Invention Grant
US08196175B2 Self-describing authorization policy for accessing cloud-based resources
有权
用于访问基于云的资源的自我描述授权策略
- Patent Title: Self-describing authorization policy for accessing cloud-based resources
- Patent Title (中): 用于访问基于云的资源的自我描述授权策略
-
Application No.: US12042637Application Date: 2008-03-05
-
Publication No.: US08196175B2Publication Date: 2012-06-05
- Inventor: David R. Reed , Eric S. Fleischman , Abolade Gbadegesin , Dharma Shukla , Nikolay Smolyanskiy , Thomas A. Galvin
- Applicant: David R. Reed , Eric S. Fleischman , Abolade Gbadegesin , Dharma Shukla , Nikolay Smolyanskiy , Thomas A. Galvin
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Mayer & Williams P.C.
- Main IPC: G06F17/00
- IPC: G06F17/00
Abstract:
A ticketing system adapted for use with a cloud-based services platform is provided by a ticket-based authorization model in which the authorization requirements for traversing one or more meshes of resources associated with a cloud service are annotated in links included in a resource that refer to other resources. The meshes are thus self-describing with respect to the association among the resources (i.e., the links) as well as the authorization required to access resources. Resource access requires a principal ticket which asserts that a caller at a client (e.g., a security principal representing a device or identity associated with a user) is authenticated, plus zero or more claim tickets. The claim tickets make additional assertions about the caller that the cloud service may use to check that the caller is authorized to access the resource.
Public/Granted literature
- US20090228950A1 SELF-DESCRIBING AUTHORIZATION POLICY FOR ACCESSING CLOUD-BASED RESOURCES Public/Granted day:2009-09-10
Information query
