×

Authority verification system, authority verification method, and computer-readable storage medium

  • US 10,574,645 B2
  • Filed: 11/16/2017
  • Issued: 02/25/2020
  • Est. Priority Date: 11/25/2016
  • Status: Active Grant
0
Associated Cases
0
Associated Defendants
0
Product Citations
0
Petitions
1
Forward Citation
1
Assignment
First Claim
Patent Images

1. An authority verification system operable to verify an access authority for a resource, the system comprising a terminal apparatus, a resource server for providing a resource and an authentication/authorization server, whereinthe terminal apparatus includes at least a processor and at least a memory coupled to the at least the processor and having stored thereon instructions which, when executed by the at least the processor, cause the at least the processor to function as:

  • a transmission unit configured to transmit a resource access request,the resource server includes at least a processor and at least a memory coupled to the at least the processor and having stored thereon instructions which, when executed by the at least the processor, cause the at least the processor to function as;

    a per-resource user authority management unit configured to manage per-resource user authorities established for each resource; and

    a verification request unit configured to, in response to receiving the resource access request, resolve a user authority for a specified resource based on a token included in the resource access request and transmit an authority verification request including the token and the resolved user authority to the authentication/authorization server,the authentication/authorization server includes at least a processor and at least a memory coupled to the at least the processor and having stored thereon instructions which, when executed by the at least the processor, cause the at least the processor to function as;

    a user authority management unit configured to manage user authorities;

    a refinement unit configured to confirm user authorities based on the token included in the authority verification request and determine an authority corresponding to the resolved user authority included in the authority verification request from among the confirmed user authorities as an access authority to be verified; and

    a validation unit configured to determine whether access to the resource corresponding to the resource access request is permitted based on the access authority refined by the refinement unit,wherein the terminal apparatus that is a transmission source of the resource access request is allowed to access the resource in a case where it is determined that the access is permitted by the validation unit,wherein the authentication/authorization server further functions as;

    a unit of the authority verification system configured to delegate a user authority to the transmission source of the resource access request and to issue an access token or a JSON web token indicating a delegation source user and a delegated authority, andwherein the user authority that the resource access request transmission source has is the delegated user authority that is indicated by the access token or the JSON web token, andthe authority necessary for the resource access request with respect to a designated resource of the resource access request is associated with the delegation source user for the user authority.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×