Following on from my previous post, I was searching for how other developers handled the definition of what roles are allowed to perform which tasks in a declarative programming model. The approach that was being taken is to be able to Allow or Deny authorization to perform a task. This is more complicated than just listing all the roles that were allowed to perform a task, so a bit of research into alternatives was started. The search results brought up this Role Based Access Control page with references to US Patent Office search results. It’s kind of both scary and ridiculous how many patents exist regarding role based security in software. Do these patents overlap in applicability? Or are they so specialized that overlapping is less of an issue?
It just seems like software patents in particular are like a weapons stockpile in the cold war. If you’re a small player, then you can be swatted like a fly if need be. If you’re one of the big players, just keep your hand off the big red lawyer button or all hell will break loose. Patent missiles would fly thick and fast if one of the big boys like IBM, Microsoft, HP or Sun decided to go at it. So they’re probably forced to accept the “Software Patent Deterrence” strategy as a defensive approach and only go on the attack in rare circumstances (considering the bad press that would arise if they did).