System and method for granting role-based access to a digital artifact

Abstract

A system and method for immutably affixing one or more Unique-Numbers (N1-Nn) associated with one or more users and one or more roles (R1-Rn) associated with each user from the one or more users to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1). The method includes steps for registering a set of users by capturing biometric samples associated with each user from the set of users. Further, the method includes steps for immutably affixing one or more Unique-Numbers (N1-Nn) associated with one or more users and one or more roles (R1-Rn) associated with each user from the one or more users to a digital artifact (A1). Further, the method includes steps for provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1).

Claims

1. A method of affixing one or more users and their corresponding roles to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1), the method comprising steps of: registering a set of users by, wherein each user from the set of users is registered by, receiving a set of biometric samples of the user, corresponding to one or more biometric factors, processing the set of biometric samples to compute a Secret-Key (S1) corresponding to the user, generating a Unique-Number (N1) using a random number generation algorithm, applying a Function (F1) to the Secret-Key (S1) and the Unique-Number (N1) to compute a Public-Key (P1), and storing the Public-Key (P1) in a database; affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1) by receiving an instruction to create the digital artifact (A1), wherein the digital artifact (A1) is created in a client application (C1), receiving an instruction to assign the one or more roles from a set of roles (R1-Rn) to each user from the one or more users, encrypting a Unique-Number (N2) associated with each user from the one or more users to obtain an encrypted Unique-Number (N2) corresponding to each user from the one or more users, wherein the Unique-Number (N2) is encrypted using a Public-Key (P2) associated with each user from the one or more users, and embedding the encrypted Unique-Number (N2) corresponding to each user from the one or more users into the digital artifact (A1) and the one or more roles associated with each user from the one or more users; provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1) by receiving from the target user (U1.sub.t), a request R1, to perform in respect of the digital artifact (A1) a set of operations associated with a target role, receiving a target public key (P1.sub.t) corresponding to the target user (U1.sub.t), receiving a set of biometric samples of the target user (U1.sub.t), corresponding to one or more biometric factors, processing the set of biometric samples to compute a target Secret-Key (S1.sub.t) corresponding to the target user (U1.sub.t), decrypting a target encrypted Unique-Number (N2.sub.t), embedded into the digital artifact (A1), using the target Secret-Key (S1.sub.t) and the target Public-Key (P1.sub.t) to obtain a Target Unique-Number (N1.sub.t), obtaining one or more roles corresponding to the target user (U1.sub.t) based on the Target Unique-Number (N1.sub.t), and provisioning the target user (U1.sub.t) to perform in respect of the digital artifact (A1) a set of operations associated with the target role.

2. The method as claimed in claim 1, wherein the set of biometric samples correspond to the face of the target user (U1.sub.t), wherein the set of biometric samples is captured in real-time at the time of registering the users, and wherein the set of biometric samples are quantized, before applying a key generation algorithm on the set of biometric samples, for generating the Secret Key (S1) corresponding to each user from the set of users.

3. The method as claimed in claim 1, wherein the digital artifact (A1) is a text file, a media file, a website or a set of digital files, wherein the media file may be any one of an image file, video file, VR file, or an audio file, wherein the file may be any one of an editable file, or a non-editable file, wherein the digital artifact (A1) corresponds to a physical object including a house or a car.

4. The method as claimed in claim 1, wherein the set of biometric samples of the target user (U1.sub.t) are captured using a biometric data capturing device, wherein the biometric data capturing device is at least one of one of a camera, a fingerprint scanner, and an eye retina scanner, wherein the set of biometric samples is captured from the target user (U1.sub.t) in real-time.

5. The method as claimed in claim 1, wherein the database is updated to store the Public-Key (P1) corresponding to each user from the set of users.

6. The method as claimed in claim 1, wherein the database is maintained over a peer-to-peer network.

7. A system for affixing one or more users and their corresponding roles to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1), the system comprises: a memory; a processor coupled to the memory, wherein the processor is configured to execute programmed instructions stored in the memory for: registering a set of users by, wherein each user from the set of users is registered by, receiving a set of biometric samples of the user, corresponding to one or more biometric factors, processing the set of biometric samples to compute a Secret-Key (S1) corresponding to the user, generating a Unique-Number (N1) using a random number generation algorithm, applying a Function (F1) to the Secret-Key (S1) and the Unique-Number (N1) to compute a Public-Key (P1), and storing the Public-Key (P1) in a database; affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1) by receiving an instruction to create the digital artifact (A1), wherein the digital artifact (A1) is created in a client application (C1), receiving an instruction to assign the one or more roles from a set of roles (R1-Rn) to each user from the one or more users, encrypting a Unique-Number (N2) associated with each user from the one or more users to obtain an encrypted Unique-Number (N2) corresponding to each user from the one or more users, wherein the Unique-Number (N2) is encrypted using a Public-Key (P2) associated with each user from the one or more users, and embedding the encrypted Unique-Number (N2) corresponding to each user from the one or more users into the digital artifact (A1) and the one or more roles associated with each user from the one or more users; provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1) by receiving from the target user (U1.sub.t), a request R1, to perform in respect of the digital artifact (A1) a set of operations associated with a target role; receiving a target public key (P1.sub.t) corresponding to the target user (U1.sub.t), receiving a set of biometric samples of the target user (U1.sub.t), corresponding to one or more biometric factors, processing the set of biometric samples to compute a target Secret-Key (S1.sub.t) corresponding to the target user (U1.sub.t), decrypting a target encrypted Unique-Number (N2.sub.t), embedded into the digital artifact (A1) using the target Secret-Key (S1.sub.t) and the target Public-Key (P1.sub.t) to obtain a Target Unique-Number (N1.sub.t), obtaining one or more roles corresponding to the target user (U1.sub.t) based on the Target Unique-Number (N1.sub.t), and provisioning the target user (U1.sub.t) to perform in respect of the digital artifact (A1) a set of operations associated with the target role.

8. The system as claimed in claim 7, wherein the set of biometric samples correspond to the face of the target user (U1.sub.t), wherein the set of biometric samples is captured in real-time at the time of registering the users, and wherein the set of biometric samples are quantized, before applying a key generation algorithm on the set of biometric samples, for generating the Secret Key (S1) corresponding to each user from the set of users.

9. The system as claimed in claim 7, wherein the digital artifact (A1) is a text file, a media file, a website or a set of digital files, wherein the media file may be any one of an image file, video file, VR file, or an audio file, wherein the file may be any one of an editable file, or a non-editable file, wherein the digital artifact (A1) corresponds to a physical object including a house or a car.

10. The system as claimed in claim 7, wherein the set of biometric samples of the target user (U1.sub.t) are captured using a biometric data capturing device, wherein the biometric data capturing device is at least one of a camera, a fingerprint scanner, and a retina scanner, wherein the set of biometric samples is captured from the target user (U1.sub.t) in real-time.

11. The system as claimed in claim 7, wherein the database is updated to store the Public-Key (P1) corresponding to each user from the set of users.

12. The system as claimed in claim 11, wherein the database is maintained over a peer-to-peer network.

Description

BRIEF DESCRIPTION OF DRAWINGS

(1) The detailed description is described with reference to the accompanying Figures. The same numbers are used throughout the drawings to refer like features and components.

(2) FIG. 1 illustrates a network implementation 100 of a system 101 for granting role-based access to a digital artifact, in accordance with an embodiment of the present disclosure.

(3) FIG. 2 illustrates components of the system 101 for granting role-based access to a digital artifact, in accordance with an embodiment of the present disclosure.

(4) FIG. 3 illustrates a method 300 for granting role-based access to a digital artifact, in accordance with an embodiment of the present disclosure.

(5) FIG. 4 illustrates a method 400 for registering a set of users, in accordance with an embodiment of the present disclosure.

(6) FIG. 5 illustrates a method 500 for affixing one or more users and one or more roles associated with each user from the one or more users to a digital artefact (A1), in accordance with an embodiment of the present disclosure.

(7) FIG. 6 illustrates a method 600 for provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1), in accordance with an embodiment of the present disclosure.

DETAILED DESCRIPTION

(8) Reference throughout the specification to various embodiments, some embodiments, one embodiment, or an embodiment means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment. Thus, appearances of the phrases in various embodiments. in some embodiments, in one embodiment. or in an embodiment in places throughout the specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures or characteristics may be combined in any suitable manner in one or more embodiments.

(9) Referring to FIG. 1, implementation 100 of a system 101 for granting role-based access to a digital artifact is illustrated, in accordance with an embodiment of the present subject matter. In one embodiment, the system 101 may comprise a processor and a memory. Further, the system 101 may be connected to user devices and client applications through a network 104. It may be understood that the system 101 may be connected with multiple users through one or more user devices 103-1, 103-2, 103-3 . . . , 103-n and applications 102-1, 102-2, 102-3 . . . , 102-n collectively referred to as a user device 103 and client applications 102 respectively. The client applications 102 may correspond to any one of online platforms, social media networks and other online service providers. It must be noted that the users may use the user devices 103 to register themselves with the client applications 102. The client application 102 may allow the users to create digital artifacts in the client application 102. Before creating any digital artifact in the client application 102, the system 101 is configured to authenticate a user. The digital artifact may be a text file, a media file, a website, or any other set of one or more digital files. The media file may be any one of an image file, video tile, VR file, an audio file and the like. The file may be any one of an editable file, or a non-editable file. The digital artifact may also correspond to a physical object such as a house or a car.

(10) In one embodiment, the user device 103 may be a dedicated electronic equipment assigned to a user. The user devices 103 may support communication over one or more types of networks in accordance with the described embodiments. For example, some user devices and networks may support communications over a Wide Area Network (WAN), the Internet, a telephone network (e.g., analog, digital, POTS, PSTN, ISDN, xDSL), a mobile telephone network (e.g., CDMA, GSM, NDAC, TDMA, E-TDMA, NAMPS, WCDMA, CDMA-2000, UMTS, 3G, 4G), a radio network, a television network, a cable network, an optical network (e.g., PON), a satellite network (e.g., VSAT), a packet-switched network, a circuit-switched network, a public network, a private network, and/or other wired or wireless communications network configured to carry data. The user devices 103 and network 104 may support wireless local area network (WLAN) and/or wireless metropolitan area network (WMAN) data communications functionality in accordance with Institute of Electrical and Electronics Engineers (IEEE) standards, protocols, and variants such as IEEE 802.11 (WiFi), IEEE 802.16 (WiMAX), IEEE 802.20x (Mobile-Fi), and others.

(11) In one embodiment, the user devices 103 are enabled with biometric scanning capabilities. Furthermore, the user devices 103 are also enabled to communicate with a distributed global people's registry. The Distributed Global People Registry may be an autonomous free public utility that stores the public-key of every registered stakeholder of each client application 102.

(12) In one embodiment, the client application 102 may be any internet-based application which requires user authentication before providing the user with access to the client application 102 for creating the digital artifact. The system 101 for granting role-based access to a digital artifact is further illustrated with the block diagram in FIG. 2.

(13) Referring now to FIG. 2, various components of the system 101 are illustrated, in accordance with an embodiment of the present subject matter. As shown, the system 101 may include at least one processor 201 and a memory 203. The memory 203 consists of a set of modules. The set of modules may include a user registration module 204, a digital artifact generation module 205, a provisioning module 206. In one embodiment, the at least one processor 201 is configured to fetch and execute computer-readable instructions, stored in the memory 203, corresponding to each module.

(14) In one embodiment, the memory 203 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random-access memory (SRAM) and dynamic random-access memory (DRAM), and/or non-volatile memory, such as read-only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and memory cards. The memory 203 may be configured to store the programmed instructions to be executed by the processor 201.

(15) In one embodiment, the programmed instructions may include routines, programs, objects, components, data structures, etc., which perform particular tasks, functions, or implement particular abstract data types. The data 210 may comprise a data repository 211, and other data 212. The other data 212 amongst other things, serves as a repository for storing data processed, received, and generated by one or more components and programmed instructions.

(16) In one embodiment, the processor 201 may be configured to execute programmed instructions corresponding to the user registration module 204. The user registration module 204 may be configured to register each user from a set of users. For each user from the set of users, the user registration module 204 may be configured to receive a set of biometric samples of the user, corresponding to one or more biometric factors. The set of biometric samples may correspond to the face, fingerprint, retina, or any other biometric sample of the user. The set of biometric samples may be captured in real-time. It must be noted that there are minor variations in the biometric sample of the user, for instance the face sample may vary depending on the time of the day, mental state of the user, weight gained or lost by the user and other characteristics. Also, the biometric samples may change over time due to aging. To address this problem, the set of biometric samples are quantized, before applying a key generation algorithm to the set of biometric samples, to generate a Secret Key (S1) corresponding to each user from the set of users.

(17) In one embodiment, the set of biometric samples of the user are captured using a biometric data capturing device. The biometric data capturing device is at least one of one of a camera, a fingerprint scanner, a retina scanner, and the like. It must be noted that the set of biometric samples is captured from the user in real-time. During the process of capturing the set of biometric samples, a liveness detection test is also performed.

(18) Further, the user registration module 204 may be configured to process the set of biometric samples and compute the Secret-Key (S1) corresponding to the user.

(19) Further, the user registration module 204 may be configured to generate a Unique-Number (N1) using a random number generation algorithm. Further, the user registration module 204 may be configured to apply a Function (F1) to the Secret-Key (S1) and the Unique-Number (N1) to compute a Public-Key (P1). Finally, the user registration module 204 may be configured to store the Public-Key (P1) in a database. In a similar manner, the database is updated to store the Public-Key (P1) corresponding to each user from the set of users. The database may be maintained over a peer-to-peer network.

(20) In one embodiment, once the user registration is complete, the processor 201 may be configured to execute programmed instructions corresponding to the digital artifact generation module 205. The digital artifact generation module 205 may be configured for affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1). For this purpose, the digital artifact generation module 205 may be configured to receive an instruction to create the digital artifact (A1). The digital artifact (A1) is created in a client application (C1). The client application may run on a local device or on a network. The digital artifact (A1) may be a text file, a media file, a website or any other set of one or more digital files. The media file may be any one of an image file, video file, VR file, an audio file and the like. The file may be any one of an editable file, or a non-editable file. The digital artifact (A1) may also correspond to a physical object such as a house or a car.

(21) Further, the digital artifact generation module 205 may be configured to receive an instruction to assign the one or more roles from a set of roles (R1-Rn) to each user from the one or more users. Further, the digital artifact generation module 205 may be configured to encrypt a Unique-Number (N2) associated with each user from the one or more users to obtain an encrypted Unique-Number (N2) corresponding to each user from the one or more users. The Unique-Number (N2) may be encrypted using a Public-Key (P2) associated with each user from the one or more users. Further, the digital artifact generation module 205 may be configured to immutably affix the encrypted Unique-Number (N2) corresponding to each user from the one or more users into the digital artifact (A1) and the one or more roles associated with each user from the one or more users thereby integrating the one or more users and one or more roles into a digital artifact (A1).

(22) In one embodiment, the processor 201 may be configured to execute programmed instructions corresponding to the provisioning module 206. The provisioning module 206 may be configured for provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1). For this purpose, the provisioning module 206 may be configured to receive from the target user (U1.sub.t), a request R1, to perform in respect of the digital artifact (A1) a set of operations associated with a target role. Further, the provisioning module 206 may be configured to receive a target public key (P1.sub.t) corresponding to the target user (U1.sub.t). Further, the provisioning module 206 may be configured to receive a set of biometric samples of the target user (U1.sub.t), corresponding to one or more biometric factors. Further, the provisioning module 206 may be configured to process the set of biometric samples to compute a target Secret-Key (S1.sub.t) corresponding to the target user (U1.sub.t).

(23) Once the target Secret-Key (S1.sub.t) is generated, the provisioning module 206 may be configured to decrypt a target encrypted Unique-Number (N2.sub.t), immutably affixed in the digital artifact (A1), using the target Secret-Key (S1.sub.t) and the target Public-Key (P1.sub.t) to obtain a Target Unique-Number (N1.sub.t).

(24) Further, the provisioning module 206 may be configured to obtain one or more roles corresponding to the Target Unique-Number (N1.sub.t). Further, the provisioning module 206 may be configured to provision the target user (U1.sub.t) to perform in respect of the digital artifact (A1) a set of operations associated with the target role. If the target encrypted Unique-Number (N2.sub.t) is not decrypted using the target Secret-Key (S1.sub.t), the provisioning module 206 restricts the target user (U1.sub.t) from performing, in respect of the digital artifact (A1), a set of operations associated with the target role.

(25) Now referring to FIGS. 3, a method of affixing one or more users and their corresponding roles to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1) is illustrated in accordance with an embodiment of the present invention.

(26) At step 301, the user registration module 204 may be configured to register a set of users. The detailed process of registering a set of users is further elaborated with respect to FIG. 4.

(27) At step 302, the digital artifact generation module 205 may be configured for affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1). The detailed process of affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1) is further elaborated with respect to FIG. 5.

(28) At step 303, the provisioning module 206 may be configured for provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1). The detailed process of provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1) is further elaborated with respect to FIG. 6.

(29) Now referring to FIG. 4, the process to register each user from a set of users is illustrated, in accordance with an embodiment of the present invention.

(30) At step 401, for each user from the set of users, the user registration module 204 may be configured to receive a set of biometric samples of the user, corresponding to one or more biometric factors. The set of biometric samples may correspond to the face, fingerprint, retina, or any other biometric sample of the user. The set of biometric samples may be captured in real-time. It must be noted that there are minor variations in the biometric sample of the user, for instance the face sample may vary depending on the time of the day, mental state of the user, weight gained or lost by the user and other characteristics. Also, the biometric samples may change over time due to aging. To address this problem, the set of biometric samples are quantized, before applying a key generation algorithm to the set of biometric samples, to generate the Secret Key (S1) corresponding to each user from the set of users.

(31) In one embodiment, the set of biometric samples of the user are captured using a biometric data capturing device. The biometric data capturing device is at least one of one of a camera, a fingerprint scanner, and a retina scanner, and the like. It must be noted that the set of biometric samples is captured from the user in real-time. During the process of capturing the set of biometric samples, a liveness detection test is also performed.

(32) At step 402, the user registration module 204 may be configured to process the set of biometric samples and compute the Secret-Key (S1) corresponding to the user.

(33) At step 403, the user registration module 204 may be configured to generate a Unique-Number (N1) using a random number generation algorithm.

(34) At step 404, the user registration module 204 may be configured to apply a Function (F1) to the Secret-Key (S1) and the Unique-Number (N1) to compute a Public-Key (P1).

(35) At step 405, finally the user registration module 204 may be configured to store the Public-Key (P1) in a database. In a similar manner, the database is updated to store the Public-Key (P1) corresponding to each user from the set of users. The database may be maintained over a peer-to-peer network. Further, the process of affixing one or more users and one or more roles is further elaborated with respect to the flowchart of FIG. 5.

(36) Referring now to FIG. 5, the process of affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1) is illustrated, in accordance with an embodiment of the present invention.

(37) At step 501, the digital artifact generation module 205 may be configured to receive an instruction to create the digital artifact (A1). The digital artifact (A1) is created in a client application (C1). The client application may be any desktop or mobile application. The client application (C1) may run on a local device or on a network.

(38) At step 502, the digital artifact generation module 205 may be configured to receive an instruction to assign the one or more roles from a set of roles (R1-Rn) to each user from the one or more users.

(39) At step 503, the digital artifact generation module 205 may be configured to encrypt a Unique-Number (N2) associated with each user from the one or more users to obtain an encrypted Unique-Number (N2) corresponding to each user from the one or more users. The Unique-Number (N2) may be encrypted using a Public-Key (P2) associated with each user from the one or more users.

(40) At step 504, the digital artifact generation module 205 may be configured to embed the encrypted Unique-Number (N2) corresponding to each user from the one or more users into the digital artifact (A1) and the one or more roles associated with each user from the one or more users thereby affixing one or more users and one or more roles associated with each user from the one or more users to a digital artifact (A1).

(41) Referring now to FIG. 6, the process 600 of provisioning a target user (U1.sub.t) with role-based access to the digital artifact (A1) is illustrated in accordance with an embodiment of the present invention.

(42) At step 601, the provisioning module 206 may be configured to receive from the target user (U1.sub.t), a request R1, to perform in respect of the digital artifact (A1) a set of operations associated with a target role.

(43) At step 602, the provisioning module 206 may be configured to receive a target public key (P1.sub.t) corresponding to the target user (U1.sub.t).

(44) At step 603, the provisioning module 206 may be configured to receive a set of biometric samples of the target user (U1.sub.t), corresponding to one or more biometric factors.

(45) At step 604, the provisioning module 206 may be configured to process the set of biometric samples to compute a target Secret-Key (S1.sub.t) corresponding to the target user (U1.sub.t).

(46) At step 605, the provisioning module 206 may be configured to decrypt a target encrypted Unique-Number (N2.sub.t), embedded into the digital artifact (A1), using the target Secret-Key (S1.sub.t) and the target Public-Key (P1.sub.t) to obtain the Target Unique-Number (N1.sub.t)

(47) At step 606, the provisioning module 206 may be configured to obtain one or more roles corresponding to the Target Unique-Number (N1.sub.t).

(48) At step 607, the provisioning module 206 may be configured to provision the target user (U1.sub.t) to perform in respect of the digital artifact (A1) a set of operations associated with the target role.

(49) In one example, after the target user (U1.sub.t) and other users are registered with the system 101, the system may be configured to immutably affixing one or more Unique-Numbers (N1-Nn) associated with one or more users and one or more roles (R1-Rn) associated with each user from the one or more users to a digital artifact (A1).

(50) In one example, the digital artifact (A1) may be a document D1. The document D1 may be an editable text tile to be uploaded to the client application C. The one or more roles associated with the document D1 may comprise viewer role, reviewer role, editor role, and the like. The process of assigning the one or more roles to the document D1 may be as described in FIG. 5. Further, the system 101 may be configured to provision the target user (U1.sub.t) with role-based access to the document D1. For this purpose, a request R1 may be received from the target user (U1.sub.t). The request R1 may be associated with a target role. The target role may correspond to the editor of the document D1. Before granting the target user (U1.sub.t) the permission to edit the document D1, the target user (U1.sub.t) and her role may be validated using the process as described in FIG. 6.

(51) In another example, the digital artifact (A1) may be a post P1 to be published on a website W1. The website W1 may be a publicly accessible social media platform. The one or more roles associated with the post P1 may comprise viewer, commenter, sharer, and the like. The process of assigning the one or more roles to the post P1 may be as described in FIG. 5. Further, the system 101 may be configured to provision the target user (U1.sub.t) with role-based access to the post P1. For this purpose, a request R1 may be received from the target user (U1.sub.t). The request R1 may be associated with a target role. The target role may correspond to the resharing of the post P1. Before granting the target user (U1.sub.t) the permission to reshare the post P1, the target user (U1.sub.t) and her role may be validated using the process as described in FIG. 6.

(52) In yet another example, the digital artifact (A1) may be an access control application A1 running in a smart car. The one or more roles associated with the access control application A1 may comprise accessing the smart car, driving the smart car within a predefined geographic region, valet-parking the car, accessing the storage space of the smart car, and the like. The process of assigning the one or more roles to the access control application A1 may be as described in FIG. 5. Further, the system 101 may be configured to provision the target user (U1.sub.t) with role-based access to the access control application A1 for accessing the smart car. For this purpose, a request R1 may be received from the target user (U1.sub.t). The request R1 may be associated with a target role. The target role may correspond to valet-parking the smart car. Before granting the target user (U1.sub.t) the permission to valet-park the smart car, the target user (U1.sub.t) and her role may be validated using the process as described in FIG. 6.

(53) In yet another example, the digital artifact (A1) may be an access control application A1 associated with a home security system. The one or more roles associated with the access control application A1 may comprise a homestay guest, a housekeeping crew member, and the like. The process of assigning the one or more roles to the access control application A1 may be as described in FIG. 5. Further, the system 101 may be configured to provision the target user (U1.sub.t) with role-based access to the access control application A1 for accessing the house. For this purpose, a request R1 may be received from the target user (U1.sub.t). The request R1 may be associated with a target role. The target role may correspond to homestay guests. Before granting the target user (U1.sub.t) the permission to enter the house, the target user (U1.sub.t) and her role may be validated using the process as described in FIG. 6.

(54) Although implementations for the system 101 for immutably affixing one or more Unique-Numbers (N1-Nn) associated with one or more users and one or more roles (R1-Rn) associated with each user from the one or more users to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1) have been described in language specific to structural features and methods, it must be understood that the claims are not limited to the specific features or methods described. Rather, the specific features and methods are disclosed as examples of implementations for the system 101 and the method 300 for immutably affixing one or more Unique-Numbers (N1-Nn) associated with one or more users and one or more roles (R1-Rn) associated with each user from the one or more users to a digital artifact (A1), rendering the digital artifact (A1) in a client application (C1), and provisioning the one or more users with role-based access to the digital artifact (A1).

System and method for granting role-based access to a digital artifact

Assignee

Inventors

Cpc classification

Classification Explorer

H04L9/3231

ELECTRICITY

Classification Explorer

H04L9/0866

ELECTRICITY

Classification Explorer

G06F21/106

PHYSICS

Classification Explorer

H04L9/0825

ELECTRICITY

Classification Explorer

G06F21/6218

PHYSICS

Classification Explorer

G06F21/64

PHYSICS

Classification Explorer

G06F21/32

PHYSICS

Classification Explorer

G06F21/6209

PHYSICS

Classification Explorer

G06F21/1015

PHYSICS

Classification Explorer

H04L9/0894

ELECTRICITY

Classification Explorer

G06F21/6281

PHYSICS

Classification Explorer

G06F21/602

PHYSICS

Classification Explorer

G06F21/6245

PHYSICS

International classification

Classification Explorer

G06F21/32

PHYSICS

Classification Explorer

G06F21/10

PHYSICS

Classification Explorer

G06F21/60

PHYSICS

Classification Explorer

G06F21/62

PHYSICS

Classification Explorer

G06F21/64

PHYSICS

Classification Explorer

H04L9/08

ELECTRICITY

Abstract

Claims

Description