公开(公告)号：CA2432483A1

公开(公告)日：2004-12-17

申请号：CA2432483

申请日：2003-06-17

Applicant: IBM CANADA

Inventor： KHUSIAL DARSHANAND ,  CHAN VICTOR S ,  MIRLAS LEV

IPC: G06Q30/00 ,  H04L12/16 ,  H04L9/32 ,  G06F17/60

Abstract: In electronic commerce (e-commerce) sites that are executed on a single e- commerce application, a user's session is only associated with a single user identity for e-commerce site domain. Acting under a single identity across the site may not be desired. There may be requirements to associate an individual user with one or more separate identities within parts of the site. Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e- commerce) site. The method comprises defining the e-commerce site as one or more security domain s; and in response to a user's request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance wi th the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined securi ty domain; and persisting said session for reuse. The user's request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused. Persisting may comprise providing one or more cookies defining the session to the user for associating with a subsequent request. In accordance with a feature of this aspect, the e- commerce site may define each of the one or more security domains as a hierarchy of organizations and assets owned by the organizations and the determining a one of the one or more security domains to which the operation relates may comprise evaluating the user's request in accordance with the hierarchy.

公开(公告)号：CA2686265A1

公开(公告)日：2004-12-17

申请号：CA2686265

申请日：2003-06-17

Applicant: IBM CANADA

Inventor： KHUSIAL DARSHANAND ,  CHAN VICTOR S ,  MIRLAS LEV

IPC: G06Q30/00 ,  H04L9/32

Abstract: In electronic commerce (e-commerce) sites that are executed on a single e-commerce application, a user's session is only associated with a single user identity for e-commerce site domain. Acting under a single identity across the site may not be desired. There may be requirements to associate an individual user with one or more separate identities within parts of the site. Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e-commerce) site. The method comprises defining the e-commerce site as one or more security domains; and in response to a user's request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance with the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined security domain; and persisting said session for reuse. The user's request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused. Persisting may comprise providing one or more cookies defining the session to the user for associating with a subsequent request. In accordance with a feature of this aspect, the e-commerce site may define each of the one or more security domains as a hierarchy of organizations and assets owned by the organizations and the determining a one of the one or more security domains to which the operation relates may comprise evaluating the user's request in accordance with the hierarchy.

公开(公告)号：CA2432483C

公开(公告)日：2010-04-13

申请号：CA2432483

申请日：2003-06-17

Applicant: IBM CANADA

Inventor： KHUSIAL DARSHANAND ,  CHAN VICTOR S ,  MIRLAS LEV

IPC: H04L12/16 ,  G06Q30/00 ,  H04L9/32

Abstract: In electronic commerce (e-commerce) sites that are executed on a single e-commerce application, a user's session is only associated with a single user identity for e-commerce site domain. Acting under a single identity across the site may not be desired. There may be requirements to associate an individual user with one or more separate identities within parts of the site. Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e-commerce) site. The method comprises defining the e-commerce site as one or more security domains; and in response to a user's request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance with the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined security domain; and persisting said session for reuse. The user's request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused. Persisting may comprise providing one or more cookies defining the session to the user for associating with a subsequent request. In accordance with a feature of this aspect, the e-commerce site may define each of the one or more security domains as a hierarchy of organizations and assets owned by the organizations and the determining a one of the one or more security domains to which the operation relates may comprise evaluating the user's request in accordance with the hierarchy.

公开(公告)号：CA2464992A1

公开(公告)日：2005-10-20

申请号：CA2464992

申请日：2004-04-20

Applicant: IBM CANADA

Inventor： MIRLAS LEV ,  HUBBARD MARK W ,  CHAN VICTOR S ,  KHUSIAL DARSHANAND

IPC: G06Q30/00 ,  G06F17/60 ,  H04L12/16

公开(公告)号：CA2465003A1

公开(公告)日：2005-10-20

申请号：CA2465003

申请日：2004-04-20

Applicant: IBM CANADA

Inventor： PHILIP WESLEY M ,  MIRLAS LEV ,  MCKEGNEY ROSS ,  KHUSIAL DARSHANAND

IPC: G06Q30/00 ,  G06F17/60 ,  H04L12/16

公开(公告)号：CA2432667A1

公开(公告)日：2004-12-17

申请号：CA2432667

申请日：2003-06-17

Applicant: IBM CANADA

Inventor： KHUSIAL DARSHANAND ,  CHAN VICTOR S ,  PHILIP WESLEY M ,  MIRLAS LEV

IPC: H04L12/22 ,  G06Q30/00 ,  H04L9/32 ,  H04L12/16 ,  G06F17/60

Abstract: An electronic commerce system supports web sites including on-line stores th at are accessible by a set of customers arid organizations to which stores may belong. Organizations may be defined in accordance with a tree structure. Users accessing a web site are provided with access roles for organizations. The access roles for a user define the portions of the web site for which the user has access privileges. The tree structure of the web site is used to define security domains for users. Users may have access roles of registered custom er or administrator. Users without any roles in a security domain are accorded gue st privileges within that domain.