AU9140901A - A customer data structure - Google Patents

A customer data structure Download PDF

Info

Publication number
AU9140901A
AU9140901A AU91409/01A AU9140901A AU9140901A AU 9140901 A AU9140901 A AU 9140901A AU 91409/01 A AU91409/01 A AU 91409/01A AU 9140901 A AU9140901 A AU 9140901A AU 9140901 A AU9140901 A AU 9140901A
Authority
AU
Australia
Prior art keywords
identity
registered
service
class
customer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU91409/01A
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telstra New Wave Pty Ltd
Original Assignee
Telstra New Wave Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AUPR1537A external-priority patent/AUPR153700A0/en
Application filed by Telstra New Wave Pty Ltd filed Critical Telstra New Wave Pty Ltd
Priority to AU91409/01A priority Critical patent/AU9140901A/en
Publication of AU9140901A publication Critical patent/AU9140901A/en
Abandoned legal-status Critical Current

Links

Description

S, 1 9 -,1 t 0 1;17:04 ;Davies Collison Cave ;61 3 92542808 6/ 32 P10IHI Ragu~ailo 3.2
AUSTRALIA
Patents Act 1990 COMPLETE SPECIFICATION STANDARD PATENT
(ORIGINAL)
0 .*00 0
S
0 o Name of Applicant: Telstra New Wave Pty Ltd, ACN 070 562 935, of 242 Exhibition Street, Melbourne, Victoria 3000, Australia Actual Inventor(s): Address for Service: Invention Title: Details of Associated Provisional Application: DAVIES COLLISON CAVE, Patent Attorneys, of 1 Little Collins Street, Melbourne, Victoria 3000, Australia A customer data structure PR1537/00 The following statement is a full description of this invention, including the best method of performing it known to us:- -1- I.19-)F-01;17:04 ;Davies Collison Cave ;139520 /3 ;61 3 92542808 7/ 32 PWC'E T IS3T4Q VD0AcL NCOMMef -2- A CUSTOMER DATA STRUCTURIE The present invention relates to a customer management system, and in particular to a data structure for the system for maintaining data relating to customers of an organisation.
For an organisation to perform effectively, it must record information about the products and services supplied to individual customers, and information about the customers themselves. Furthermore, the rise of the Internet and electronic business methods has meant that a customer may interact with the organisation in a number of different roles, may utilise a number of services with differing authentication and authorisation requirements and may even register themself under several different identities or personas.
For example, a person may represent themselves to the organisation differently, depending on whether they are interacting in a private capacity or in a business capacity, effectively defining two personas for interacting with that organisation.
In cases where a disparate array of products and services may be offered to a wide variety of different customer types, a commensurately wide and disparate range of information must be stored. This information includes details about who the customer is, their relationships to other customers, (for example a person may be the authorised representative for a business customer as well as being a customer in their own right) the services of the organisation that the customer is permitted to access and the authentication a customer may use to gain access to those services.
The ability to effectively store and access information related to the various aspects of the x: customer's interaction with the organisation, in an integrated manner, would improve the level of customer service, and thereby the overall performance of the organisation.
However, existing data structures do -not provide sufficient business flexibility to deal with all the various aspects of the interaction. They do not separate the roles a person may have from their identity as an individual and they do not address the fact that the one person may represent themselves to the organisation in several different personas. Furthermore, 19-.1t-01 :17:04 ;Davies Colison Cave ;61 3 92542808 8/ 32 NRt&V. 2WI -3the low level of abstraction of existing data structures means that they become complex and unwieldy when applied to a large Organisation with diverse products and customers.
Because these structures specifically mirror individual business requirements, additional elements must be added as new business requirements emerge. These existing structures contain either customer/service information at a business level, or authentication/access information at a technical level, but do not provide both kinds of information in a simple, unified data structure. It is desired, therefore, to provi de a simple yet comprehensive data structure for a customer management system for maintaining data related to a customer of an Organisation, including the personas of that customer, the authenticators they mnay use, the services supplied to that customer and relationships between customers, or at least provide a useful alternative.
In accordance with the present invention there is provided a customer management system having a database with a data structure including: a registered identity class defining a plurality of identity types, and registered identities with at least one of said types; and a membership class defining hierarchal relationships between registered identities of said registered identity class.
20 Preferably said types include persona.
Advantageously, the data structure may include an authentication class, defining identifiers and authentication elements for a registered identity of said registered identity class.
*.:Advantageously, the authentication elements do not need to be embedded within the registered identity class.
Preferably said hierarchal relationships include relationships between individuals and organisations, between individuals or between an individual and any associated personas.
I.19-11"-0 1;17:04 *Davies Colison Cave :139520 /3 ;61 3 92542808 9/ 32 -4- Advantageously, the data structure may include an authorisation class defining whether an authentication entity of the authentication entity class is permitted access to a service instance of a service instance class. The data structure may also include an authentication group class and an authorisation group class.
Advantageously, the data structure may include a parameter setting class and a context filter class to maintain details necessary to execute a plurality of authentication authorisation scenarios. The data structure may also include a usage distributor class to define how usage of services is to be apportioned for billing purposes.
Advantageously, the data structure fuirther includes a service arrangement class defining service arrangements for registered identities of said registered identity class. A service arrangement class may maintain details of the service arrangements and is referred to by one of plurality of service instances of said service instance class. Advantageously, the service arrangement class is linked to one or more service arrangement registered identity role classes containing a registered identity identification and a role type representing the role for a registered identity for a service arrangement.
The present invention also provides a customer management system having a database with a data structure including: a registered identity'class defining a plurality of identity types, and registered identities with at least one of said types; and an authentication class defining identifiers and authentication elements for a 25 registered identity of said registered identity class.
The present invention also provides a customer management system having a database with a data structure including: a registered identity class defining a plurality of identity types, and registered identities with at least one of said types; and a service arrangement class defining service arrangements for registered identities of said registered identity class.
S119-,11v-01 :17.'04 ;Davies Coll son Cave 6392488#1/2 ;61 3 92542808 10/ 32 PflOPEIDSWt$I(37-W .pdeI- 9 NaimbA, 2W: Preferred embodiments of the present invention are hereinafter described, by way of example only, with reference to the accompanying drawings, wherein: Figure I s a block diagram of a preferred embodiment of a customer management system connected to components of a distributed system of an organisation; Figure 2 is a unified modelling language diagram showing core features of a preferred embodiment of a customer data structure of the customer management system; and Figure 3 is a unified modelling language diagramn the customer data structure of the customer management system.
A customer management system 50 for an organisation, as shown in Figure 1, has a database 52 that holds data representative of customers of the organisation using a data structure, as shown in the Figures 2 and 3. The customer management system 50 is a computer system that may reside in a single location or bave distributed components over a communications network for the system. The customer management system 50 can be ***connected, as shown in Figure 1, to operate with other product and service delivery components of an organisation. For example, the system can communicate with customer registration and service enrolment systems 54 and customer identification authentication *and authorisation systems 56 that interface with customer equipment 60 over a communications network 62, such as a LAN, the Internet or the PSTN. The customer management system 50 is also able to communicate with back-end customer relationship management systems 64 that maintain customer contact histories, back-end service management systems 66 for provisioning and service assurance, and billing systems 68, 0 configuration systems 70 and data warehouse systems 72 of the organisation. As will be apparent from the following description, the data structure provides a simple but powerful architecture for storing information about the customer of a business organisation. This SS**information includes the identities or personas the customer mnay use to represent themseWf their relationships with other customers, the services a customer may access, the roles the customer may play in relation to those services and the identifiers or authenticators a customer may use to make themselves known to the business.
19-11-01;17:04 ;Davies Collison Cave ;61 3 92542808 11/ 32 uoAl or10vt.*, 2001 -6- The data structure can be conveniently represented in terms of object-oriented classes and indicative attributes using Universal Modelling Language (UML) conventions and syntax. Figure 1 shows the core high-level features of the data structure in UML notation, as follows.
A Registered-Identity class 2 contains information on the identity of any party who makes themselves known to the business. This includes a Registered-Identity-Type that indicates whether the identity pertains to an individual, a business organisation, a business organisational position/function, an informal organisation such as a group or household, or an anonymous party. Each Registered-Identity is given an Identity-Assurance-Level which is used to determine the level of rigour applied when corroborating the Identity-Assurance- Details which have been provided.
Many Registered-Identities will have relationships with other Registered-Identities. For 15 example, the relationship between individuals and the household they are members of, the relationship between several identities representing different personas of the one person, or the relationship between different corporate entities within a corporate organisational structure. These relationships are defined within the customer data structure by a Hierarchy-Membership-Node class 3. Each relationship between Registered-Identities is 20 characterised as a hierarchical parent or member relationship. Hence this class contains a Member-Registered-Identity, a parent Parent-Registered-Identity, and a Link-Type that indicates the nature of the relationship, such as "is a persona of', "is an employee of', "is a member of', and "reports to". Any number or combination of relationships between Registered-Identities is allowed.
Each Registered-Identity known to the business has zero or more service arrangements with the business and is represented by a Service-Arrangement class 4 in which the Service-Status indicates whether the service has been Ordered, Active, Cancelled, and so on. Each Service-Arrangement class 4 is linked with one or more Service-Arrangement- Regisiered-Identity-Role class instances 5 that each contain a Registered-Identity-Id and a Role-Type indicating the nature of the role played by the indicated Registered-Identity for 19-,11-01;17:04 ;Davies Collison Cave ;61 3 92542808 12/ 32 PxCfismDWis37CO FwciC kduwa*P. i -7the indicated service arrangement, such as "is authorised rep for", "is paying customer for", "is administrator for", and so on.
The four classes 2 to 5 on the right-hand of Figure 1 all contain business level information.
Technical information for a customer is contained in five classes 6 to 10 of the left-hand side of Figure 1, as described below.
Each instance of an Authentication-Entity class 6 contains details of an authenticator issued to a customer whose identity is held in the Registered-Identity class 2. The Authentication- Entity class 6 includes a username/password pair or other credentials such as digital certificates, Member-of-Group data indicating a name for each group that the entity belongs to, Context-Filter data to restrict recognition of the entity only when the Context- Filter data matches external context filter data, and a System-Element-Id which represents a device or application in cases where the entity is not a person or persons.
*15 A Service-Instance class 7 contains the implemented or network view of a service. For any one Service-Arrangement class 4 there may be multiple Service-Instances corresponding to the various individually invokable functions or capabilities that are bundled within that business arrangement. The Service-Instance class 7 includes a Product-Offering-Id that 20 indicates which product offering this service instance is an instance of, and an Authorisation-Id which refers to the instances of an Action-Authorisation class 8 that relate to this service instance.
o9099@ The Action-Authorisation class 8 indicates which Authentication-Entity 6 is authorised to use a particular service indicated by a Service-Instance class 7. The Action-Authorisation 0999 class 8 also includes Member-of-Group data and Context-Filter data as discussed above.
99 An Authentication-Group class 9 and an Authorisation-Group class 10 are subclasses of the Authentication-Entity class 6 and the Action-Authorisation class 8, respectively, and enable group authentication and authorisation scenarios. Each subclass contains a Distinguished Name for each parent class entity that inherits this entity's Action- 19;,11--01:17:04 ;Davies Collison Cave '61 3 92542808 13/ 32 PVPMfl0DW~L531AQWaDC.I9 Hmeane, 2W01 -8- Authorisations and authorised actions members of the authorisation group), respectively.
The complete customer data structure is shown in UML notation in Figure 2. This illustrates the various classes available to support different customer types, including Organisation 11, Individual 12, Anonymous-Party 13, and Defined-Identity 14. The Defined-Identity class 14 allows customers to define an identity type for themselves, such as an organisational function or a persona, and Anonymous-Party 13 is used for customers which are only known through some foreign key values, such as a credit card number.
Complex authentication and authorisation scenarios are supported by combinations of various factors. The Context-Filter class 15 defines restrictions on the values that a named parameter value contained in Param-Setting 16 can have in order to be validated. This could be used with ServiceInstance-Profile-Item 17 to restrict access to a particular time of day, for example.
Usage charges may be distributed according to information stored in the Usage-Distributor 18, which specifies which Service Arrangement to distribute a usage record to, according to Action-Authorisations. Further flexibility is allowed by maintaining separate Billing- Arrangement 19 and Payment-Arrangement 20 structures.
Further details of all the classes and attributes are given in the accompanying Appendix.
*e400 The high level of abstraction and use of recursive data structures within the overall customer data structure supports multiple business requirements and relationships in a flexible and adaptable manner. It allows the business to develop a "whole of customer" profile based on all the services a customer owns or uses and all their relationships with others In particular, the features of the structure supporting the concept that the one customer may have several identities or personas, the identity exists independently from the authenticators used to gain access to services and the various roles it has in relation to services enables the business to maintain this profile over time, catering for any changes to 1.19i-)1- 01 ;:17 '0 4 ;Davies Coli son Cave:6 392488# 4/ 2 ;61 3 92542808 14/ 32 M.OMmDDWi~r17.QopWao, 9~ -9individual services or relationships as they occur. This also enables identity information to be maintained even if the customer has no associated products or services. The customer data structure provides a unified way of dealing with technical security/service access information and business level customer/service informnation so that, for instance, a customer's business role with respect to a service is directly related to their authentication and service usage authorisation details. All aspects can be dealt with in the one environment,, thus avoiding synchronisation problems.
The customer data structure is applied in a number of ways. Advantageously it is used as a common structure that forms the integration focus of a distributed corporate environment, where various segments of the structure are implemented in different systems and applications. In cases where these applications have differing internal data structures, each of these internal structures is mapped to the customer data structure to maintain consistency. Together, they deliver an integrated information resource covering the complete scope of the customer data structure. More directly, it is realised as a stand-alone database implementation delivering all parts of the data structure. Additionally, the customer data structure may be realised as a combination of database and directory implementations which together deliver the full data structure.
Many modifications will be apparent to those skilled in the art without departing from the scope of the present invention as herein described with reference to the accompanying drawings.
*see*: *Wbe A0 19-j1-01;17:04 ;Davies Collison Cave ;61 3 92542808 15/ 32 P1OPEfDBOprtSt-a po.lw-19 Noumber, zmI
APPENDIX
The following is a listing and brief description of all the classes and indicative attributes used in the customer data structure and shown in Figure 2.
Action-Authorisation Authorises an Authentication-Entity or set of Authentication-Entities to use a particular service.
Attributes: Authorization-Id: Locally unique identifier for this authorisation within the scope of the Authentication- Entity it is attached to.
Service-lnstanee-ld Id for the Service-Instance that the authorisation pertains to.
Authentication-Id Authcntication-Entity that this authorisation applies to.
Member-Of-Group: Distinguished Name for each Authorization-Group that this entity is a member of.
Context-Filter: The filter items that must be met as a prerequisite for the action to be authorised.
Anonymous-Party Identity information related to a Registered Identity that is known only through some foreign key values.
Even though a party may only be known by some external key such as a credit card number and may not reveal any other information about themselves it is stil possible to foster a business relationship with that party.
This subtype represents the Registered Identity of such an anonymous party.
30 Attributes: Foreign-Identificr-Type: The type of the foreign key value that is being used to register the anonymous identity (eg Visa Card, Prepaid Smartcard) Foreign-Idcntifier-Detail: 35 The detail, including key value or id of the foreign identifier (eg visacard number "4231 /2235 4456 9989") Authentication-Entity •Represents the Identifier of a user from the perspective of access to a system. An 40 Authentication Entity will usually correspond to a particular Registered-Identity, but in some cases may be totally anonymous in terms of who it belongs to.
Attributes: Authentication-Id: A globally unique identifer for the Authentication-Entity.
45 Useruame: A short name for user login, possibly qualified by a domain, Member-Of-Group: Distinguished Name for each group that this entity is a member of.
Context-Filter: Filter to restrict recognition of this entity to only when the context filters are matched.
Registered-Identity: The Registered-Identity (eg person) that this entity actually represents (if any).
19-11-01;17:04 ;Davies Collison Cave ;61 3 92542808 16/ 32 I'tOILPRDW17pS 7.qd pe. 19 NWlNv f. 2001 -11- System-Element-Id If this entity represents a device or application rather than a person, this attribute contains the reference to that device or application.
Authentication-Group An Authentication-Group is a subclass of Authentication-Entity that allows other Authentication-Entities to inherit all its Action Authorisations and Param-Settings. This mechanism can be used to form groups or roles. The role may be represented by an Authentication-Group (that may have no credentials itself), and various Action- Authorisations and Param-Settings are associated with it. The "users" (ie Authentication- Entities) who may act in the role are listed as members.
This mechanism can also be used to represent different authentication levels for the same user. Basic Action-Authorisations are attached to an Authentication-Group with the lowest strength credentials (eg usename/password). A user logging on with these credentials is recognised as being that entity.
Another Authenticated-Entity representing a higher strength access (eg digital certificate) is made a member of the group More Action-Authorisations are attached to the second entity that represent what else the user can do when logged in using the stronger credentials. This differs from the use of Authenication-Groups as "roles" in that in this situation the group entity is authenticated, wheras no-one is ever authenticated directly as the role, only as a member of the group.
Attributes: Member: Distinguished Name for each Authetication-Entity that inherits this entity's Action- Authorizations (ie the members of the group) 0 30 Authorisation-Group An Authorisation-Group is a subclass of Action-Authorisation that allows other Action- Authorisations to inherit all its authorised actions on a Service-Instance.
This mechanism is used to provide the one Authenication-Entity with access to multiple Service-Instances.
Attributes: Member: Distinguished Name for each Action-Authorization that inherits this entity's authorised actions (ie members of the authorisation group) Billing-Arrangement A Billing Arrangement represents the information used to turn usage records into charges.
Attributes: Bniinig-Arrangement-Id: Unique identifier ofa Billing Arrangement S* Billing-Arrangement-Dtails: Details of the Billing Arrangement Business-Organisation An identity representing recognised business organisation.
19-11-01:17:04 ;Davies Collison Cave ;61 3 92542808 17/ 32 FPER~DDBWflSflm o qle.d19 Noawtr. mUl -12- Attributes: Trading-Name The trading name of the business
ABN:
The Australian Business Number or equivalent such business identifier.
Certificate A Digital Certificate as a credential.
Attributes: Certificate-Subject: The required value for the subject field of the certificate that will be accepted to authenticate an entity.
Context-Filter Authentication-Entities, Action-Authorisations and Param-Settings may all have "Context- Filters" attached to them (as attribute values). A Context-Filter will specify some restriction on the values that the named context variable must take in order for the entry to be authenticated, the action to be authorised or the Param-Setting to be active.
An example of the usage of a context filter is where, even with an authorised username/password, a user is permitted access only between certain times of the day (eg during business hours).
Attributes: Context-Filter: The filter expression (eg IP-Address=137.147*) Credential Where authentication is to be based on presentation of credentials, an auxiliary class representing those credentials will be included in the Authentication Entity's entry.
30 S Initial sub-types for Certificate and Password are described, however further subtypes are possible.
Attributes: Credential-Id: 35 Identifier of the Credential Credential-Type: Type of credential eg Password, Certificate etc.
Defined-Identity 40 A Defined-Identity is a Registered Identity which may be a Persona (eg "John at Home", "John at Work"), an organisational function (eg "Systems Administrator") or some other type of identity which a customer may wish to define.
Attributes: Dcfincd-Identity-Type: 45 The type of Defined Identity.
Examples "Persona", "Business function/position" Dcfined.ldentity-Name: The name associated with the defined identity.
Examples: "John at Work", "John at Home" (Personas), 19-11-01 ;17:04 ;Davies Collison Cave ;61 3 92542808 18/ 32 PMODPWI( 37pDs7alocMc.l9 Nofler, 2001 -13- "Systems Administrator", "Payroll Manager" (Organisational Positions) Hierarchy An individual hierarchy instance.
Attributes: Hicrarchy-Id: A unique identifier for this particular hierarchy instance.
Description: The description of this particular hierarchy instance. (eg ABC Pty Ltd's corporate organisational hierarchy) Hierarchy-Type: The type of hierarchy represented by this instance (eg Organisational hierarchy, person to person relationship etc) Hierarchy-Level A level within a multi level hierarchy, Attributes: Hierarchy-Id: A unique identifier for this particular hierarchy instance.
Hierarchy-Level The relevant hierarchy level (eg The top of the hierarchy is Level 1, the next layer down is Level 2 ete) Hierarchy-Level-Attribute Attributes that will be applied to a Hierarchy Membership Node, based on its level in the hierarchy.
For example a hierarchy may be used to link the various Personas used by the one person.
At Level 1 of the hierarchy an attribute will be attached to the membership node 30 representing the "Whole of customer value", ie the total value of that customer as a whole across all the personas that they use.
Attributes: Hicrarchy-ld Unique identifier for the hierarchy instance.
Hierarchy-Level: Identifies a level within the hierarchy instance Hierarchy-Levcl-Attribute: Details of an attribte that is applicable to member nodes at this level of the hierarchy.
Hierarchy-Membership-Attribute Attributes that are specifically applicable to this hierarchy node instance.
Attributes: Hicrarchy-Membership-Nodc4ld: Identifes the relevant hierarchy membership node.
Hicrarthy.Membership-NodcAttribute An attribute applicable to this particular Hierarchy Membership Node.
Hierarchy-Membership-Node A hierarchy is used to represent the differerent relationships that may exist between Registered-Identities. A hierachy may have two or more levels. Relationships that may be represented include: 19-11-01;17:04 ;Davies Collison Cave ;61 3 92542808 19/ 32 B9Ntor.,lrOl -14a single party to single party relationship eg "John at Home" is a persona of"John Smith" a group membership relationship eg "John Smith" "Mary Smith", (registered as individuals), are members of"Smith Household", (registered as an organisation) a multilevel corporate organisational hierarchy.
Attributes: Hierarchy-Id: A unique identifier for the hierarchy instance (eg this particular relationship) Member-Registered-Idenlly The Id of the Registered Identity that is the member/subject of this hierarchy node.
Parent-Registered-Ideptity: The Id of the Registered Identity that is the parent of this hierarchy node.
Link-Type: A qualifier for the relationship between the member and the parent Eg "Is a persona of', "Is an employee of", "is a member of', "reports to" Individual The identity information related to a Register-Identity that represents a person.
Attributes: Full-Name: The full name registered for the person Personal-Title The person's title eg Ms, Mr, Dr Given-Name The person's given name eg Mary Initias: Some or all of the person's initials eg M J Surname: The person's family name Date-Of-Birth 30 The person's date of birth Order An Order for a Service Arrangement Attributes: 35 Scrvice Arrangement Id The unique identifier of the Service Arrangement to which the order relates Order-Id: Identifer for the order Order-Status: 40 Status of the order eg Pending, Fulfilled etc.
Order-Detail: Details of the content of the order eg Products ordered, required date etc.
•Organisation A Registered-Identity that represents some form of organisation or group. It may be a formal Business Organisation or and informal organisation such as a Group, Community of Interest, Household etc.
Attributes: Description The description of the organisation (eg "Smith Household", "Geelong Football Club Members Discussion Group" etc Afliation-Basis: The organisation's basis of affiliation. Eg "Registered Business", "Household at 5 Main St Burwood" etc.
19-J1-01 17:04 ;Davies Collison Cave ;61 3 92542808 20/ 32 POFERDBWpri37-wmadoc.ls Nor, 2001 Param-Setting This is a value for a Product-Param potentially qualified by a context item. Where no context filter is given, the parameter value may be used for any Service-Instance. A value with a more specific context will override it.
Where a Param-Setting is attached to an Authentication Group, it gives the parameter a default value for all the subordinates of the group. A Param-Setting for the same parameter attached to a subordinate Authentication-Entity will override the default provideing the scope is equivalent or more specific.
Attributes: Param-Name: The name of the parameter that the given value is for.
Param-Value: The parameter value, the type must match that specified by the Product-Param of the same name.
Context-Filter The param-Setting will only be active when the current context matches that given.
Password The Password as a credential in a Username/Password combination.
Attributes: Password: Current password for a user login, not generally displayed in clear text at any point.
Last-Modificd-Time: Time the password was last changed 99 9 Payment-Arrangement A Payment Arrangement represents a formal arrangement for the payment of an account (eg via a monthly direct debit, credit card authorisation etc).
•Attributes: S* Payment-Arrangement-Id: Identifier for the Payment Arrangement Payment-Arrangement-Details: 35 Details of the Payment Arrangement Product-Offering A Product available to customers, either in its own right or as part of a larger offering.
•Attributes: 40 Product-Ofiering-Id: Identifer for the Product Offering within the catalogue of available.products.
Product-Param Represents a particular type of parameter that may be associated with a type of Product.
The Procuct-param represents "values" for charcteristics associated with the Product- Offering.
Attributes: Param-Name: The name of the parameter.
19;11-01;17:04 ;Davies Collison Cave ;61 3 92542808 21/ 32 PJPUpWwI rI"wl-m .ndoc-19 Nminb 2OI -16- Description: A description of the intended use of the parameter.
Param-Spccification The syntax, type and units of the parameter.
Registered-Identity Registered-Identity holds the information related to the identity of any party that is registered by the business. The party may be an individual (ie person), an organisation (eg a business or a group/community), a persona used by an individual (eg "John at Work"), a business function/position (eg systems adminstrator) or an anonymous party.
The information held relates to the actual identity, ie details provided by the relevant party on who they are (eg their name).
Attributes: Registered-Identity-Id: A globally unique identifer for the Registered-identity. This is an internal identifier used within the systems environment. It is unlikely to be the identifier used by the party themselves. (The Authentication-Entity represents the identifier(s) used by the party.) Registered-Identity-Type Examples: Individual, Organisation Identity-Assurancc-Level: A Registered-Identity may be given a level of assurance based on the degree of rigour applied to coroborating the identity details which have been provided.
An uncoroborated identity would have a low level of assurance, while an identity coroborated via a "100 point check" would have a high level of assurance.
IdentityAssurance-Details Details of the items used to coroborate the identity (eg passport, existing customer account 30 etc) Registered-Identity-Address An address associated with the Registered Identity.
The one Registered Identity may have multiple address, each having a different usage. Eg Legal address, postal address, home address etc.
Attributes: Reglstered-ldentity-ld: Unique identifier for the Registered-Identity Address The actual address string (structured or unstructured).
Address-Usage: The usage of the address, eg Home address, Legal address, Postal address, Trading address etc.
a Service-Arrangement A Service Arrangement represents the business view of a service (-account) and is the aggregation point for what the customer has bought or will be billed for.
Attributes: Scrvice-Arrangement-Id Unique identifier for the business level Service Arrangement Service-Status: Status of the Service Arrangenment Eg Ordered, Active, Cancelled etc 19-31.-01;17:04 ;Davies Collison Cave ;61 3 92542808 22/ 32 POflSDW153fll n70( peAc.l9No UKt 2001 -17- Service-Arrangement-Registered-Identity-Role A business role that a Registered Identity may play in relation to a Service Arrangement.
Eg: ABC Pty Ltd Is the paying customer for Service Nbr 96342880 John Smith Is the authorised rep for Service Nbr 96342880 Attributes: Service-Arrangement-ld: A unique identifer for the Service Arrangement.
Reglstered-Identity-Id: The identifier of the relevant Registered-Identity.
Role-Type: The type of role, eg "Is Authorised Rep for", "Is paying Customer for", "Is Administrator for" etc.
Service-Instance This represents the implemented or network view of a service. (The Service-Arrangement represents the business view of the service.) For the one Service Arrangement, there may be multiple Service Instances corrsponding to the various individually invokable functions or capabilities that are bundled within that business arrangement.
Attributes: Servicc-lnstancc-Id Unique identifier for the service instance. It could consist of an identifier for the service domain combined with an identifer unique within the domain.
Authorisation-ld: Reference to the Action-Authorisations that relate to this Service-Instance.
Servce-Arrangement-Id 30 The Service-Arrangement that this Service-Instance belongs to.
Prodnet-Offering.Id: The Product-Offering that this Service-Instance is an instance of.
Service-Instance-Profile-ltem 35 Represents a parameter for a Service-Instance that controls some major aspect of access to the service, such as bandwidth requirements, authentication class details, where authentication accurs (eg network address of an authentication service), quality of service parameters.
Attributes: 40 Paran-Namc; The mename of the parameter that the given value is for.
Param-Value: The value held within the parameter. The type of parameter must match that specified by the Product-Param of the same name.
System-Element A device or application.
Attributes: System-Element-Id Identifier for the device or application Element-Type The type of clement or device.
19-;1,-01;17:04 ;Davies Collison Cave ;61 3 92542808 23/ 32 PR.elAnDfaWfrim 4etc.1 Ntevneh, 200 -18- Usage-Distributor Allows the distribution of usage records (and therefore charging) to Service-Arrangements to be specified for the corresponding Action-Authorisations. The authorisations may be directly attached to the Authentication-Entity or inherited by that entity through group memberships. The allocation of usage records to Service-Arrangements may be split in some proportion or according to the usage type. The usage types will depend on the particular product.
Attributes: Usage-Distributor-Id Locally unique identifer for this Usage Distributor within the scope of the Authentication- Entity it is attached to.
Anthorisation-Id Idnetifier for the Action-Authorisation that this distribution is referring to. Empty if a default distribution for the given Authorisation-Id is being specified.
Authenticatiuon-d Identifer for the Authentication-entity that the relevant Authorization has been inherited from. Can only be empty if "Authorisation-Id" is also empty. In that case, an overall default distribution is being specified.
Makable If "true" and a group member is invoking the Action-Authorisation, this distribution only occurs if the member doesn't have it's own applicable Usage-Distribution, If "false", this distribution occurs as well as the member's distribution.
Dixtribute-To: Identifies the type of usage records to distribute, which Service Arrangement to distribute the usage record to, the percentage allocation to the given Service Arrangement.
S

Claims (5)

  1. 2. A customer management system having a database with a data structure including: a registered identity -class defining a plurality of identity types, and registered identities with at least one of said types; and an authentication class defining identifiers and authentication elements for a registered identity of said registered identity class,
  2. 3. A customer management system having a database with a data structure including: a registered identity class defining a plurality of identity types, and registered identities with at least one of said typs; and a service arrangement class defining service arrangements for registered identities of said registered identity class.
  3. 4. A customer management system as claimed in any one of the preceding claims, wherein said types include persona.
  4. 5. A customer management system substantially as hereinbefore described with reference to the accompanying drawings.
  5. 19-11-01:17:04 ;Davies Collison Cave ;61 3 92542808 25/ 32 PM OPEi BW IIIO w I7.410 onwaa, Prll 6. The steps, features, compositions and compounds disclosed herein or referred to or indicated in the specification and/or claims of this application, individually or collectively, and any and all combinations of any two or more of said steps or features. DATED this 19 h day of November 2001 Telstra New Wave Pty Ltd By its Patent Attorneys DAVIES COLLISON CAVE a.* a a *r 9*.a* a a
AU91409/01A 2000-11-17 2001-11-19 A customer data structure Abandoned AU9140901A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU91409/01A AU9140901A (en) 2000-11-17 2001-11-19 A customer data structure

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AUPR1537A AUPR153700A0 (en) 2000-11-17 2000-11-17 A customer data structure
AUPR1537 2000-11-17
AU91409/01A AU9140901A (en) 2000-11-17 2001-11-19 A customer data structure

Publications (1)

Publication Number Publication Date
AU9140901A true AU9140901A (en) 2002-05-23

Family

ID=25641423

Family Applications (1)

Application Number Title Priority Date Filing Date
AU91409/01A Abandoned AU9140901A (en) 2000-11-17 2001-11-19 A customer data structure

Country Status (1)

Country Link
AU (1) AU9140901A (en)

Similar Documents

Publication Publication Date Title
US20020143961A1 (en) Access control protocol for user profile management
US7730092B2 (en) System and method for managing user profiles
US6772157B2 (en) Delegated administration of information in a database directory
EP2510473B1 (en) Unified user login for co-location facilities
US20040250120A1 (en) System and method for permission administration using meta-permissions
US20050027713A1 (en) Administrative reset of multiple passwords
US20080235231A1 (en) Computer-Implemented Systems And Methods For Database Access
US20060294580A1 (en) Administration of access to computer resources on a network
EP1829316B1 (en) Means and method for control of personal data
US20030163438A1 (en) Delegated administration of information in a database directory using at least one arbitrary group of users
US20040010606A1 (en) Identifying dynamic groups
US6898595B2 (en) Searching and matching a set of query strings used for accessing information in a database directory
US20040073668A1 (en) Policy delegation for access control
EP2405607A1 (en) Privilege management system and method based on object
US6678682B1 (en) Method, system, and software for enterprise access management control
US20090210930A1 (en) Method of authenticating a client, identity and service providers, authentication and authentication assertion request signals and corresponding computer programs
KR20020036792A (en) Automated provisioning system
CN105871914A (en) Customer-relationship-management-system access control method
CN1695361B (en) Device and method for centralized data management and access control to databases in a telecommunication network
US20020095499A1 (en) Delegated administration of information in a database directory using attribute permissions
WO2002061653A9 (en) System and method for resource provisioning
US20080004991A1 (en) Methods and apparatus for global service management of configuration management databases
CN108683672A (en) A kind of method and device of rights management
Pato et al. Identity management: Setting context
Hildmann et al. Managing trust between collaborating companies using outsourced role based access control

Legal Events

Date Code Title Description
MK1 Application lapsed section 142(2)(a) - no request for examination in relevant period