Modular enterprise authorization solution

Assignee

• Microsoft Corporation · US

Inventors

• Mannan Mohammed · Chandler, US
• Saivendra Kayal · Irvine, US
• Ron Tielke · Phoenix, US
• Mark R. Brown · Seattle, US
• Nathan Dolly · Battle Ground, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/629
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An authorization framework located external to an application may be invoked to determine user authorization for a requested application component. Small amounts of supplemental authentication code are added to application code to invoke provider modules within the authentication framework. The provider modules perform authorization functions outside of the application and return authorization results to the application. The functions include determining a user role, determining the permissions associated with the user role, comparing the role permissions to the security defined on the requested application component by a rule, and returning an authorization state to the authentication framework. The supplemental authentication code may invoke one or more providers through provider interfaces that translate requests to a particular provider. Using the provider based authorization framework, authorization for an application component is achieved externally without hard-coding authorization code within the application itself.