1. Field of the Invention
The present invention is directed to technology for modifying group membership.
2. Description of the Related Art
With the growth of the Internet, the use of networks and other information technologies, Identity Systems have become more popular. In general, an Identity System provides for the creation, removal, editing and other managing of identity information stored in various types of data stores. The identity information pertains to users, groups, organizations and/or things. For each entry in the data store, a set of attributes are stored. For example, the attributes stored for a user may include a name, an address, an employee number, a telephone number, an email address, a user ID and a password. The Identity System can also manage access privileges that govern what an entity can view, create, modify or use in the Identity System. Often, this management of access privileges is based on one or more attributes.
Groups can be very useful for managing access privileges and other items. For example, if five persons at a company have similar job responsibilities, they are likely to need similar access privileges. Rather than configure each person separately, a group can be created and each of the five persons can be added to the group. An administrator then only needs to configure the system for the single group's access privileges, instead of five separate persons. Groups can be used for any subset of access privileges.
Typically, an owner of a group or an administrator adds and removes users from a group. With some large systems, the number of groups is large and the number of users is enormous. Thus, the task of adding and removing users can be extremely burdensome. To alleviate the burden on administrators and owners of groups, self subscription and unsubscription can be provided. That is, users should be able to add themselves to or remove themselves from a group. Because group membership can be used to determine access privileges, there is a need to provide restrictions on self subscription and unsubscription. Any such restrictions should be flexible to accommodate various situations and needs of a system.