Dynamic delegation method and device using the same
First Claim
Patent Images
1. A delegation method, implemented in a delegation system, comprising the steps of:
- providing delegation policies as general rules for limiting delegation;
receiving a delegation condition and a delegation approval submitted by a grantor for vesting authority of the grantor'"'"'s role to a grantee, wherein the grantor'"'"'s role is designated the authority to access a set of data; and
determining consequent authority vested to the grantee based on the delegation approval, the delegation condition and the delegation policies.
1 Assignment
0 Petitions
Accused Products
Abstract
A dynamic delegation method. First, a set of delegation policies are provided as general rules for limiting delegation. Next, two kinds of data are received, including a delegation condition and a delegation approval submitted by a grantor for vesting authority of the grantor'"'"'s role to a grantee, wherein the grantor'"'"'s role is granted the authority to access a set of data. Next, consequent authority actually vested to the grantee is determined based on the delegation approval, the delegation condition and the delegation policies.
73 Citations
20 Claims
-
1. A delegation method, implemented in a delegation system, comprising the steps of:
-
providing delegation policies as general rules for limiting delegation;
receiving a delegation condition and a delegation approval submitted by a grantor for vesting authority of the grantor'"'"'s role to a grantee, wherein the grantor'"'"'s role is designated the authority to access a set of data; and
determining consequent authority vested to the grantee based on the delegation approval, the delegation condition and the delegation policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A delegation device, comprising:
-
a memory storing delegation policies as general rules for limiting delegation;
a receiving unit for receiving a delegation condition and a delegation approval submitted by a grantor for vesting authority of the grantor'"'"'s role to a grantee, wherein the grantor'"'"'s role is designated the authority to access a set of data; and
a processing unit for determining consequent authority vested to the grantee based on the delegation approval, the delegation condition and the delegation policies. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A machine-readable storage medium storing a computer program which, when executed, directs a computer to perform a delegation method, comprising the steps of:
-
receiving a delegation condition and a delegation approval submitted by a grantor for vesting authority of the grantor'"'"'s role to a grantee, wherein the grantor'"'"'s role is designated the authority to access a set of data;
reading delegation policies as general rules for limiting delegation; and
determining consequent authority vested to the grantee based on the delegation approval, the delegation condition and the delegation policies. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification