公开(公告)号：US20090222882A1

公开(公告)日：2009-09-03

申请号：US12163791

申请日：2008-06-27

申请人： Jack Kabat ,  Vadim Meleshuk ,  Jasjeet Gill ,  Alexander T. Weinert

发明人： Jack Kabat ,  Vadim Meleshuk ,  Jasjeet Gill ,  Alexander T. Weinert

IPC分类号： H04L9/00

CPC分类号： G06F21/604 ,  G06F21/6218

摘要： Defining a unified access management policy expression that unifies access control policy with events or workflows. Unified management policy information is stored. The unified management policy information defines permissions for access to resources together with events or workflows. A request is received to execute the one or more operations on one or more objects. The requested operation is verified against the unified management rules. Verifying includes performing a single retrieval, retrieving both the access control information and the events or workflows and calculating the applicability of the rule to the conditions represented by the request. Matching rules are applied, access control decisions performed and associated workflows are executed.

摘要翻译： 定义将访问控制策略与事件或工作流统一的统一访问管理策略表达式。 存储统一的管理策略信息。 统一的管理策略信息定义了访问资源以及事件或工作流的权限。 接收到请求以对一个或多个对象执行一个或多个操作。 所要求的操作根据统一管理规则进行验证。 验证包括执行单个检索，检索访问控制信息和事件或工作流程，并计算规则对请求所表示的条件的适用性。 应用匹配规则，执行访问控制决策和相关工作流程。

公开(公告)号：US08353005B2

公开(公告)日：2013-01-08

申请号：US12163791

申请日：2008-06-27

申请人： Jack Kabat ,  Vadim Meleshuk ,  Jasjeet Gill ,  Alexander T. Weinert

发明人： Jack Kabat ,  Vadim Meleshuk ,  Jasjeet Gill ,  Alexander T. Weinert

IPC分类号： G06F17/00 ,  G06F7/04 ,  G06F17/30 ,  G06F7/00 ,  H04L29/06

CPC分类号： G06F21/604 ,  G06F21/6218

摘要： Defining a unified access management policy expression that unifies access control policy with events or workflows. Unified management policy information is stored. The unified management policy information defines permissions for access to resources together with events or workflows. A request is received to execute the one or more operations on one or more objects. The requested operation is verified against the unified management rules. Verifying includes performing a single retrieval, retrieving both the access control information and the events or workflows and calculating the applicability of the rule to the conditions represented by the request. Matching rules are applied, access control decisions performed and associated workflows are executed.

摘要翻译： 定义将访问控制策略与事件或工作流统一的统一访问管理策略表达式。 存储统一的管理策略信息。 统一的管理策略信息定义了访问资源以及事件或工作流的权限。 接收到请求以对一个或多个对象执行一个或多个操作。 所要求的操作根据统一管理规则进行验证。 验证包括执行单个检索，检索访问控制信息和事件或工作流程，并计算规则对请求所表示的条件的适用性。 应用匹配规则，执行访问控制决策和相关工作流程。

公开(公告)号：US08326911B2

公开(公告)日：2012-12-04

申请号：US11771640

申请日：2007-06-29

申请人： Alexander T. Weinert ,  Kan Zhang ,  Darren Wang ,  Craig McMurtry ,  Jasjeet Gill ,  Asaf Kashi ,  Bruce P. Bequette

发明人： Alexander T. Weinert ,  Kan Zhang ,  Darren Wang ,  Craig McMurtry ,  Jasjeet Gill ,  Asaf Kashi ,  Bruce P. Bequette

IPC分类号： G06F15/16 ,  G06F9/44 ,  G06F9/46

CPC分类号： G06F9/5038

摘要： The embodiments described herein generally relate to a method and system of injecting repeatable processes, or workflows, into the processing of data-oriented or procedural requests in an entity management system. A request in such a system is subject to authentication, authorization, and action phases of processing, and workflows may be associated with each phase for automatic processing upon the triggering of a certain request under particular circumstances. A declarative mapping associates workflows with the request type, phase, requester, and target. The mapping may be created at the system administrator level, or by any person with the necessary capabilities, through the application of the processing concept in API or UI and may be consulted and invoked upon receipt of a request matching the mapping's criteria. Mappings may also be created and retrieved to manage state changes resulting from processing in other phases of the request processing model.

摘要翻译： 本文描述的实施例通常涉及将可重复进程或工作流注入到实体管理系统中面向数据或程序请求的处理中的方法和系统。 在这样的系统中的请求需要经过处理的认证，授权和操作阶段，并且工作流可以与每个阶段相关联，以便在特定情况下触发特定请求时进行自动处理。 声明性映射将工作流与请求类型，阶段，请求者和目标相关联。 映射可以通过在API或UI中应用处理概念在系统管理员级别或任何具有必要功能的人员创建，并且可以在接收到符合映射标准的请求时被查询和调用。 还可以创建和检索映射以管理由请求处理模型的其他阶段中的处理导致的状态改变。

公开(公告)号：US20080189705A1

公开(公告)日：2008-08-07

申请号：US11771640

申请日：2007-06-29

申请人： Alexander T. Weinert ,  Kan Zhang ,  Darren Wang ,  Craig McMurtry ,  Jasjeet Gill ,  Asaf Kashi ,  Bruce P. Bequette

发明人： Alexander T. Weinert ,  Kan Zhang ,  Darren Wang ,  Craig McMurtry ,  Jasjeet Gill ,  Asaf Kashi ,  Bruce P. Bequette

IPC分类号： G06F9/46

CPC分类号： G06F9/5038

摘要： The embodiments described herein generally relate to a method and system of injecting repeatable processes, or workflows, into the processing of data-oriented or procedural requests in an entity management system. A request in such a system is subject to authentication, authorization, and action phases of processing, and workflows may be associated with each phase for automatic processing upon the triggering of a certain request under particular circumstances. A declarative mapping associates workflows with the request type, phase, requester, and target. The mapping may be created at the system administrator level, or by any person with the necessary capabilities, through the application of the processing concept in API or UI and may be consulted and invoked upon receipt of a request matching the mapping's criteria. Mappings may also be created and retrieved to manage state changes resulting from processing in other phases of the request processing model.

摘要翻译： 本文描述的实施例通常涉及将可重复进程或工作流注入到实体管理系统中面向数据或程序请求的处理中的方法和系统。 在这样的系统中的请求需要经过处理的认证，授权和操作阶段，并且工作流可以与每个阶段相关联，以便在特定情况下触发特定请求时进行自动处理。 声明性映射将工作流与请求类型，阶段，请求者和目标相关联。 映射可以通过在API或UI中应用处理概念在系统管理员级别或任何具有必要功能的人员创建，并且可以在接收到符合映射标准的请求时被查询和调用。 还可以创建和检索映射以管理由请求处理模型的其他阶段中的处理导致的状态改变。

公开(公告)号：US20090222833A1

公开(公告)日：2009-09-03

申请号：US12120136

申请日：2008-05-13

申请人： Jasjeet Gill ,  Nima Ganjeh ,  Bjorn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

发明人： Jasjeet Gill ,  Nima Ganjeh ,  Bjorn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

IPC分类号： G06F9/46

CPC分类号： G06F9/468

摘要： Managing resources. A computing environment may include a resource manager. The resource manager includes programmatic code for managing resources. Expected rule entries are added to an expected rules list. Each of the expected rule entries includes: an indicator used to identify a synchronization rule, a definition of flow type, a specification of an object type in the resource manager to which the synchronization rule applies, a specification of a downstream resource system, a specification of an object type in the downstream resource system to which the synchronization rule applies, a specification of relationship criteria including one or more conditions for linking objects in the resource manager and the downstream resource system, and a specification of attribute flow information. Objects in downstream resource systems can be synchronized with objects in the resource manager based on the expected rule entries in the expected rules list.

摘要翻译： 管理资源 计算环境可以包括资源管理器。 资源管理器包括用于管理资源的程序代码。 预期的规则条目将添加到预期的规则列表中。 每个期望的规则条目包括：用于标识同步规则的指示符，流类型的定义，同步规则应用到的资源管理器中的对象类型的规范，下游资源系统的规范，规范 在同步规则所适用的下游资源系统中的对象类型的规定，包括用于链接资源管理器和下游资源系统中的对象的一个​​或多个条件的关系准则的规范以及属性流信息的规范。 下游资源系统中的对象可以基于预期规则列表中的预期规则条目与资源管理器中的对象进行同步。

公开(公告)号：US08407331B2

公开(公告)日：2013-03-26

申请号：US12120138

申请日：2008-05-13

申请人： Jasjeet Gill ,  Nima Ganjeh ,  Björn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

发明人： Jasjeet Gill ,  Nima Ganjeh ,  Björn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

IPC分类号： G06F15/173

CPC分类号： G06F9/468

摘要： Managing resources. A resource manager includes programmatic code for managing resources in the computing environment. Resources available from resource systems within the computing environment are managed. Methods may include receiving user input indicating one or more of that a new entity should be added to the resource manager, that an entity represented by an entity object of the resource manager should have permissions removed at the resource manager, or that an entity represented by an entity object of the resource manager should have permissions added at the resource manager. In response to receiving user input, events may be generated and objects created or removed from the resource manager for from downstream resource systems. The events may specify workflows that should be executed to perform synchronization between objects at the resource manager and objects at a downstream resource system by adding or changing rules in an expected rules list.

摘要翻译： 管理资源 资源管理器包括用于管理计算环境中的资源的编程代码。 可以从计算环境中的资源系统获得资源。 方法可以包括接收指示新实体应该被添加到资源管理器中的一个或多个的用户输入，由资源管理器的实体对象表示的实体应该具有在资源管理器处移除的权限，或者由 资源管理器的实体对象应具有在资源管理器中添加的权限。 响应于接收到的用户输入，可以从下游资源系统生成事件和从资源管理器创建或移除的对象。 事件可以指定应该执行的工作流，以通过在预期规则列表中添加或更改规则来执行资源管理器上的对象与下游资源系统中的对象之间的同步。

公开(公告)号：US20090222834A1

公开(公告)日：2009-09-03

申请号：US12120138

申请日：2008-05-13

申请人： Jasjeet Gill ,  Nima Ganjeh ,  Bjorn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

发明人： Jasjeet Gill ,  Nima Ganjeh ,  Bjorn Gustaf Andreas Kjellman ,  Hiu Yu Lo ,  Bruce P. Bequette ,  Robert D. Ward

IPC分类号： G06F9/46

CPC分类号： G06F9/468

摘要： Managing resources. A resource manager includes programmatic code for managing resources in the computing environment. Resources available from resource systems within the computing environment are managed. Methods may include receiving user input indicating one or more of that a new entity should be added to the resource manager, that an entity represented by an entity object of the resource manager should have permissions removed at the resource manager, or that an entity represented by an entity object of the resource manager should have permissions added at the resource manager. In response to receiving user input, events may be generated and objects created or removed from the resource manager for from downstream resource systems. The events may specify workflows that should be executed to perform synchronization between objects at the resource manager and objects at a downstream resource system by adding or changing rules in an expected rules list.

摘要翻译： 管理资源 资源管理器包括用于管理计算环境中的资源的编程代码。 可以从计算环境中的资源系统获得资源。 方法可以包括接收指示新实体应该被添加到资源管理器中的一个或多个的用户输入，由资源管理器的实体对象表示的实体应该具有在资源管理器处移除的权限，或者由 资源管理器的实体对象应具有在资源管理器中添加的权限。 响应于接收到的用户输入，可以从下游资源系统生成事件和从资源管理器创建或移除的对象。 事件可以指定应该执行的工作流，以通过在预期规则列表中添加或更改规则来执行资源管理器上的对象与下游资源系统中的对象之间的同步。