1. Technical Field
The present invention relates in general to the field of computers, and more particularly to data storage management. Still more particularly, the present invention relates to controlling access to technical records through the use of a centralized security service.
2. Description of the Related Art
Technical records are data structures, in a data repository system, that conform to specific naming and security guidelines set by an enterprise. To access technical records, a requesting user must provide a security construct that affords the user the permission and ability to access requested technical records. The current approach to many software solutions is to use a Service-Oriented Architecture (SOA), which defines services used in a scalable manner. That is, in an SOA environment, resources such are software are made available to a user in a manner that allows a user to combine specific software components to develop a desired application/system. However, there are currently no known Service-Oriented Architecture approaches that provide a method and process to centralize managing technical records across an organization. Rather, in the prior art, an enterprise must adopt a number of “one-off” strategies whenever trying to perform data management related tasks for technical records. These strategies involve the following problems.
First, the organization must rely on the file system's and/or FTP server's authentication features. This limits the organization's ability to adopt and utilize a company wide authentication/authorization strategy, because it is forced to rely on the physical server's authentication abilities, rather than on a global identifier framework.
Second, there is no manageable way to make a data migration effort transparent to the end user community, since the end user must connect and communicate with a physical server, rather than an identified conceptual repository. This means that there is great potential to disrupt daily business needs if the organization must migrate their technical records from one server to another.
Third, without a centralized automatic naming and storage convention system, there is no practical way to enforce and ensure that end users follow the naming and storage conventions determined by the organization.
Fourth, with communication only taking place at the local physical server level, there is no global method of providing consistent/uniform data integrity verification to the entire end user community of the organization.