GLOBALLY TRUSTED CREDENTIALS LEVERAGED FOR SERVER ACCESS CONTROL
First Claim
1. At least one access control method implemented by at least one application program, the at least one method comprising:
- identifying at least one resource principal for which the at least one application program lacks at least one trusted credential for authenticating at least one purported client credential provided in connection with at least one access request; and
authorizing at least one client to access the at least one application program based on a determination by at least one separate trusted authority that the at least one purported client credential is valid for the at least one resource principal.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, computer-readable media and application program interfaces are disclosed for enabling server applications to verify purported authentication information, such as passwords, provided by clients in connection with server access requests by leveraging trusted credentials maintained by separate trusted authorities. In some cases, the server applications may lack trusted credentials that may be used to verify the purported authentication information. In those cases, the server applications may identify security principal accounts managed by the separate trusted authorities for which the provided authentication information may be purported to be valid for by the requesting clients. Further, the server applications may request the separate trusted authorities to authenticate the purported authentication information before granting access to the requesting clients. In other cases, the server applications may maintain locally trusted credentials that may be used to verify the provided authentication information without involving the separate trusted authorities.
-
Citations
20 Claims
-
1. At least one access control method implemented by at least one application program, the at least one method comprising:
-
identifying at least one resource principal for which the at least one application program lacks at least one trusted credential for authenticating at least one purported client credential provided in connection with at least one access request; and
authorizing at least one client to access the at least one application program based on a determination by at least one separate trusted authority that the at least one purported client credential is valid for the at least one resource principal. - View Dependent Claims (2, 3, 4)
-
-
5. At least one computer-readable medium having at least one instruction stored thereon, which when executed by at least one processing system in conjunction with at least one application program, causes the at least one application program to implement at least one access control method, the at least one medium comprising at least one instruction for:
-
identifying at least one resource principal for which the at least one application program lacks at least one trusted credential for authenticating at least one purported client credential provided in connection with at least one access request; and
authorizing at least one client to access the at least one application program based on a determination by at least one separate trusted authority that the at least one purported client credential is valid for the at least one resource principal. - View Dependent Claims (6, 7, 8)
-
-
9. At least one application program interface (API) tangibly embodied as at least one instruction stored on at least one computer-readable medium, which when executed by at least one processing system in conjunction with at least one application program, causes the at least one application program to implement at least one access control method, the at least one API comprising:
-
at least one access interface that accepts at least one request to access the at least one application program; and
at least one credential parameter that accepts at least one purported client credential provided in connection with at least one call to the at least one access interface for which the at least one application program lacks at least one trusted credential for authenticating and for which the at least one application program can request at least one separate trusted authority to authenticate. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method of requesting access to at least one application program via at least one application program interface, the method comprising:
-
calling at least one access interface that has at least one credential parameter for requesting access to the at least one application program; and
providing the at least one credential parameter with at least one purported client credential for which the at least one application program lacks at least one trusted credential for authenticating and for which the at least one application program can request at least one separate trusted authority to authenticate. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification