Delegation in a distributed security system
First Claim
Patent Images
1. A method for delegating enterprise security capabilities, comprising:
- providing a capability for a first user, wherein the capability can be expressed as a policy;
delegating the capability from the first user to a second user;
wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability; and
wherein the delegated capability is propagated in a distributed enterprise security system.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for delegating enterprise security capabilities, comprising, providing a capability for a first user, wherein the capability can be expressed as a policy, delegating the capability from the first user to a second user, wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability, and wherein the delegated capability is propagated in a distributed enterprise security system.
-
Citations
30 Claims
-
1. A method for delegating enterprise security capabilities, comprising:
-
providing a capability for a first user, wherein the capability can be expressed as a policy;
delegating the capability from the first user to a second user;
wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability; and
wherein the delegated capability is propagated in a distributed enterprise security system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 29)
-
-
11. A method for delegating enterprise security capabilities, comprising:
-
providing a capability for a first user, wherein the capability can be expressed as a policy;
delegating the capability from the first user to a second user;
wherein the capability can be subject to at least one constraint imposed on the second user;
wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability; and
wherein the delegated capability is propagated in a distributed enterprise security system. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A machine readable medium having instructions stored thereon to cause a system to:
-
provide a capability for a first user, wherein the capability can be expressed as a policy;
delegate the capability from the first user to a second user;
wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability; and
wherein the delegated capability is propagated in a distributed enterprise security system. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
-
30. A computer signal embodied in a transmission medium, comprising:
-
a code segment including instructions for providing a capability for a first user, wherein the capability can be expressed as a policy;
a code segment including instructions for delegating the capability from the first user to a second user;
wherein the second user is allowed to have the capability only at times when the first user is allowed to have the capability; and
wherein the delegated capability is propagated in a distributed enterprise security system.
-
Specification