Access permissions management system and method

Description

FIELD OF THE INVENTION

The present invention relates to access permissions management.

BACKGROUND OF THE INVENTION

The following patent publications are believed to represent the current state of the art:

U.S. Pat. Nos. 5,465,387; 5,899,991; 6,338,082; 6,393,468; 6,928,439; 7,031,984; 7,068,592; 7,403,925; 7,421,740; 7,555,482, 7,606,801 and 7,743,420; and

U.S. Published Patent Application Nos.: 2003/0051026; 2004/0249847; 2005/0108206; 2005/0203881; 2005/0086529; 2006/0064313; 2006/0184530; 2006/0184459; 2007/0203872; 2007/0244899; 2008/0271157; 2009/0100058; 2009/0119298; 2009/0265780; 2011/0060916 and 2011/0061111.

SUMMARY OF THE INVENTION

The present invention provides improved systems and methodologies for access permissions redundancy prevention.

There is thus provided in accordance with a preferred embodiment of the present invention an access permissions management system including a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein some of the multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited and some of the multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and an access permissions redundancy prevention engine operative to ascertain which of the unique access permissions are redundant with inherited access permissions and responsively thereto not to store the unique access permissions which are redundant with inherited access permissions in the repository.

There is also provided in accordance with another preferred embodiment of the present invention an access permissions management system including a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein some of the multiplicity of data elements are inherited data elements, which have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are protected data elements, which are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited and some of the multiplicity of data elements are hybrid data elements, which are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and an access permissions overlap prevention engine operative to ascertain which of the unique access permissions associated with a protected data element are identical to access permissions associated with a data element immediately above the protected data element in the hierarchy and responsively thereto not to store the unique access permissions which are associated with the protected data element.

There is further provided in accordance with yet another preferred embodiment of the present invention an access permissions management method including maintaining a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein some of the multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited and some of the multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and preventing access permissions redundancy by ascertaining which of the unique access permissions are redundant with inherited access permissions and responsively thereto not to store the unique access permissions which are redundant with inherited access permissions in the repository.

There is yet further provided in accordance with still another preferred embodiment of the present invention an access permissions management method including maintaining a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in a data element hierarchy and wherein some of the multiplicity of data elements are inherited data elements, which have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are protected data elements, which are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited and some of the multiplicity of data elements are hybrid data elements, which are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions, and preventing access permissions overlap by ascertaining which of the unique access permissions associated with a protected data element are identical to access permissions associated with a data element immediately above the protected data element in the hierarchy and responsively thereto not to store the unique access permissions which are associated with the protected data element.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the drawings in which:

FIG. 1 is a simplified block diagram illustration of an access permissions management system, constructed and operative in accordance with a preferred embodiment of the present invention;

FIG. 2 is a simplified flowchart indicating steps in the operation of the access permissions management system of FIG. 1;

FIG. 3 is a simplified block diagram illustration of an access permissions management system, constructed and operative in accordance with another preferred embodiment of the present invention; and

FIG. 4 is a simplified flowchart indicating steps in the operation of the access permissions management system of FIG. 3.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

Reference is now made to FIG. 1, which is a simplified block diagram illustration of an access permissions management system, constructed and operative in accordance with a preferred embodiment of the present invention, and to FIG. 2, which is a simplified flowchart indicating steps in the operation of the access permissions management system of FIG. 1. The access permissions management system of FIGS. 1 & 2 is preferably suitable for operating in an enterprise computer network including multiple disparate clients, computer hardware resources and computer software resources, and a file system comprising a data element hierarchy.

Preferably, the system of FIGS. 1 & 2 includes a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in the data element hierarchy and wherein some of the multiplicity of data elements have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited, and some of the multiplicity of data elements are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions. It is appreciated that prevention of association of inherited access permissions with a data element may be accomplished, for example, by configuring of the data element, such as by an IT Administrator, as a data element which is not allowed to inherit access permissions from any of its ancestors.

In accordance with a preferred embodiment of the present invention, the system of FIGS. 1 & 2 also includes an access permissions redundancy prevention engine operative to ascertain which of the unique access permissions are redundant with inherited access permissions and responsively thereto not to store the unique access permissions which are redundant with inherited access permissions in the repository.

As shown in FIG. 2, for each data element in the data element hierarchy the system ascertains whether the data element has unique access permissions associated therewith. Thereafter, the system ascertains whether the data element also has inherited access permissions associated therewith. Thereafter, the system ascertains whether any of the unique access permissions associated with the data element are redundant with any of the inherited access permissions associated with the data element. Thereafter, for each data element, the system stores in the repository only the unique access permissions which are not redundant with any of the inherited access permissions.

Reference is now made to FIG. 3, which is a simplified block diagram illustration of an access permissions management system, constructed and operative in accordance with another preferred embodiment of the present invention, and to FIG. 4, which is a simplified flowchart indicating steps in the operation of the access permissions management system of FIG. 3. The access permissions management system of FIGS. 3 & 4 is preferably suitable for operating in an enterprise computer network including multiple disparate clients, computer hardware resources and computer software resources, and a file system comprising a data element hierarchy.

Preferably, the system of FIGS. 3 & 4 includes a hierarchical access permissions repository including a multiplicity of access permissions relating to a multiplicity of data elements which are arranged in the data element hierarchy and wherein some of the multiplicity of data elements are inherited data elements, which have associated therewith only access permissions which are inherited from data elements ancestral thereto, some of the multiplicity of data elements are protected data elements, which are prevented from having associated therewith inherited access permissions and thus have associated therewith only unique access permissions which are not inherited, and some of the multiplicity of data elements are hybrid data elements, which are not prevented from having associated therewith inherited access permissions and have associated therewith not only inherited access permissions but also unique access permissions which are not inherited, some of which unique access permissions possibly being redundant with inherited access permissions.

In accordance with a preferred embodiment of the present invention, the system of FIGS. 3 & 4 also includes an access permissions overlap prevention engine operative to ascertain which of the unique access permissions associated with a protected data element are identical to access permissions associated with a data element immediately above the protected data element in the hierarchy and responsively thereto not to store the unique access permissions which are associated with the protected data element.

As shown in FIG. 4, for each protected data element in the data element hierarchy the system ascertains whether the unique access permissions associated therewith are identical to the access permissions associated with the data element immediately above the protected data element in the hierarchy. Thereafter, only for protected data elements which have unique access permissions associated therewith that are not identical to the access permissions associated with the data element immediately above the protected data element in the hierarchy, the system stores in the repository the unique access permissions associated with the protected data element.

It will be appreciated by persons skilled in the art that the present invention is not limited by what has been particularly shown and described hereinabove. Rather, the invention also includes various combinations and subcombinations of the features described hereinabove as well as modifications and variations thereof, which would occur to persons skilled in the art upon reading the foregoing and which are not in the prior art.

Claims

1. A data governance system for use with an existing organizational file system, said data governance system comprising a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to automatically manage access permissions, said system comprising: a probe engine communicating with said organizational file system and being operative to collect access information from said organizational file system in an ongoing manner;a redundancy reducing engine receiving an output from said probe engine and providing a redundancy reduced information stream; anda redundancy reduced information database receiving and storing said redundancy reduced information stream;said redundancy-reduced information database storing information relating to a subset of a set of access permissions to said organization file system, said subset being created by said redundancy reducing engine,said redundancy reducing engine being operative: to ascertain whether there exists a first subset of said multiplicity of access permissions permitting access to a portion of said organizational file system, which permitted access is identical to access permitted by a second subset, different from said first subset, of said multiplicity of access permissions to said portion of said organizational file system, said first subset of said multiplicity of access permissions therefore being redundant; andresponsive to said ascertaining whether any of said access permissions are redundant, to eliminate from said multiplicity of access permissions to said organizational file system, said access permissions to said organizational file system which are redundant.
2. An access permissions management method comprising: communicating with an organizational file system and collecting access information from said organizational file system in an ongoing manner;responsive to said collecting access information: ascertaining whether there exists a first subset of said multiplicity of access permissions permitting access to a portion of said organizational file system, which permitted access is identical to access permitted by a second subset, different from said first subset, of said multiplicity of access permissions to said portion of said organizational file system, said first subset of said multiplicity of access permissions therefore being redundant; andresponsive to said ascertaining whether any of said access permissions are redundant, eliminating from said multiplicity of access permissions to said organizational file system, said access permissions to said organizational file system which are redundant; andproviding and storing, a redundancy reduced information stream, said redundancy reduced information stream comprising information relating to a subset of a set of access permissions to said organizational file system.

REFERENCE TO RELATED APPLICATIONS

Reference is made to U.S. Provisional Patent Application Ser. No. 61/477,662, filed Apr. 21, 2011 and entitled “ACCESS PERMISSIONS MANAGEMENT SYSTEM AND METHOD”, the disclosure of which is hereby incorporated by reference and priority of which is hereby claimed pursuant to 37 CFR 1.78(a) (4) and (5)(i). Reference is also made to U.S. patent application Ser. No. 13/014,762, filed Jan. 27, 2011, and entitled “AUTOMATIC RESOURCE OWNERSHIP ASSIGNMENT SYSTEMS AND METHODS”, the disclosure of which is hereby incorporated by reference and priority of which is hereby claimed pursuant to 37 CFR 1.78(a) (1) and (2)(i). Reference is also made to the following patents and patent applications, owned by assignee, the disclosures of which are hereby incorporated by reference: U.S. Pat. Nos. 7,555,482 and 7,606,801; U.S. Published Patent Application Nos. 2007/0244899, 2008/0271157, 2009/0100058, 2009/0119298, 2009/0265780, 2011/0060916 and 2011/0061111; and U.S. patent application Ser. No. 12/673,691.

US Referenced Citations (105)

Number	Name	Date	Kind
5465387	Mukherjee	Nov 1995	A
5761669	Montague et al.	Jun 1998	A
5889952	Hunnicutt et al.	Mar 1999	A
5899991	Karch	May 1999	A
6308173	Glasser et al.	Oct 2001	B1
6338082	Schneider	Jan 2002	B1
6393468	McGee	May 2002	B1
6772350	Belani et al.	Aug 2004	B1
6928439	Satoh	Aug 2005	B2
7007032	Chen et al.	Feb 2006	B1
7017183	Frey et al.	Mar 2006	B1
7031984	Kawamura et al.	Apr 2006	B2
7068592	Duvaut et al.	Jun 2006	B1
7185192	Kahn	Feb 2007	B1
7305562	Bianco et al.	Dec 2007	B1
7403925	Schlesinger et al.	Jul 2008	B2
7421740	Fey et al.	Sep 2008	B2
7555482	Korkus	Jun 2009	B2
7580934	Futatsugi	Aug 2009	B2
7606801	Faitelson et al.	Oct 2009	B2
7716240	Lim	May 2010	B2
7743420	Shulman et al.	Jun 2010	B2
8327419	Korablev	Dec 2012	B1
8447829	Geller	May 2013	B1
8533787	Faitelson et al.	Sep 2013	B2
8621610	Oberheide et al.	Dec 2013	B2
8639724	Sorenson, III et al.	Jan 2014	B1
8683560	Brooker et al.	Mar 2014	B1
8805884	Faitelson et al.	Aug 2014	B2
8909673	Faitelson et al.	Dec 2014	B2
9680839	Faitelson et al.	Jun 2017	B2
20020002557	Straube et al.	Jan 2002	A1
20020026592	Gavrila et al.	Feb 2002	A1
20030051026	Carter et al.	Mar 2003	A1
20030188198	Holdsworth et al.	Oct 2003	A1
20040030915	Sameshima et al.	Feb 2004	A1
20040186809	Schlesinger et al.	Sep 2004	A1
20040249847	Wang et al.	Dec 2004	A1
20040254919	Giuseppini	Dec 2004	A1
20050044396	Vogel et al.	Feb 2005	A1
20050044399	Dorey	Feb 2005	A1
20050065823	Ramraj et al.	Mar 2005	A1
20050086529	Buchsbaum	Apr 2005	A1
20050108206	Lam et al.	May 2005	A1
20050120054	Shulman et al.	Jun 2005	A1
20050203881	Sakamoto et al.	Sep 2005	A1
20050246762	Girouard et al.	Nov 2005	A1
20050278334	Fey et al.	Dec 2005	A1
20050278785	Lieberman	Dec 2005	A1
20060037062	Araujo et al.	Feb 2006	A1
20060064313	Steinbarth et al.	Mar 2006	A1
20060090208	Smith	Apr 2006	A1
20060184459	Parida	Aug 2006	A1
20060184530	Song et al.	Aug 2006	A1
20060271523	Brookler	Nov 2006	A1
20060277184	Faitelson et al.	Dec 2006	A1
20060294578	Burke et al.	Dec 2006	A1
20070033340	Tulskie et al.	Feb 2007	A1
20070073698	Kanayama et al.	Mar 2007	A1
20070094265	Korkus	Apr 2007	A1
20070101387	Hua et al.	May 2007	A1
20070112743	Giampaolo et al.	May 2007	A1
20070136603	Kuecuekyan	Jun 2007	A1
20070156659	Lim	Jul 2007	A1
20070156693	Soin et al.	Jul 2007	A1
20070198608	Prahlad et al.	Aug 2007	A1
20070203872	Flinn et al.	Aug 2007	A1
20070214497	Montgomery	Sep 2007	A1
20070244899	Faitelson et al.	Oct 2007	A1
20070261121	Jacobson	Nov 2007	A1
20070266006	Buss	Nov 2007	A1
20070276823	Borden et al.	Nov 2007	A1
20070282855	Chen et al.	Dec 2007	A1
20080031447	Geshwind et al.	Feb 2008	A1
20080034402	Botz et al.	Feb 2008	A1
20080071785	Kabra et al.	Mar 2008	A1
20080104663	Tokutani	May 2008	A1
20080162707	Beck et al.	Jul 2008	A1
20080172720	Botz et al.	Jul 2008	A1
20080270462	Thomsen	Oct 2008	A1
20080271157	Faitelson et al.	Oct 2008	A1
20080306954	Hornqvist	Dec 2008	A1
20090100058	Faitelson et al.	Apr 2009	A1
20090119298	Faitelson et al.	May 2009	A1
20090150981	Amies et al.	Jun 2009	A1
20090198892	Alvarez et al.	Aug 2009	A1
20090249446	Jenkins et al.	Oct 2009	A1
20090265780	Korkus et al.	Oct 2009	A1
20090320088	Gill et al.	Dec 2009	A1
20100011438	Bartley	Jan 2010	A1
20100023491	Huang et al.	Jan 2010	A1
20100037324	Grant et al.	Feb 2010	A1
20100070881	Hanson et al.	Mar 2010	A1
20100262625	Pittenger	Oct 2010	A1
20110060916	Faitelson et al.	Mar 2011	A1
20110061093	Korkus et al.	Mar 2011	A1
20110061111	Faitelson et al.	Mar 2011	A1
20110184989	Faitelson et al.	Jul 2011	A1
20110296490	Faitelson et al.	Dec 2011	A1
20120011161	Marathe	Jan 2012	A1
20120054283	Korkus et al.	Mar 2012	A1
20120078965	Laitkorpi et al.	Mar 2012	A1
20120271853	Faitelson et al.	Oct 2012	A1
20120271855	Faitelson et al.	Oct 2012	A1
20120291100	Faitelson et al.	Nov 2012	A1

Foreign Referenced Citations (11)

Number	Date	Country
1588889	Mar 2005	CN
1860723	Nov 2006	CN
101316273	Dec 2008	CN
101692278	Apr 2010	CN
2007-075950	Mar 2007	JP
2012-132276	Jul 2012	JP
2011030324	Mar 2011	WO
2011148376	Dec 2011	WO
2011148377	Dec 2011	WO
2012101620	Aug 2012	WO
2012143920	Oct 2012	WO

Non-Patent Literature Citations (65)

Entry
In English the First Chinese Office Action dated Jun. 26, 2015; Appln. No. 2011800662618.
In English the First Chinese Office Action dated Jun. 29, 2016; Appln. No. 2012800293603.
U.S. Appl. No. 60/688,486, filed Jun. 7, 2005.
U.S. Appl. No. 61/477,662, filed Apr. 21, 2011.
USPTO AA dated Mar. 24, 2016 in connection with U.S. Appl. No. 13/159,903.
USPTO AA dated Jun. 7, 2013 in connection with U.S. Appl. No. 13/303,826.
USPTO FOA dated Mar. 25, 2013 in connection with U.S. Appl. No. 13/303,826.
USPTO FOA dated Mar. 25, 2015 in connection with U.S. Appl. No. 13/384,452.
USPTO FOA dated Apr. 28, 2011 in connection with U.S. Appl. No. 11/871,028.
USPTO FOA dated Aug. 1, 2008 in connection with U.S. Appl. No. 11/258,256.
USPTO FOA dated Sep. 6, 2013 in connection with U.S. Appl. No. 13/378,115.
USPTO FOA dated Oct. 30, 2014 in connection with U.S. Appl. No. 13/159,903.
USPTO FOA dated Dec. 9, 2015 in connection with U.S. Appl. No. 13/159,903.
USPTO FOA dated Dec. 14, 2010 in connection with U.S. Appl. No. 11/789,884.
USPTO NFOA dated Jan. 15, 2013 in connection with U.S. Appl. No. 13/159,903.
USPTO NFOA dated Feb. 12, 2008 in connection with U.S. Appl. No. 11/258,256.
USPTO_ NFOA dated Mar. 13, 2014 in connection with U.S. Appl. No. 13/159,903.
USPTO NFOA dated Jun. 4, 2014 in connection with U.S. Appl. No. 13/303,826.
USPTO NFOA dated Jun. 10, 2015 in connection with U.S. Appl. No. 13/159,903.
USPTO NFOA dated Jul. 8, 2014 in connection with U.S. Appl. No. 13/378,115.
USPTO NFOA dated Jul. 9, 2010 in connection with U.S. Appl. No. 11/789,884.
USPTO NFOA dated Jul. 11, 2012 in connection with U.S. Appl. No. 13/014,762.
USPTO NFOA dated Sep. 14, 2012 in connection with U.S. Appl. No. 12/861,967.
USPTO NFOA dated Sep. 16, 2010 in connection with U.S. Appl. No. 11/871,028.
USPTO NFOA dated Sep. 19, 2012 in connection with U.S. Appl. No. 13/303,826.
USPTO NFOA dated Oct. 31, 2008 in connection with U.S. Appl. No. 11/635,736.
USPTO NFOA dated Dec. 14, 2010 in connection with U.S. Appl. No. 11/786,522.
USPTO NOA dated Feb. 10, 2017 in connection with U.S. Appl. No. 13/159,903.
USPTO NOA dated Apr. 12, 2012 in connection with U.S. Appl. No. 11/789,884.
USPTO NOA dated Jul. 11, 2014 in connection with U.S. Appl. No. 13/303,826.
USPTO NOA dated Aug. 12, 2016 in connection with U.S. Appl. No. 13/159,903.
USPTO RR dated Nov. 21, 2012 in connection with U.S. Appl. No. 13/106,023.
Ebell: “Access Control Lists—alfrescowiki” 9 pages, Jun. 5, 2008.
Varonis: DatAdvantage User Guide 71 pages, Version 1.0 Aug. 30, 2005.
Varonis: DatAdvantage User Guide 118 pages, Version 2.0 Aug. 24, 2006.
Varonis: DatAdvantage User Guide 124 pages, Version 2.5, Nov. 27, 2006.
Varonis: DatAdvantage User Guide 127 pages, Version 2.6, Dec. 15, 2006.
Varonis: DatAdvantage User Guide 131 pages, Version 2.7, Feb. 6, 2007.
Varonis: DatAdvantage User Guide 153 pages Version 3.0 Jun. 20, 2007.
Varonis: A list of database tables in DatAdvantage 2.7, Feb. 6, 2007.
Varonis: A list of database tables in DatAdvantage 3.0, Jun. 20, 2007.
Sahadeb De, et al; “Secure Access Control in a Multi-user Geodatabase”, available on the Internet at the URL http://www10.qiscafe.com. 2005, 10 pages.
Findutils; “GNU Project”. Free Software Foundation (FSF), 3 pages, Nov. 2006.
Genunix; “Writing Filesystems—VFS and Vnode Interfaces”, 5 pages. Oct. 2007.
S.R. Kleiman; “Vnodes: An architecture for Multiple File System Types in Sun UNIX”, USENIX Association: Summer Conference Proceeding, Atlanta 1986; 10 pages.
Dennis Lu, et al; “Jesse Dyer”, Jul. 15, 2004, 8, pages.
Sara C. Madeira.; “Clustering, Fuzzy Clustering and Biclustering: An Overview”, pp. 31 to 53, Jun. 27, 2003.
Sara C. Madeira, et al; “Biclustering Algorithms for Biological Data Analysis: A Survey”, Mar. 2004; http://www.cs.princeton.edu/courses/archive/spr05/cos598E/bib/bicluster.pdf.
Varonis “Accelerating Audits with Automation: Understanding Who's Accessing Your Unstructured Data”, 7 pages, Oct. 8, 2007.
Varonis: “White Paper: The Business Case for Data Governance”, dated Mar. 27, 2007, 8 pages.
Alex Woodie: “Varonis Prevents Unauthorized Access to Unstructured Data”, Four Hundred Stuff, vol. 7, No. 9, Jul. 31, 2007, 6 pages.
Extended European Search Report dated May 13, 2015, Appln. 11857276.7-1958/2668563 PCT/IL2011000902.
IPRP dated Jul. 30, 2013; PCT/IL2011/000902.
IPRP dated Jul. 30, 2013; PCT/IL2011/000903.
IPRP dated May 12, 2015; PCT/IL2012/000163.
ISR and WO dated May 23, 2011; PCT/IL1100065.
ISR and WO dated Jun. 14, 2011; PCT/IL1100066.
ISR and WO dated Jun. 13, 2011; PCT/IL1100076.
ISR and WO dated May 24, 2011; PCT/IL1100077.
ISR and WO dated Nov. 15, 2011; PCT/IL1100408.
ISR and WO dated Apr. 13, 2012; PCT/IL1100902.
ISR and WO dated May 20, 2010; PCT/IL2010000069.
ISR and WO dated Aug. 31, 2012; PCT/IL2012000163.
Supplementary European Search Report dated May 3, 2016; Appln. 12774249.2-1870/2700028 PCT/il2012000163.
A Patent Board Decision on Appeal dated Aug. 29, 2017, which issued during the prosecution of U.S. Appl. No. 13/378,115.

Related Publications (1)

	Number	Date	Country
	20170098091 A1	Apr 2017	US

Provisional Applications (1)

	Number	Date	Country
	61477662	Apr 2011	US

Continuations (1)

	Number	Date	Country
Parent	13159903	Jun 2011	US
Child	15381239		US

Continuation in Parts (1)

	Number	Date	Country
Parent	13014762	Jan 2011	US
Child	13159903		US

Access permissions management system and method

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

US

International Classifications

Disclaimer

Abstract