Supporting role-based access control in component-based software systems

Assignee

• International Business Machines Corporation · US

Inventors

• Yi-Min Chee · Briarcliff Manor, US
• Ru Fang · Beijing, CN
• Feng Liu · Shanghai, CN
• Qian Ma · San Diego, US
• Daniel V. Oppenheim · Croton-on-Hudson, US
• Krishna C. Ratakonda · Yorktown Heights, US
• Zhi Le Zou · Beijing, CN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06Q10/10
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A method, system and computer program product is disclosed for supporting role-based access control in a collaborative environment, wherein pluralities of users work together in a collaborative process using a software system. The method comprises componentizing the software system into a multitude of software components, and limiting access to specific software components to certain users based on roles assigned to the users as defined by a run-time state of the collaborative process. The set of components that a user can access is dynamic, that set can change based on the “context” or the step where the user is in a collaborative workflow/process. Thus, in comparison with traditional access control mechanisms, an embodiment of the invention combines three different elements: a) the set of components that comprise the application is partitioned in such a way as to make componentized role-based access control feasible, b) a method for specifying inter-component dependencies to enable role-based groups, and c) enabling the modification of the access privileges based on contextual information from a collaborative process.