1. Field of the Disclosure
The present disclosure relates to a method and system for managing user security permissions for access to resources that are provided by providers, to participate in a designated task or conversation relating to the resources, and are accessible over a communications network. The present disclosure is of particular, but not exclusive, application in automatically allocating security permissions for users to access the resources based on whether the users are active or passive participants in the task or conversation so that the providers can set the security permissions for these users to access the resources.
2. Description of the Background Art
Communications technology, the Internet and now cloud computing, for instance, have increased our ability to produce and communicate information—so much so that we now deal with a flood of information on a daily basis. We are increasingly using these technologies to collaborate with more people on many different things. However, while the ability to produce and communicate information has exploded, the security model for controlling access to the information has remained largely unchanged.
For example, one existing method of controlling access to information, or resources, is based around the notion of a domain. That is, controlling access by storing the resources in domains and controlling user access to each domain. However, people typically collaborate on information across multiple domains and thus to request user access to each different domain can be slow and cumbersome. For example, people may collaborate within their organisation and within various interest groups, parents may collaborate with their children to help with homework assignments, university students may collaborate with each other on projects, and couples may collaborate to plan a holiday. In these existing examples, users may collaborate across more than one domain but each domain is orientated towards a different goal. This domain based model is, in fact, grounded on an old world view of how people should be organised to achieve some goal. The domain model, however, is slow and convoluted and does not adequately support the need to quickly collaborate with many people on many different things. It thus cannot support both speedy collaboration and tight control over security of resources and information.
In another existing example, to enable, say, speedy collaboration, the domain model can be configured with loose security. For example, a university student who needs to collaborate with other students on a project may impose almost no security over their information. Thus, to collaborate on a collection of resources, the student may email the information, track any changes, review changes, accept changes and try to keep versions in sync. Once the documents are emailed, there is no control over what happens to them; information may be edited unintentionally or, worse still, mischievously used by others. The documents can be used by anyone who gets access to them. The original author can have no idea who gets access to them and what they are used for. Accordingly, loose security is not suited to many applications where privacy of users, theft or authenticity of information is concerned. As an alternative, the students may choose to use a cloud based service such as Google Docs™ where security is, however, generally assigned one document at a time.
There are also many existing examples of, say, corporate and government organisations which impose tight security controls over information access. However, when the domain model is configured with tighter control over resource access, the bureaucratic and slow process required to gain access to the resources can prevent efficient and productive collaboration. Indeed, these organisations, particularly the ones where work occurs in virtual silos, may well find it difficult to encourage efficient and creative collaboration between members of the organisation using the existing domain based security model for access to resources. Moreover, the typical methods and processes for selecting, sharing and assigning permissions on resources such as documents, spread-sheets, and presentations is time-consuming, convoluted and can be stifling to the users.
Furthermore, in the above corporate environment example, resource access permissions can be assigned to people individually or on the basis that they are the member of a group. The group, however, must be manually defined and members manually entered. For example, within an organisation, resources (e.g. files) are stored within domain servers. The organisation controls access to the resources by restricting access to those within their domain. Access is then further restricted by organisation hierarchy or group. For example, the Human Resources department has access to certain resources, the Finance Department to others, etc. The domain model, however, cannot support the need to collaborate on many different resources with many different people, some, say, openly and some with tight security requirements over a given period of time.
Previously, email has been a common collaboration tool to use. It has enabled massive increases in productivity and, in turn, creativity and innovation whilst other existing collaboration systems work on directory, hierarchy or group models. Nonetheless, email generally provides no control over security on the resources which are being collaborated on. Accordingly, there is still a need for considerable manual security administration which does not enable both fast paced and tight control over the security. Furthermore, as briefly mentioned, technologies such as Google Docs™ or Office 365™ readily enable collaboration on a resource, but it is still necessary to manually share and allocate permissions on the resource.