not exist.
This procedure will first convert the 'group name' value to upper case and then delete all records in the ATTRIBUTES table in which the value in the ASSIGNEE column matches 'groupname'. In addition, all records in the ATTRIBUTES table which match both of the following criteria will be deleted: a. The value in the ATTRIBUTE NAME column is
"ASSIGNEDGROUP".
b. The value in the ATTRIBUTE_VALUE column matches the 'groupname'.
Command No. attrutils.rescindgroup ('assignee', 'group name') 'assignee': user or assignee group that will have the groupname rescinded 'group_name': group to be rescinded from the assignee This procedure will rescind the specified 'group name' from the 'assignee'. Errors will be returned if the 'group_name' or 'assignee' do not exist.
This procedure will first convert 'assignee' and 'group_name' to upper case and then delete all records in the ATTRIBUTES table which match the following three criteria: a. the value in the ATTRIBUTE NAME column is
"ASSIGNED_GROUP".
b. the value in the ATTRIBUTE_VALUE column matches the 'group_name'.
c. the value in the ASSIGNEE column matches the 'assignee'.
Command No. 6 attrutils.rescind_attribute ('assignee', 'attribute_name') 'assignee': attribute group name. This must be an attribute group.
'attribute name': the name of the attribute.
This procedure will rescind the specified 'attribute_name' from the 'assignee'. Errors will be returned if the attribute_name or assignee do not exist or if the attributename is reserved.
This procedure will first convert 'assignee' and 'attributename' to upper case and then delete all records in the ATTRIBUTES table which match both of the following criteria: a. the value in the ASSIGNEE column matches 'assignee'.
b. the value in the ATTRIBUTE NAME column matches 'attribute name'.
Command No. 7 attrutils.updateattribute ('assignee', 'attribute_name', 'attribute_value') 'assignee': attribute group name. This must be an attribute group.
'attribute name': the name of the attribute.
'attributevalue': the new value of the specified attribute.
This procedure will update the specified 'attribute value' for the identified 'assignee' and 'attribute-name'. Errors will be returned if the attributename or assignee do not exist or if the attribute name is reserved.
This procedure will first convert 'assignee' and 'attribute-name' to upper case, and then update the ATTRIBUTES table by setting the ATTRIBUTE VALUE column to 'attributevalue' for all records which match both of the following criteria: a. the value in the ASSIGNEE column matches 'assignee'.
b. the value in the ATTRIBUTENAME column matches 'attribute-name'.
Using the foregoing commands, an ATTRIBUTES table is maintained.
As shown in command numbers I and 2, in the preferred embodiment, several reserved ATTRIBUTENAMEs are used in the ATTRIBUTES table to identify specific information to be used within the system. An ATTRIBUTE NAME of "APPCODE" is automatically assigned to an attribute group to identify the application associated with that group. An ATTRIBUTE NAME of "ASSIGNED-GROUP" is used to assign attributes to attribute groups, to assign attribute groups and assignee groups to assignee groups, and to assign attribute groups and assignee groups to users. An ATTRIBUTENAME of "ASSIGNEETYPE" is used to identify whether a group is an attribute group or an assignee group. The procedures will validate any ATTRIBUTE NAME parameters to verify that they are not reserved and will return an error if an attempt is made to use a reserved
ATTRIBUTENAME.
By way of example, the portion of the ATTRIBUTES table pertaining to assignee group 142 of FIGURE 2 will appear as in the following Table 4: Table 4 ASSIGNEE ATTRIBUTE NAME ATTRIBUTE VALUE ASSIGNEEGROUP_142 ASSIGNEETYPE ASSIGNEE-GROUP ATTRIBUTE_GROUP_145 ASSIGNEETYPE ATTRIBUTEGROUP ATTRIBUTEGROUP_145 APP_CODE ABC ATTRIBUTEGROUP_148 ASSIGNEE-TYPE ATTRIBUTE GROUP ATTRIBUTE GROUP 148 APPCODE ABC ATTRIBUTE_GROUP_145 DATA SCOPE A ATTRIBUTEGROUP_145 DATASCOPE B ATTRIBUTEGROUP_145 USER_LEVEL RESTRICTED ATTRIBUTE GROUP_148 DATA SCOPE B ATTRIBUTEGROUP_148 DATA SCOPE C ATTRIBUTE_GROUP 148 USER-LEVEL RESTRICTED ASSIGNEE GROUP_142 ASSIGNEDGROUP ATTRIBUTEGROUP 142 ASSIGNEEGROUP-142 ASSIGNED_GROUP ATTRIBUTE GROUP 145 In the alternative embodiment of the invention, discussed above, where attribute groups are not limited to particular applications, the create_group procedure would not require an 'appcode' input, and APPCODE attributes would not be maintained in the ATTRIBUTES table. Wholesale access to applications, however, could still be controlled using an additional table assigning APPCODEs directly to users. If a user were not assigned a particular APPCODE, the corresponding application would be completely unavailable to the user.
Parent-Child Hierarchy The ability to assign to a single assignee group multiple attribute groups and/or assignee groups often results in the assignment to a group or user of overlapping, repetitive and even conflicting values for the same attribute. For example, assignee group 100, shown at the top of FIGURE 2, includes every attribute in the figure, and therefore, as shown in Table 2 above, includes for the same application DEF different values B, C and ALL for the DATASCOPE attribute and different values REGULAR and RESTRICTED for the USERLEVEL attribute. For this reason, in a preferred embodiment, attribute hierarchy rules are established wherein for each attribute value, a "parent value" is assigned, so that, for example, value B for the DATA-SCOPE attribute is assigned the parent value ALL. In practice, where a user's assigned attributes are called, and both a parent value and child value for the same attribute and application are present, the parent will be maintained and the child discarded. In addition, repetitive values will be discarded.
The parent-child assignments are maintained in a table ATTRIBUTE -LEVELS which has three columns: ATTRIBUTE-NAME, CHILDVALUE and PARENTVALUE. ATTRIBUTENAME is the name of an attribute DATA-SCOPE). CHILDVALUE is an actual value of the attribute C).
PARENT-VALUE is the value of which the actual value is a subset ALL). For the case where the actual attribute value is the highest in the hierarchy, for example ALL, the assigned parent value is NULL, The ATTRIBUTELEVELS table is maintained using four basic commands. These exemplary commands are set forth below as Oracle I procedures for use in an Oracle database environment. Those skilled in the art will appreciate that analogous commands may derived for other database environments. Note that in the following descriptions, parameters are in single quotes and literal strings are in double quotes.
attruutils.add attrlevel ('attribute-name', 'child value', 'parentvalue') 'attribute-name': the name of the attribute 'child value': the child value for the specified 'attributename' 'parent value': the parent value of the specified 'child value' for the specified 'attribute name' This procedure will add a new attribute level for the specified parameters. The 'parent value' can be '"NULL" if the 'child value' has the highest level of authority of the specified 'attribute-name'. Errors will be returned if the parent value is not null and does not exist.
This procedure first converts the 'attribute_name' to upper case. and then inserts a record with the following column values into the ATTRIBUTELEVELS table: Set ATTRIBUTE NAME 'attribute name' Set CHILDVALUE 'childvalue' Set PARENTVALUE 'parent_value'.
Command No. 2 attrutils.update attrlevel ('attribute name', 'child value', 'parent_value') 'attributename': the name of the attribute 'child_value': the child value for the specified attributename 'parentvalue': the parent value of the specified child value for the specified attribute name This procedure will update the parent value for the specified parameters. The 'parentvalue' can be "NULL" if the 'childvalue' has the highest level of authority of the specified 'attributename'. Errors will be returned if the parent value is not null and does not exist and if the attribute_name and child value combination does not exist.
This procedure first converts the 'attribute name' to upper case and then updates the ATTRIBUTE_LEVELS table by setting the PARENT_VALUE column value to 'parent value' for all records which match both of the following criteria: a. the value in the ATTRIBUTE NAME column matches 'attribute name', b. the value in the CHILD VALUE column matches 'child value'.
Command No. 3 attr_utils.delete_attr_levels ('attributename', 'child_value') 'attributename': the name of the attribute 'child value': the child value for the specified attribute_name This procedure will delete the attribute level and all children attribute levels for the specified parameters. Errors will be returned if the combination does not exist.
This procedure will first convert the 'attribute_name' to upper case and then delete all records in the ATTRIBUTE_LEVELS table which are "children" of the named pair of 'attribute name' and 'childvalue'. By way of example, the following SQL statement could be used to accomplish these first two steps: DELETE ATTRIBUTE LEVELS WHERE (ATTRIBUTENAME, CHILDVALUE) IN (SELECT ATTRIBUTE_NAME, CHILDVALUE FROM ATTRIBUTELEVELS START WITH PARENT_VALUE=P_CHILD_VALUE AND ATTRIBUTE_NAME=UPPER(PATTRIBUTE_NAME) CONNECT BY PARENT VALUE=PRIOR CHILD_VALUE AND ATTRIBUTE_NAME=PRIOR ATTRIBUTE_NAME).
This procedure will delete all records in the ATTRIBUTE_LEVELS table which match both of the following criteria: a. the value in the ATTRIBUTE NAME column matches 'attribute name'.
b. the value in the CHILD_VALUE column matches 'childvalue'.
Command No. 4 attrutils.delete all levels ('attributename') 'attribute name': the name of the attribute This procedure will delete all the attribute levels for the specified attribute name. Errors will be returned if the attribute name does not exist.
This procedure will first convert the 'attribute_name' to upper case and then delete all records in the ATTRIBUTELEVELS table in which the value in the ATTRIBUTE NAME column matches 'attribute_name'.
Using the foregoing commands, an ATTRIBUTE_LEVELS table is maintained. By way of example, an ATTRIBUTE_LEVELS table for the sample attributes discussed above will appear as in the following Table Table ATTRIBUTE NAME CHILD-VALUE PARENTVALUE DATA-SCOPE A ALL DATASCOPE B ALL DATA SCOPE C ALL DATA_SCOPE ALL NULL USER-LEVEL RESTRICTED REGULAR USERLEVEL REGULAR ADMIN t0 USER LEVEL, ADMIN NULL According to Table 5, any assignments of the DATA-SCOPE attribute having values A, B or C will be discarded if a DATA SCOPE of ALL is assigned to the same user for the same application. Similarly, assignments of lower USERLEVEL values will be discarded in favor of the highest value assigned.
Preferably, if an attribute value is assigned in the ATTRIBUTES table, but is not defined in the ATTRIBUTE LEVELS table, then it will be treated as though it were defined in the ATTRIBUTE LEVELS table with a parent value of NULL, and with no other value having the assigned value as its parent value.
Further minimization may be obtained by recognizing that a complete set of assigned values at a lower level can be replaced by the higher level value. For example, if DATA-SCOPE values of A, B and C are assigned, the system could return the value ALL. This minimization should be performed only if the complete set of lower level values actually represents the same thing as the higher level value, since it is possible that the higher level value might represent more than the sum of the lower level values.
Operation of the User Attributes System Reference to FIGURE 3 will be made in connection with the following discussion of an exemplary use of the user attributes system of the present invention.
According to a preferred embodiment of the invention, access to the applications being run in a database environment is controlled by an initial graphical user interface (TGUI). Examples of IGUIs include website home pages and local area network startup pages, Prior to gaining access to the applications, however, a user typically logs in to a computer system, shown at box 201, at which time the computer system will recognize the user if the login is completed correctly. In box 204, the TOUT retrieves the applications available to the user. In the preferred embodiment, the TOUTI does this by accessing the ATTRIBUTES table, at arrow 205, which contains the group assignments for the user. As discussed above, in the preferred embodiment, the group assignments include attribute group assignments which, in turn, include the specification of available applications. In an Oracle' database system, rather than search the entire ATTRIBUTES table which can be quite sizable, "views" containing the results of frequently-used searches the attributes for a particular user) which is likely to be used over and over again may be prepared. In the alternative embodiment where attributes are not limited to specific applications, applications available to a particular user may be stored in and retrieved from a separate table.
At arrow 205, the TOUT will also access. the APPS table of valid applicatio ns which contains an APP_-CODE column to tell the lOUT what character string to display to the user in box 207, where the IGUI displays to the user the available applications. In box 210, the user chooses one of the available applications.
In box 213,,the IGTJI accesses the ATTRIBUTES table, at arrow 214, and retrieves the user's attributes for the application chosen. Again, in an Oracle database system, an Oracle *view may be used to retrieve the attributes. In addition, the TOUT may access the ATTRIBUTELEVELS table to reduce the number of attributes.
At arrow 2 15, the IGUI passes the relevant attributes to the application, and, in box 216, the application is run with the application enforcing the attributes. If the user attempts to exceed the limits of access as defined by the attributes, an error or warning may be posted.
It will be appreciated by those skilled in the art that in an alternative embodiment, an application may retrieve the attributes directly, without the assistance of an IGUI, and enforce the attributes.
As discussed above, Oracle" views may be used in the present invention to retrieve and organize records from tables. The following is a listing of twelve views found to be useful in the implementation of the invention. An explanation of each view and an SQL example is provided.
Yiew No. I V ATTRIBUTEAPPCODES This view will return a list of all distinct application codes setup in the user attributes system. This view performs a SELECT with the DISTINCT clause for records where the ATTRIBUTENAME is the reserved ATTRIBUTE_NAME of
'APP_CODE'.
SQL Example: CREATE OR REPLACE VIEW V ATTRIBUTE_APP CODES AS SELECT DISTINCT ASSIGNEE, ATTRIBUTE_VALUE APP_CODE FROM ATTRIBUTES WHERE ATTRIBUTENAME 'APP CODE'; View No. 2 V_ATTRIBUTEGROUPS ATTR This view will return a list of all distinct attribute groups. This view performs a SELECT with the DISTINCT clause for records where the ATTRIBUTENAME is the reserved ATTRIBUTENAME of'ASSIGNEETYPE' and the ATTRIBUTEVALUE is 'ATTRIBUTE GROUP'.
SQL Example: CREATE OR REPLACE VIEW V ATTRIBUTE GROUPS ATTR AS SELECT DISTINCT ASSIGNEE GROUP NAME FROM ATTRIBUTES WHERE ATTRIBUTE_NAME 'ASSIGNEE TYPE' AND ATTRIBUTE_VALUE
'ATTRIBUTE_GROUP';
View No. 3 V ATTRIBUTEGROUPS ASSIGN This view will return a list of all distinct assignee groups. This view performs a SELECT with the DISTINCT clause for records where the ATTRIBUTE NAME is the reserved ATTRIBUTE_NAME of 'ASSIGNEE TYPE' and the ATTRIBUTEVALUE is 'ASSIGNEE GROUP'.
SQL Example: CREATE OR REPLACE VIEW VATTRIBUTE GROUPSASSIGN AS SELECT DISTINCT ASSIGNEE GROUP_NAME FROM ATTRIBUTES WHERE ATTRIBUTE NAME 'ASSIGNEE TYPE' AND ATTRIBUTEVALUE
'ASSIGNEEGROUP';
View No. 4 V_ATTRIBUTE USERS This view will return a list of all distinct attribute users. This view performs a SELECT with the DISTINCT clause for records where the ASSIGNEE is equal to the USERNAME found in the Oracle Data Dictionary table ALL USERS.
SQL Example: CREATE OR REPLACE VIEW VATTRIBUTEUSERS
AS
SELECT DISTINCT ASSIGNEE USERID FROM ATTRIBUTES, ALL USERS WHERE ASSIGNEE USERNAME; View No. V ATTRIBUTEGROUPSALL This view will return a list of all distinct groups in the system. This includes both attribute and Assignee groups. This view performs a SELECT with the DISTINCT clause for records where the ASSIGNEE is not an attribute user.
SQL Example: CREATE OR REPLACE VIEW VATTRIBUTE GROUPS_ALL AS SELECT DISTINCT ASSIGNEE GROUP_NAME FROM ATTRIBUTES, VATTRIBUTE USERS WHERE ASSIGNEE USERID(+) AND USERID IS NULL; View No. 6
V_USERGROUPS
This view will return a list of all groups assigned to the user currently connected to Oracle. The results include groups assigned directly to the user as well as groups indirectly assigned to the user. That is, groups that are assigned to ASSIGNEE GROUPS which are assigned to the user. This view performs a family tree type of query utilizing the CONNECT BY clause.
SQL Example: CREATE OR REPLACE VIEW VUSER_GROUPS
AS
SELECT ATTRIBUTE
NAME,
ATTRIBUTE VALUE FROM ATTRIBUTES WHERE ATTRIBUTE NAME 'ASSIGNEETYPE' START WITH ASSIGNEE USER CONNECT BY ASSIGNEE PRIOR ATTRIBUTE_VALUE AND ATTRIBUTENAME 'ASSIGNED GROUP'; View No. 7 V_USER ATTRAPPS This view will return a list of all attributes assigned to the user currently connected to Oracle along with the corresponding APP_CODE. This view will combine the list of groups assigned to the user (V_USER_GROUPS), the ATTRIBUTES table, and the list of ATTRIBUTE GROUPS with the corresponding APPCODE values (V_ATTRIBUTE_APP_CODES).
SQL Example: CREATE OR REPLACE VIEW VUSER ATTR_APPS AS SELECT ATTR.ATTRIBUTE NAME,
ATTR.ATTRIBUTE_VALUE,
APPS.APPCODE
FROM V_USER_GROUPS GROUPS, ATTRIBUTES ATTR, VATTRIBUTE APP_CODES APPS WHERE GROUPS.ATTRIBUTE_VALUE ATTR.ASSIGNEE AND ATTR.ASSIGNEE APPS.ASSIGNEE AND ATTR.ATTRIBUTE NAME NOT IN ('ASSIGNEDGROUP','APP CODE','ASSIGNEE TYPE'); View No. 8 V_USERATTR_HIGHEST VALUES This view will return a list of the highest level ATTRIBUTE VALUEs for the corresponding ATTRIBUTE_NAMEs. This view may contain duplicate entries, so the VUSER_ATTRIBUTES view, discussed below, will retrieve a list of these distinct values. This view will pass the APP CODE, ATTRIBUTE_NAME and ATTRIBUTE_VALUE for each attribute assigned to the current user to the function ATTRUTILS.HIGHEST_VALUE. A function is the same as a procedure except that it can be executed as part of a query and will return a value.
Here, the function will return the highest parent value currently assigned to the user. A description of this function follows the SQL example for this view.
SQL Example: CREATE OR REPLACE VIEW V USER_ATTR_HIGHEST_VALUES AS SELECT APP_CODE,
ATTRIBUTE_NAME,
SUBSTR( ATTR_UTILS.HIGHEST VALUE( APP CODE, ATTRIBUTE_NAME, ATTRIBUTE VALUE 1, ATTRIBUTE VALUE FROM V USER_ATTR APPS; The ATTR UTILS.HIGHEST_VALUE function requires three inputs: the APP_CODE, ATTRIBUTE NAME, and ATTRIBUTE VALUE. The function will first load an internal attribute value table consisting of all attribute values assigned for the given user, APP_CODE and ATTRIBUTE NAME. The function can use one of the existing views to do this V USER ATTR VALUE LEVELS).
The function will then use the current attribute value and find all of the parent records for this value. The function will use an SQL query that resembles the following: SELECT PARENT_VALUE FROM ATTRIBUTE LEVELS WHERE ATTRIBUTE NAME P ATTRIBUTE NAME START WITH CHILD VALUE P_ATTRIBUTE VALUE CONNECT BY CHILD VALUE= PRIOR PARENT_VALUE ORDER BY LEVEL; The function will then compare each parent value to the records in the attribute value table to determine whether one of the other assigned attribute values is a parent record, a parent, grandparent, etc., of the current attribute value. If so, the higher level attribute value is returned. Otherwise, the current attribute value is returned.
View No, 9
V_ATTR_VALUE_LEVELS
This view will return a list of ATTRIBUTE_NAMEs, the associated ATTRIBUTE VALUEs, and the corresponding level of the value. For example, the highest level of an ATTRIBUTE_VALUE will have an ATTRIBUTE LEVEL of 1, while that value's children will have values of 2. This view performs a family tree type of query utilizing the CONNECT BY clause.
SQL Example: CREATE OR REPLACE VIEW V ATTR_VALUE_LEVELS
AS
SELECT ATTRIBUTE NAME, CHILDVALUE ATTRIBUTE VALUE, LEVEL VALUE LEVEL FROM ATTRIBUTE LEVELS START WITH PARENT VALUE IS NULL CONNECT BY PARENT VALUE PRIOR CHILD VALUE AND ATTRIBUTE_NAME PRIOR ATTRIBUTE_NAME; View No. V USER ATTRVALUE LEVELS This view will return a list of all attributes assigned to the user and their corresponding level. This view will combine the list of attributes assigned to the user currently connect to Oracle (V_USER_ATTRAPPS) and the list of attributes and their corresponding levels (VATTR VALUE LEVELS).
SSQL Example: CREATE OR REPLACE VIEW V USER_ATTR_VALUE_LEVELS AS SELECT APP_CODE,
ATTR.ATTRIBUTE_NAME,
ATTR.ATTRIBUTE_VALUE,
NVL(VALUELEVEL,1) VALUE LEVEL FROM V_USER_ATTR_APPS ATTR, V_ATTR_VALUE LEVELS LVL
WHERE
ATTR.ATTRIBUTE_NAME LVL.ATTRIBUTE_NAME(+)
AND
ATTR.ATTRIBUTE VALUE LVL.ATTRIBUTE_VALUE(+); View NJo. 11 V USER APP CODES This view will return a list of all distinct APPCODEs the current user has been assigned. This view performs a family tree type of query utilizing the CONNECT BY clause.
SQL Example: CREATE OR REPLACE VIEW V USER_APP_CODES AS SELECT DISTINCT ATTR.ATTRIBUTEVALUE APP CODE FROM (SELECT ATTRIBUTE_NAME, ATTRIBUTE VALUE FROM ATTRIBUTES START WITH ASSIGNEE USER CONNECT BY ASSIGNEE PRIOR ATTRIBUTEVALUE AND ATTRIBUTE_NAME 'ASSIGNED GROUP') GROUPS, ATTRIBUTES ATTR WHERE GROUPS.ATTRIBUTE VALUE ATTR.ASSIGNEE AND ATTRATTRIBUTENAME 'APP_CODE'; View No. 12
V_USERATTRIBUTES
This view will return a list of all of the attributes assigned to the user along with only the highest level ATTRIBUTEVALUEs for the corresponding ATTRIBUTE NAMEs. This view performs a SELECT DISTINCT an the V_USER_ATTRHIGHEST VALUES. (V_USER_ATTR_VALUELEVELS).
SQL Example: CREATE OR REPLACE VIEW V_USER ATTRIBUTES AS SELECT DISTINCT APP CODE,
ATTRIBUTENAME,
ATTRIBUTEVALUE
FROM V_USER_ATTR_HIGHEST VALUES; In an Oracle* environment, in order to ensure that the data in the ATTRIBUTES and ATTRIBUTE_LEVELS tables are maintained correctly, it is preferable that only the Oracle® procedures are used to perform any maintenance on user attributes. This can be guaranteed by limiting access to the different objects, e.g., tables, views, procedures and functions, in the user attributes system. Read-only -26authority should be given to the ATTRIBUTES and ATTRIBUTELEVELS tables, and to all of the views. Execute authority on the Oracle' procedures used to maintain these tables should be given only to the user attributes administrator(s). This will ensure that unauthorized users will not be able to manipulate attributes or attribute levels.
While this invention has been described with reference to several illustrative examples and embodiments, they should not be interpreted as limiting the scope or spirit of the attributes invention. In actual practice many modifications may be made by those of ordinary skill in the art without deviating from the scope of the invention as expressed in the appended claims.
Claims (12)
1. In a computer system capable of running at least one application and maintaining a database, each application having at least one feature, a method for defining a user's access to said at least one feature comprising the steps of: assigning at least one attribute to said user; storing said at least one attribute in a first table in said database; assigning a parent value for each actual value of said at least one attribute, whereby one or more parent-child relationships are created; storing said one or more parent-child value relationships in a second table in said database; running an application in said computer system; receiving from said first table one or more of said at least one attribute assigned to the user; retrieving said one or more parent-child value relationships from said second table; determining whether any of the retrieved attributes may be discarded in accordance with the retrieved parent-child value relationships; and enforcing the retrieved attributes, whereby the user's access to said at least one feature of said application is defined in accordance with the retrieved attributes.
2. The method of claim 1, wherein one or more of the at least one feature relates to the ability to access data.
3. In a computer system capable of running at least one application and maintaining a database, each application having at least one feature, a method for defining a user's access to said at least one feature comprising the steps of assigning at least one attribute to said user; storing said at least one attribute in a first table in said database; assigning a parent value for each actual value of said at least one attribute; and storing parent-child value relationships in a second table in said database; running an application in said computer system; retrieving from said first table in the database one or more of said at least one attribute assigned to the user; providing the retrieved attributes to said running application; retrieving said parent-child value relationships from said second table; determining whether any of the retrieved attributes may be discarded in accordance with the retrieved parent-child value relationships; and enforcing the attributes, whereby the user's access to said at least one feature of said application is defined in accordance with the retrieved attributes.
4. The method of claim 3, further comprising, prior to the running step, the additional step of providing to said user a choice of one or more applications to run in accordance with the at least one attribute assigned to said user.
The method of claim 3, wherein one or more of at least one feature relates to the ability to access data.
6. A computer system comprising: means for running an application, said application having at least one feature; means for maintaining a database; means for assigning at least one attribute to a user; means for storing said at least one attribute in a first table in said database; means for assigning a parent value for each actual value of said at least one attribute, whereby one or more parent-child relationships are created; means for storing said one or more parent-child value relationships in a second table in said database; means for retrieving from said first table said at least one attribute assigned to the user; means for retrieving said one or more parent-child value relationships from said second table; means for determining whether any of the retrieved attributes may be discarded in accordance with said parent-child value relationships; and means for enforcing the retrieved attributes, whereby the user's access to said at least one feature of said application is defined in accordance with said at least one attribute assigned to the user.
7. The system of claim 6, wherein one or more of the at least one feature relates to the ability to access data.
8. A computer system comprising: means for running an application, said application having at least one feature; means for maintaining a database; means for assigning at least one attribute to a user; means for storing said at least one attribute in a first table in said database; means for assigning a parent value for each actual value of said at least one attribute; means for storing parent-child value relationships in a second table in said database; means for retrieving from said first table said at least one attribute assigned to the user; means for retrieving said parent-child value relationships from said second table; Smeans for determining whether any of the retrieved attributes may be discarded Sin accordance with the retrieved parent-child value relationships; means for providing the retrieved attributes to said application; and means for enforcing the attributes, whereby the user's access to at least one 5 feature of said application is defined in accordance with at least one attribute assigned to the user. c
9. The system of claim 8, further comprising means for providing to said user a choice of one or more applications to run in accordance with said at least one attribute Sassigned to said user. C' 10
10. The system of claim 8, wherein one or more of the least one feature relates to the ability to access data.
11. A method for defining a user's access to at least one feature according to claims 1 or 3, substantially as hereinbefore described with reference to the accompanying tables 2 to 5 and accompanying figures.
12. A computer system, substantially as hereinbefore described with reference to the accompanying tables 2 to 5 and accompanying figures. DATED this fifth day of March 2003 Electronic Data Systems Corporation Patent Attorneys for the Applicant: F.B. RICE CO.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2003200813A AU2003200813B2 (en) | 1998-07-17 | 2003-03-05 | System and method for selectively defining access to application features |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/118621 | 1998-07-17 | ||
| AU49978/99A AU757061B2 (en) | 1998-07-17 | 1999-07-15 | System and method for selectively defining access to application features |
| AU2003200813A AU2003200813B2 (en) | 1998-07-17 | 2003-03-05 | System and method for selectively defining access to application features |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU49978/99A Division AU757061B2 (en) | 1998-07-17 | 1999-07-15 | System and method for selectively defining access to application features |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| AU2003200813A1 AU2003200813A1 (en) | 2003-05-01 |
| AU2003200813B2 true AU2003200813B2 (en) | 2005-08-25 |
Family
ID=39277074
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU2003200813A Ceased AU2003200813B2 (en) | 1998-07-17 | 2003-03-05 | System and method for selectively defining access to application features |
Country Status (1)
| Country | Link |
|---|---|
| AU (1) | AU2003200813B2 (en) |
-
2003
- 2003-03-05 AU AU2003200813A patent/AU2003200813B2/en not_active Ceased
Non-Patent Citations (2)
| Title |
|---|
| US-5787428-A * |
| WO-1995022792-A1 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU757061B2 (en) | System and method for selectively defining access to application features | |
| US10002203B2 (en) | Service desk data transfer interface | |
| CA2182592C (en) | A method and apparatus for controlling access to a database | |
| US7233940B2 (en) | System for processing at least partially structured data | |
| US9721016B2 (en) | System and method to search and generate reports from semi-structured data including dynamic metadata | |
| US7979433B2 (en) | Method and apparatus for implementing a corporate directory and service center | |
| US6606627B1 (en) | Techniques for managing resources for multiple exclusive groups | |
| HK1010802B (en) | A method and appparatus for controlling access to a database | |
| JPH08510341A (en) | Method and apparatus for corporate desktop management | |
| WO2003040923A1 (en) | Internal security system for a relational database system | |
| GB2334601A (en) | Database data model extension | |
| US7216117B2 (en) | System and method for address book customization for shared emessaging | |
| AU2003200813B2 (en) | System and method for selectively defining access to application features | |
| MXPA01000614A (en) | System and method for selectively defining access to application features |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGA | Letters patent sealed or granted (standard patent) | ||
| MK14 | Patent ceased section 143(a) (annual fees not paid) or expired |