The capability to design and implement roles in a role-based system is disclosed. The system and data architecture enable organizations to model and assign relationships between Roles and other entities in a computing environment. The complex interrelation of Groups and Roles is established in an environment where: users need not be a member of a Group to use the capabilities of a Role; Role ownership is distinct from Role usage; and Roles themselves have attributes. A collection of methods enable creation, configuration, maintenance, ownership and usage of roles and for implementing relationships between the Role and other system entities, attributes and permissions.
展开▼