Patent application number | Description | Published |
20080294728 | Service Discovery for Electronic Messaging Clients - An autodiscovery service for clients in an electronic messaging system is disclosed. Client devices in the system request messaging system configuration settings from an autodiscover server. Clients may derive the address of the autodiscover server from user input, such as an email address, or the address may be obtained by other means. The autodiscover server responds to the request with settings for that client. The settings requested may include addresses of electronic mail servers and other servers that provide client services. The autodiscover server may determine the settings for the client based on various criteria, including client location and user mailbox location. Third party servers may participate in the autodiscovery service, and addresses of third party servers may be included in the settings provided to the client devices. | 11-27-2008 |
20090019115 | Communications server objects for configuration information access - Architecture comprising an application programming interface (API) for representing and accessing various configuration data related to an enterprise messaging communications system. The API includes three classes for accessing stored configuration data related to enterprise recipients that can receive messages (e.g., e-mail), one or more servers that facilitate messaging communications of the enterprise, and a messaging connector for proper flow of message internal and external to the enterprise. By encapsulating these sets of configuration data into distinct classes, business logic that interprets these classes can be centralized thereby avoiding duplicate and incompatible logic. | 01-15-2009 |
20120317132 | Instance-Based Command Execution, Approval, and Notification Framework - An action approval framework may be provided. Upon receiving a selection of an action and at least one action parameter from a user, the requested action may be evaluated to determine if that action requires approval. Once the required approval has been received, or if the action may be automatically approved, the requested action may be performed. | 12-13-2012 |
Patent application number | Description | Published |
20100281173 | DELEGATED ADMINISTRATION FOR REMOTE MANAGEMENT - A remote administration system is described herein that provides varying permissions to invoke administrative commands to multiple users. An application host provisions users of different organizations and defines one or more commands that the users can invoke remotely. The system associates the commands with users and/or groups to specify the users and/or groups that are authorized to execute the commands. When the remote administration system receives a remote request to perform a command, the system determines a user associated with the command and whether the user is authorized to execute the command. The system also creates an execution context for each connected user that defines the roles and access privileges associated with the user and that isolates the user from other users. Thus, the remote administration system provides remote administration of hosted applications in a way that is easy for administrators of the hosted service to manage. | 11-04-2010 |
20100306008 | EXTENSIBLE ROLE-BASED ACCESS CONTROL MODEL FOR SERVICES - Architecture removes the limitation of a fixed set of roles and scopes, allows more effective permission auditing, and provides a convenient delegation model. Administrators can create roles fine-tuned to business needs without changing permissions on the resources. The new roles can be easily examined and delegated to other administrators. Moreover, scoping and delegation is simplified. This is possible because permissions are granted as a role (a unit of permission assignment is a role), which can include multiple entries. The entries correspond to end-user actions and are not related to implementation-dependent resource rights. The actions can include web services or API calls, script or executable file names, specialized commands that implement particular operation, and associated parameters, etc., essentially any action that the end-user performs. | 12-02-2010 |
20100306817 | DELEGATION MODEL FOR ROLE-BASED ACCESS CONTROL ADMINISTRATION - Role-based security architecture that facilitates delegated role assignments where role functionality is monotonically decreasing. In furtherance thereof decreasing monotonicity roles are arranged in a hierarchy. Moreover, delegated roles can be obtained by creating a derived role (from a parent role) and removing entries from the derived role to decrease the permissions for the derived role. Delegated role assignments are scoped (bounded), which automatically applies a given scope to the assignment created by the user receiving the delegation. | 12-02-2010 |
20100325160 | EXCLUSIVE SCOPE MODEL FOR ROLE-BASED ACCESS CONTROL ADMINISTRATION - Architecture that creates a class of role-based scopes that can be declared “exclusive”, which automatically means that no user can access the scope unless the user is granted that exact scope. The exclusive scope excludes an object from the new scopes and existing scopes. In other words, the exclusive scope is a write restriction from a domain scope. The exclusive scope denies user access unless the user is granted the exclusive scope. The exclusive scope can be applied to a group of user objects. The exclusive scope is explicitly assigned to the object to grant access to an exclusive group. Moreover, the exclusive scope is immediately write-protected upon creation. | 12-23-2010 |
20100325684 | ROLE-BASED SECURITY FOR MESSAGING ADMINISTRATION AND MANAGEMENT - A role-based access control (RBAC) for the administration of complex services, such as for messaging. The RBAC architecture facilitates the creation of a role mechanism that describes any end-user, administrator, or partner action, of a set of scopes that address all populations, and a single authorization mechanism to handle role assignments through various mechanisms. Moreover, role and scope concepts are provided that universally apply to various management scenarios. A common set of primitives is defined that represent actions of enterprise and tenant end-users, partners, tenant administrators, datacenter administrators, and enterprise administrators. The primitives can include actions, action parameters, and API calls. Additionally, a set of scopes is defined that include self-relative scopes for end-users and tenants, and, absolute and filter-based scopes for administrators. | 12-23-2010 |
20100325724 | SCOPE MODEL FOR ROLE-BASED ACCESS CONTROL ADMINISTRATION - Architecture that provides centrally located role-based administration where role assignments that are used to calculate scopes for each operation and create a filtered request that only returns objects that the user is allowed to manage. No access checks are needed. The architecture addresses the proliferation of scope definitions by at least creating a set of relative scopes such as that can generically apply to multiple users at once. More specifically, self-relative scopes and absolute scopes are provided. | 12-23-2010 |
20110296414 | UPGRADING ROLES IN A ROLE-BASED ACCESS-BASED CONTROL MODEL - Management roles in a role-based framework may be upgraded by updating existing management roles, updating derived roles, and deprecating or reducing existing and derived roles in the role-based framework. The existing management roles may include a set of existing role entries for defining an action using parameters, scripts, application program interface calls, and a special permission for enabling performance of tasks defined by the management roles. The derived roles may include custom management roles derived from the existing management roles in the role-based framework. | 12-01-2011 |