PatentBrief
← Back to patent
PatentBrief · Patent BriefUS 9741006

Managing Who Can Do What in Complex Business Workflows

A system that uses two separate, configurable matrices to strictly control which users can view specific data or perform specific actions within a business process based on their assigned roles.

Patent Number

US 9741006

Status

Active

Filing Date

May 14, 2010

Grant Date

August 22, 2017

Expiration

~May 2030 (estimated)

Claims

23

Assignee

Oracle International Corp

Inventors

Vladimir Svetov, Ravi Rangaswamy, Viswanathan Umapathy, Mohan Kamath

Citations

1 forward · 132 backward

What it covers

This system manages access control in business workflows by decoupling task contents from task actions. It uses a workflow manager with a graphical user interface to display two distinct matrices: one for controlling access to data (task contents) and another for controlling access to operations (task actions). These matrices map logical roles—such as creator, assignee, or reviewer—against specific items, allowing the system to dynamically disable or enable options in real-time as the state of a task changes. For example, if a document is in the 'Review' state, the system automatically restricts the 'Edit' action for the 'Reviewer' role while allowing it for the 'Owner' role.

What it doesn't cover

  • Does not cover access control systems that rely solely on static, global permissions rather than task-state-dependent matrices.
  • Does not cover systems that do not distinguish between access to data contents versus access to specific task actions.
  • Does not cover basic role-based access control (RBAC) that lacks the two-matrix graphical interface structure defined in the claims.

The clever bit

The innovation lies in splitting the access control into two distinct matrices—one for 'what' (contents) and one for 'how' (actions)—and linking them to the real-time state of a workflow task, allowing for highly granular security that updates automatically.

Why it matters

In large enterprise environments, managing permissions for complex workflows is error-prone. This patent provides a structured, visual method for administrators to define granular access rules that adapt to the lifecycle of a business process, reducing the risk of unauthorized data exposure or improper task execution.

Real-world examples

  • 1.Oracle BPM Suite
  • 2.Enterprise workflow automation platforms
  • 3.Corporate document approval systems

Generated by PatentBrief · Not legal advice · patentbrief.org

US 9741006 · 2026