In our cloud-based time-limited transaction manager we name 'rights' each specific role a user might assume, or a role that might be required to call some specific (subset of) APIs. For example: to call into services provided by a back-end server, the 'User' right is needed; in order to define new APIs which will be used to interact with back-end servers, the 'Developer' right must be used; and in order to have read-only access to the API call log for a specific solution's API calls, the 'Auditor' right is needed.
Right's 'signatures' are a two-letter shorthand notation defined for each right, a right's 'short name' is composed by one or two words defining the role. The complete set of defined rights is stored inside our finite state automaton, and is intimately related to users and methods, as depicted in Figure 8 and to be detailed shortly.
The complete list of currently defined rights includes, in alphabetical order: 'AD' (authorization to run queries), 'BM' (authorization to credit and/or charge to/from other users' current balance), 'DG' (authorization to inspect the pending transaction queue), 'DV' (authorization to be (co)responsible for a solution), 'GA' (authorization to transfer balance from a group of users to individual users), 'QM' (authorization to manage queries), 'SM' (authorization to manage the whole system), 'TR' (authorization to modify documentation), 'UA' (authorization to create new users and user groups) and 'US' (basic authorization to login and call the services of our transaction manager).
US Patent Requested