1. Field of the Invention
The present invention relates to a method and system for providing security to controls in a graphical user interface through a single, uniform, and intuitive interface for users of all levels of access privilege. More particularly, the present invention relates to a method and system by which access to information contained in a window is restricted or limited without requiring the design of different versions of the window or more complicated interfaces.
2. Description of the Related Art
Data processing and database access systems commonly utilize graphical user interfaces to allow users to interact with the system and manipulate the activities and functions available to the users. Users may select a particular activity of the system available through the graphical user interface (GUI) via various input devices, such as a keyboard or mouse, and a combination of GUI elements, such as menu bars, pull-down menus, pop-up menus, icons, and objects. Another standard user-operable element of GUI is known as a "control". A control is a visual element within a GUI which may be manipulated by a user to interact with data. Icons and objects are examples of controls. Virtually any kind of data can be presented to a user via a control. For example, the personnel department of a business may maintain employee records, including name, salary information, birthdate, social security number, etc., in a database which is accessible through a control of a GUI. In this case, the control provides the business with quick and easy means to view, update and/or edit those records. In software applications utilized by companies that take orders for products by telephone, a variety of customer information can be input and later viewed through controls, including such sensitive information as credit card numbers.
Clearly, not all users of data processing systems will have the need to access all information available through a control or group of controls of a GUI. Some information will be privileged, and it would be preferable to restrict access to certain users. The manager of the hypothetical personnel department may require personal access to each employee's salary or home telephone number, but may wish that other members of the personnel department be kept from viewing this information. Employees filling orders taken by telephone will need the name and address of the customer and the list of items ordered, but not the customer's credit card information.
One current technique employed for providing security for data input to a control is to prevent the display of the data being input. This technique is routinely used for passwords. This type of control is known as an input control. When the display of existing information of a database is desired, access privilege is currently provided via redesigning the entire panel or screen displayed to the user. This type of output control is expensive to create, since it requires significant additional work by a programmer, often leads to a more complicated user interface, and is memory intensive. In general, these approaches prevent access and design uniformity, greatly increase development and maintenance costs, make the system harder to use, and require that more time and money be spent on user education.
Therefore, a need exists for a method and system of providing security to a control while allowing uniformity of design, without the introduction of extraneous controls, such as pushbuttons, and the resulting loss of limited GUI screen space.