1. Statement of the Technical Field
The present invention relates to the management of access permissions to shared resources.
2. Description of the Related Art
Network computing has revolutionized the manner in which people can cooperate in furtherance of the completion of an objective. Prior to the widespread accessibility of network computing technologies, groups of individuals collaborating with one another were able only to operate in isolated, individualistic computing environments bridged only by direct, human-to-human contact, the telephone and the facsimile machine. Most importantly, the creation and management of computing resources such as documents, messages and databases could be shared only through the reduction of the shared resource to print and the manual passing of the print copy from person to person.
The ubiquity of network computing now permits the automated sharing of electronically shareable resources including the direct access by collaborators to the shared resources of the group. These resources can include centrally stored documents and databases as are commonplace in a collaborative environment. To the extent that the shared resources can be freely accessed by all parties to a networked environment without restriction, the sharing of resources can be seamless in nature. Most sophisticated networked environments, however, do not permit unfettered access to shared resources and provide at least a degree of access control to shared resources.
Generally, access control systems limit access to shared resources based upon the identity of user attempting access to the shared resource. The limited access can range from a complete denial of access to the shared resource to a restriction on the operations that can be performed on the resource, such as whether the resource can be edited, printed, deleted or otherwise modified. In many cases, the access limitations can be based not just on the express identity of the user attempting access, but also the access limitations can be based upon the location of the user, the class of user, or any other recognizable factor.
Oftentimes in a networked environment, a reference to an underlying shared resource can be incorporated in a second resource, such as an e-mail, instant message, and a shared document, to name a few. In this way, a viewer accessing the second resource can easily navigate to the underlying resource by merely selecting the link. Yet, problems can arise where the viewer does not enjoy suitable access rights to the linked, underlying resource. For example, when the viewer attempts to access the underlying shared resource by selecting the embedded link, the viewer can be denied access completely without providing any recourse to the viewer. In this circumstance, the viewer is left to manually resolve the denial of access by locating a party having rights to modify the access control limitations for the underlying resource in favor of the viewer.