发明授权
- 专利标题: Methods and systems for controlling the scope of delegation of authentication credentials
- 专利标题(中): 用于控制授权凭证授权范围的方法和系统
-
申请号: US09886146申请日: 2001-06-20
-
公开(公告)号: US07698381B2公开(公告)日: 2010-04-13
- 发明人: John E. Brezak , Richard B. Ward , Donald E. Schmidt
- 申请人: John E. Brezak , Richard B. Ward , Donald E. Schmidt
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Corporation
- 当前专利权人: Microsoft Corporation
- 当前专利权人地址: US WA Redmond
- 代理机构: Merchant & Gould, P.C.
- 主分类号: G06F15/16
- IPC分类号: G06F15/16
摘要:
Methods and systems are provided for controlling the scope of delegation of authentication credentials within a network environment. A server is configured to provide a trusted third-party with a ticket authenticating the server, information about a target service that a server seeks to access on behalf of the client, and a service ticket associated with the client. This service ticket may be provided by the client or may be a previously granted service ticket granted to the server for itself in the name of the client. The trusted third-party grants a new service ticket to access the target service to the server, in the client's name, if such delegation is permitted according to delegation constraints associated with the client.