WEB-BASED SECURITY WITH CONTROLLED ACCESS TO DATA AND RESOURCES

摘要

A stand-alone security system controlling access to secured information and self-service functionality for a sponsor organization, usable for Web-based and IVR-based self-service functions, having five primary facets: (1) control of access to secured information (2) enabling access to users having indirect and direct relationships with the sponsor organization (3) distribution of security administration from a central information technology resource to users of the security system, (4) support for integration into different environments, and (5) support for system integrators. Key components of access control include (1) association of a userID with one specific person, (2) identification of keys to data in back-end systems and association of those keys with the system users, (3) definition of pieces (segments) of an organization so that permissions are granted based on the pieces, (4) definition of user roles based on the functionality to which he has been given permission, (5) a single sign-on for a user with multiple reasons to use the system, and (6) support for direct and indirect assignment of business functions.