| CPC G06Q 20/1235 (2013.01) [H04L 63/08 (2013.01); H04L 2463/082 (2013.01)] | 3 Claims |
|
1. An integrated computer system that enables an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module, a multi-factor authentication (MFA) software module, a product license purchase software module, a data model registry software module, a gateway control system software module, a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein the one or more processors are configured to execute:
the management platform software module to:
enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products;
enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products;
enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and
enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups;
the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality;
the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner;
the management platform software module to (i) enable further division of the accounts within the one organization into domains and (ii) map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product;
the management platform software module to:
enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user;
enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user;
enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization;
enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and
enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products;
the data model registry software module to enable the implementor to maintain an inventory of possible data types originating from the external systems and/or external products of the implementor along with associated metadata for robust searching, filtering, and visualization of relationships between the data types;
the gateway control system software module to enable validation that an incoming request from one of the users, the external systems, and/or the external products maps to a specific one of the data types as stored in the one or more data model registry processors before allowing the incoming request to proceed to any intended destination;
the data stream ecosystem software module to:
enable the implementor to define data streams and connect the external systems and/or the external products to the data streams to move data packets between the external systems and/or the external products; and
enable the implementor to track metadata about the data streams, to inspect the data streams, to manipulate the data streams, to visualize the data packets within the data streams, to visualize inventory of the data streams, and to visualize relationships between the data streams;
the gateway control system software module, the management platform software module, and the data stream ecosystem software module to work in concert to (i) map the incoming request to the one or more management platform processors and/or any of the external systems and/or any of the external products, back to the user making the incoming request, and (ii) send audit data through one of the data streams for consumption by any of the one or more external systems and/or any of the one or more external products, wherein one of the computing devices connected to the one or more processors is empowered to validate that one of the data packets maps to a specific one of the data types as stored in a computer-readable memory device of the one or more computer-readable memory devices associated with the data model registry software module before allowing the one data packet to enter one of the data streams;
the data stream manipulator registry environment software module to enable persons not directly affiliated with the implementor to create, upload, and/or make available business agnostic functions represented as blocks of code, wherein the implementor is enabled to then browse, select, license, and/or attribute to one or more of the data streams or other elements of the management platform software module to automate desired data changes and/or desired state changes, both one time and/or in an on-going manner; and
the data stream license purchase software module to enable the implementor to request and gain access to at least one of the data streams in a formalized manner, wherein:
the access to the data stream through the data stream license purchase software module can be monetized through a payment system;
the common aspect corresponds to one of the accounts belonging to (i) a common entity external to an entity associated with the implementor and/or (ii) a common group within the entity associated with the implementor; and
access to at least one of the external systems and/or at least one of the external products through the product license purchase software module can be monetized through the payment system.
|