Invention Grant
- Patent Title: Architecture and design for central authentication and authorization in an on-demand utility environment
- Patent Title (中): 在按需实用环境中进行中心认证和授权的体系结构和设计
-
Application No.: US12410933Application Date: 2009-03-25
-
Publication No.: US07991996B2Publication Date: 2011-08-02
- Inventor: Messaoud Benantar , Yen-Fu Chen , John W. Dunsmoir , Randolph Michael Forlenza , Wei Liu , Sandra Juni Schlosser
- Applicant: Messaoud Benantar , Yen-Fu Chen , John W. Dunsmoir , Randolph Michael Forlenza , Wei Liu , Sandra Juni Schlosser
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Yee & Associates, P.C.
- Agent Mark C. Vallone
- Main IPC: H04L29/06
- IPC: H04L29/06
Abstract:
A Centralized Authentication & Authorization (CAA) system that facilitates secure communication between service clients and service providers. CAA comprises a Service Request Filter (SRF), a Service Client Authentication Program (SCAP), a Service Authorization Program (SAP), and an Authorization Database (ADB). The SRF intercepts service requests, extracts the service client's identifier from a digital certificate attached to the request, and stores the identifier in memory accessible to service providers. In the preferred embodiment, the SRF forwards the service request to a web service manager. The web service manager invokes SCAP. SCAP matches the identifier with a record stored in ADB. SAP queries ADB to determine if the service request is valid for the service client. If the service request is valid, SAP authorizes the service request and the appropriate service provider processes the service request.
Public/Granted literature
- US20090204810A1 Architecture and Design for Central Authentication and Authorization in an On-Demand Utility Environment Public/Granted day:2009-08-13
Information query
