Method for managing usage authorizations in a data processing network and a data processing network

Assignee

• Siemens Aktiengesellschaft · DE

Inventors

• Thomas Dasch · Amberg, DE
• Lutz Dominick · Eggolsheim, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/805
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

To facilitate the work of a user with a data processing network with a number of security levels of the applications and functions to be executed, a method is proposed for managing usage authorizations in this data processing network. In at least one embodiment of the method, when a user logs in at a work station, at least one role stored in a central authorization register is allocated to the user; when an application is called up a local security module of the application determines which authorizations are granted for the role of the user; and if there is no authorization for an application-related action, a central security module accesses a central collection of security rules, the security rules indicating the circumstances, in which, when a user's authorizations are not sufficient to carry out the application-related action, the user can still carry it out and determines whether according to at least one of the security rules a usage authority is possible for the application-related action and offers this to the user.