Appeal 2007-0153
Application 09/792,918
access control criteria in an access management system by determining
access results without granting access to the resource (Specification 4). The
determination is made based on receiving the access information and testing
whether the identified resources are authorized for use based on the access
information (Specification 5). An understanding of the invention can be
derived from a reading of exemplary independent claim 1, which is
reproduced as follows:
1. A method for testing access to a resource available on a
network, comprising the steps of:
receiving access information;
testing whether access to said resource is authorized based on
said access information without granting authorization to said
resource, said testing includes accessing an authorization rule for said
resource and accessing an identity profile for a first user to determine
whether at least a portion of said authorization rule is satisfied based
on information in said identity profile, said authorization rule is not
part of said identity profile; and
reporting whether access to said resource is authorized based on
said step of testing.
The Examiner relies on the following prior art references:
Pachauri US 6,005,571 Dec. 21, 1999
Lewis US 6,233,576 B1 May 15, 2001
(§ 102(e) date Nov. 14, 1997)
Bienvenu US 6,526,438 B1 Feb. 25, 2003
(filed Jul. 12, 1999)
Wood US 6,691,232 B1 Feb. 10, 2004
(filed Aug. 5, 1999)
2
Page: Previous 1 2 3 4 5 6 7 8 9 10 Next
Last modified: September 9, 2013