Flexible scalable application authorization for cloud computing environments
US8418222B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 30, 2008 |
| Grant date | Apr 9, 2013 |
| Priority date | — |
| Expiry date | Aug 14, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/102
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A representational state transfer-based model for a computing environment uses models resources with links between them. Security principals are resources which can be independently authenticated. Each resource may be associated with an authorization policy that determines level of access, protocol supported. Successfully presenting security credentials at a security principal allows use of an instance of the security principal (i.e. application) as well as generation of an authentication token that can be presented across the computing environment to resources subscribing to the same authorization policy. As security principals with different security policies are authenticated, the appropriate tokens may be combined to allow broader access without undue re-authentication for resources subscribing to the same security policy. Authorization requirements (policies) may be attached to links to resources so that an application instance can dynamically discover authentication rules for that resource by inspecting the link.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.