WEB-BASED SECURITY WITH CONTROLLED ACCESS TO DATA AND RESOURCES

摘要

A stand-alone security system controlling access to secured information andself-service functionality for a sponsor organization, usable for Web-basedand IVR-based self-service functions, having five primary facets: (1) controlof access to secured information (2) enabling access to users having indirectand direct relationships with the sponsor organization (3) distribution ofsecurity administration from a central information technology resource tousers of the security system, (4) support for integration into differentenvironments, and (5) support for system integrators. Key components of accesscontrol include (1) association of a userID with one specific person, (2)identification of keys to data in back-end systems and association of thosekeys with the system users, (3) definition of pieces (segments) of anorganization so that permissions are granted based on the pieces, (4)definition of user roles based on the functionality to which he has been givenpermission, (5) a single sign-on for a user with multiple reasons to use thesystem, and (6) support for direct and indirect assignment of businessfunctions.