Method and System for Authorization and Access Control Delegation in an On Demand Grid Environment

US 20080183872A1
Filed: 04/01/2008
Published: 07/31/2008
Est. Priority Date: 06/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method for dynamic delegation of control in a grid computing environment comprising:

granting authority of a grid node to a moderator by a superauthority;

admitting said moderator to said grid node;

modifying an access control list of said grid node by said moderator; and

inviting other entities listed on said access control list to access said grid node,wherein said first moderator controls said inviting of said other entities without contact with said superauthority.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method of the invention provides for dynamic on-demand delegation of control and access in a grid computing environment comprising granting authority of a grid node to a first moderator by a superauthority; admitting the first moderator to the grid node; modifying the access control list of the grid node by the first moderator; inviting other entities listed on the access control list to access the grid node; and issuing a unique authorization certificate to each of the other entities, wherein the first moderator controls the inviting of the other entities without contact with or accessing to the superauthority for certification.

24 Citations

20 Claims

1. A method for dynamic delegation of control in a grid computing environment comprising:
- granting authority of a grid node to a moderator by a superauthority;
  
  admitting said moderator to said grid node;
  
  modifying an access control list of said grid node by said moderator; and
  
  inviting other entities listed on said access control list to access said grid node,wherein said first moderator controls said inviting of said other entities without contact with said superauthority.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, all the limitations of which are incorporated herein by reference, wherein said modifying comprising adding or deleting said other entities on said access control list.
  - 3. The method of claim 1, all the limitations of which are incorporated herein by reference, further comprising issuing a unique authorization certificate to each of said other entities.
  - 4. The method of claim 1, all the limitations of which are incorporated herein by reference, further comprising delegating privileged users by said moderator, wherein said moderator controls said delegating privileged users without contact with said superauthority.
  - 5. The method of claim 4, all the limitations of which are incorporated herein by reference, wherein said modifying of said access control list is performed by either said moderator or said privileged users.
  - 6. The method of claim 4, all the limitations of which are incorporated herein by reference, wherein said delegating of said privileged users is performed by said moderator or privileged users.

7. A method for dynamic delegation of control in a grid computing environment comprising:
- granting authority of a grid node to a moderator by a superauthority;
  
  admitting said moderator to said grid node;
  
  modifying an access control list of said grid node by said moderator;
  
  inviting other entities listed on said access control list to access said grid node; and
  
  issuing a unique authorization certificate to each of said other entities;
  
  wherein said moderator controls said inviting of said other entities without contact with said superauthority.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, all the limitations of which are incorporated herein by reference, wherein said modifying comprising adding or deleting said other entities on said access control list.
  - 9. The method of claim 7, all the limitations of which are incorporated herein by reference, further comprising delegating privileged users by said first moderator, wherein said moderator controls said delegating privileged users without contact with said superauthority.
  - 10. The method of claim 9, all the limitations of which are incorporated herein by reference, wherein said modifying of said access control list is performed by either said moderator or said privileged users.
  - 11. The method of claim 9, all the limitations of which are incorporated herein by reference, wherein said delegating of said privileged users is performed by said first moderator or said privileged users.

12. A computer program product readable by machine, tangibly embodying a program of instructions executable by said machine to perform a method for dynamic delegation of control in a grid computing environment, said method comprising:
- granting authority of a grid node to a moderator by a superauthority;
  
  admitting said moderator to said grid node;
  
  modifying an access control list of said grid node by said moderator wherein said modeling comprises adding or deleting said other entities on said access control list;
  
  inviting other entities listed on said access control list to access said grid node; and
  
  issuing a unique authorization certificate to each of said other entities;
  
  wherein said moderator controls said inviting of said other entities without contact with said superauthority.
- View Dependent Claims (13, 14, 15)
- - 13. The computer program product of claim 12, all the limitations of which are incorporated herein by reference, further comprising delegating privileged users by said moderator, wherein said moderator controls said delegating privileged users without contact with said superauthority.
  - 14. The computer program product of claim 13, all the limitations of which are incorporated herein by reference, wherein said modifying of said access control list is performed by either said moderator or said privileged users.
  - 15. The computer program product of claim 13, all the limitations of which are incorporated herein by reference, wherein said delegating of said privileged users is performed by said moderator or said privileged users.

16. A service for dynamic delegation of control in a grid computing environment comprising:
- granting authority of a grid node to a moderator by a superauthority;
  
  admitting said moderator to said grid node;
  
  modifying an access control list of said grid node by said moderator;
  
  inviting other entities listed on said access control list to access said grid node; and
  
  issuing a unique authorization certificate to each of said other entities;
  
  wherein said moderator controls said inviting of said other entities without contact with said superauthority.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The service of claim 16, all the limitations of which are incorporated herein by reference, wherein said modifying comprising adding or deleting said other entities on said access control list.
  - 18. The service of claim 16, all the limitations of which are incorporated herein by reference, further comprising delegating privileged users by said moderator, wherein said moderator controls said delegating privileged users without contact with said superauthority.
  - 19. The service of claim 18, all the limitations of which are incorporated herein by reference, wherein said modifying of said access control list is performed by either said moderator or said privileged users.
  - 20. The service of claim 18, all the limitations of which are incorporated herein by reference, wherein said delegating of said additional moderators is performed by said moderator or said privileged users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Boutboul, Irwin

Granted Patent

US 8,935,417 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/226
CPC Class Codes

H04L 41/044   comprising hierarchical man...

H04L 41/28   Restricting access to netwo...

H04L 63/0823   using certificates cryptogr...

H04L 63/101   Access control lists [ACL]

Method and System for Authorization and Access Control Delegation in an On Demand Grid Environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and System for Authorization and Access Control Delegation in an On Demand Grid Environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links