Invention Grant
US07774830B2 Access control policy engine controlling access to resource based on any of multiple received types of security tokens
有权
访问控制策略引擎基于多种接收到的安全令牌中的任何一种来控制对资源的访问
- Patent Title: Access control policy engine controlling access to resource based on any of multiple received types of security tokens
- Patent Title (中): 访问控制策略引擎基于多种接收到的安全令牌中的任何一种来控制对资源的访问
-
Application No.: US11080806Application Date: 2005-03-14
-
Publication No.: US07774830B2Publication Date: 2010-08-10
- Inventor: Blair Brewster Dillaway , John L. Manferdelli , Shawn Martin Woods
- Applicant: Blair Brewster Dillaway , John L. Manferdelli , Shawn Martin Woods
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Woodcock Washburn LLP
- Main IPC: H04L9/32
- IPC: H04L9/32
Abstract:
An access control policy engine associated with a resource determines whether to allow a request to access same. The engine receives the request with an security token, retrieves the token determines a type thereof, and maps access decision information in the token to a common format as at least one security claim setting forth adequate information to determine a right of the requestor. Thereafter, the engine retrieves a set of rules for accessing the resource, applies the rules to the security claims to determine whether to allow the request from the requestor, and if the request is to be allowed, provides the requestor access to the resource in accordance with the request and the rights of the requestor as determined based on the security claims.
Public/Granted literature
Information query
