The invention relates generally to an Automated Provisioning System (APS system) which is adapted to centralize and automate information management for online services.
When new personnel or users are first allowed access onto an online service, which may be provided by service providers such as Telecommunications Companies (Telcos), corporations or enterprises, for example businesses or offices having their own internal online services, the new personnel or users have to go through a registration routine in order to enable them to use the online service. The registration routine involves the new user providing information, such as an identity code, to a central point so that each time the user logs onto the service, then their details are verified and the user is permitted by means of an appropriate identity code, to access pre-defined parts of the service. The user on registration will have been given permission to access certain parts of the online system according to the level of access that they require. For the customer of a service provider the level of access will be determined by the service that has been assigned as a result of completing an online registration form. For example a customer responds to a promotion that has been distributed by a service provider and registers for the online service via the internet. For an employee of a company the level of access may be determined by their position in a company and the work that they are required to perform. For example, the managing director of a company is likely to be allowed access to all services, ranging from accounting, to personnel and company strategy. In contrast a secretary may have access only to services or information that he needs to actually work on and will be denied access to other parts of the online services system.
Further, in organizations which are located on a number of office sites, it may be necessary on registration to specify the exact location of that employee within the organisation, for example if they are located at site A or site B because the employee will be registered as using a particular computer terminal at a particular site. However, if that employee is relocated in the organisation and is moved to another office site, a re-registration procedure must take place to take account of that relocation to another office and terminal. This means that on relocation, there will be a delay in the individual recommencing work as a result of the need for there to be a re-registration procedure to enable the individual to use the computer network once they have moved. This will result in a reduction of the efficiency of the individual, which in turn will reduce the productivity of the organisation. Further, with such systems it is necessary to have a department in the organisation which is dedicated to the manual input of data about individuals in that organisation that are using the computer network and where those individuals are located. Also a system has to be set up to track and monitor the movement of individuals in the organisation, and the costs associated with such departments and tracking systems, with the increase in personnel needed, increases the costs of running a computer network within an organisation.
Accordingly, there is a need for an APS system which facilitates the rapid deployment of new entities onto an online service, which may be an individual or a piece of infrastructure such as network hardware e.g. switches and workstations, and software e.g. firewalls, operating systems and mail servers. Further there is a need to reduce costs and improve efficiency by the removal of the manual assignment of registration and tracking processes. There is the need for the fast and reliable changes to infrastructure, together with the ability to expand and integrate existing systems with associated infrastructures. In turn, there is the need for the facility to consolidate distinct networks, say following an acquisition of another network by an organisation, e.g. after the merger of organizations. There is also the need for the automation of the tracking and registration of user entities from one internet protocol address to another, which may be controlled by a single logical repository for all entity information, thereby making the online service more user friendly, faster and more flexible to use.
Further, in service providers who are operating online services on behalf of other organizations there is the need to be able to manage each organization's information in a separate logical partition of the single information repository and apply branding to the administration and registration interfaces that are specific to each organisation. There is also the need for the systems that provide the online services to be able to determine the logical partition to be used within the single repository when authenticating and authorizing users to use the online services.