Role-based navigation of information resources

Assignee

• Entrust Corporation · US

Inventors

• Teresa Win · Sunnyvale, US
• Emilio Belmonte · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/105
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A single secure sign-on gives a user access to authorized Web resources, based on the user's role in the organization that controls the Web resources. The information resources are stored on a protected Web server. A user of a client or browser logs in to the system. A runtime module on the protected server receives the login request and intercepts all other request by the client to use a resource. The runtime module connects to an access server that can determine whether a particular user is authentic and which resources the user is authorized to access. User information is associated with roles and functional groups of an organization to which the user belongs; the roles are associated with access privileges. The access server connects to a registry server that stores information about users, roles, functional groups, resources, and associations among them. The access server and registry server exchange encrypted information that authorized the user to use the resource. The user is presented with a customized Web page showing only those resources that the user may access. Thereafter, the access server can resolve requests to use other resources without contacting the registry ser…