POLICY-BASED METHOD FOR CONFIGURING AN ACCESS CONTROL SERVICE
First Claim
1. A method for processing a request by a first control service using a first control specification language, and a second control service using a second control specification language, the method comprising steps of:
- receiving the request from a requester;
providing the request to the first and second control services;
receiving a decision on the request from each of the first and second control services; and
comparing the decisions to determine if they differ, wherein differing decisions indicate a need to modify a control service configuration.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for processing a request by a first control service using a first control specification language, and a second control service using a second control specification language includes steps of: receiving the request from a requestor; providing the request to the first and second control services; receiving a decision on the request from each of the first and second control services; and comparing the decisions. The first control specification language is an access control policy.
21 Citations
35 Claims
-
1. A method for processing a request by a first control service using a first control specification language, and a second control service using a second control specification language, the method comprising steps of:
-
receiving the request from a requester; providing the request to the first and second control services; receiving a decision on the request from each of the first and second control services; and comparing the decisions to determine if they differ, wherein differing decisions indicate a need to modify a control service configuration. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system configured for processing a request by a first control service using a first control specification language, and a second control service using a second control specification language, the system comprising:
-
data storage configured for storing the first and second control specification languages; a database configured for creation, deletion, and modification of persistent data; memory comprising logic; and a processor operatively connected to said memory and configured to; receive the request from a requestor; provide the request to the first and second control services; receive a decision on the request from each of the first and second control services; and compare the decisions to determine if they differ. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer program product tangibly embodied on a computer readable medium and comprising instructions that, when executed, enables a processor to:
process a request by a first control service using a first control specification language, and a second control service using a second control specification language, the enable element comprising steps of; receiving the request from a requestor; providing the request to the first and second control services; receiving a decision on the request from each of the first and second control services; and comparing the decisions to determine if they differ. - View Dependent Claims (29, 30, 31, 32, 33, 34)
-
35. A system for obtaining services for processing an access request by a first control service using a first control specification language, and a second control service using a second control specification language, the system comprising:
-
receiving the access request from a requestor; providing the access request to the first and second control services; receiving a decision on the access request from each of the first and second control services; comparing the decisions to determine if they differ; and providing notification of the comparison to the requestor.
-
Specification