公开(公告)号：US07774830B2

公开(公告)日：2010-08-10

申请号：US11080806

申请日：2005-03-14

申请人： Blair Brewster Dillaway ,  John L. Manferdelli ,  Shawn Martin Woods

发明人： Blair Brewster Dillaway ,  John L. Manferdelli ,  Shawn Martin Woods

IPC分类号： H04L9/32

CPC分类号： H04L63/102 ,  G06F21/6218 ,  H04L63/0823

摘要： An access control policy engine associated with a resource determines whether to allow a request to access same. The engine receives the request with an security token, retrieves the token determines a type thereof, and maps access decision information in the token to a common format as at least one security claim setting forth adequate information to determine a right of the requestor. Thereafter, the engine retrieves a set of rules for accessing the resource, applies the rules to the security claims to determine whether to allow the request from the requestor, and if the request is to be allowed, provides the requestor access to the resource in accordance with the request and the rights of the requestor as determined based on the security claims.

摘要翻译： 与资源相关联的访问控制策略引擎确定是否允许请求访问它。 引擎使用安全令牌接收请求，检索令牌确定其类型，并将令牌中的访问决策信息映射到通用格式作为至少一个安全权利要求，其中提供足够的信息以确定请求者的权利。 此后，引擎检索用于访问资源的一组规则，将规则应用于安全声明以确定是否允许来自请求者的请求，并且如果请求被允许，则根据请求提供对资源的请求者访问 请求者的请求和权利根据担保权利要求确定。