Establishment of Security Federations
First Claim
1. A computer-implemented method comprising:
- modeling a process that involves secure interaction between administrative domains, the modeled process specifying role information for each of the administrative domains and interactions between the administrative domains;
receiving the role information associated with candidate administrative domains;
dynamically resolving appropriate administrative domains from the candidate administrative domains based on the modeled process and the received role information;
automatically deriving trust realms between the dynamically resolved appropriate administrative domains based on the role information and the interactions from the modeled process; and
effecting secure interaction between the dynamically resolved appropriate administrative domains through the automatically derived trust realms.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure interactions between administrative domains are modeled. The modeled process specifies role information for each of the administrative domains and interaction between the administrative domains. Role information associated with candidate administrative domains is received, and appropriate administrative domains from the candidate administrative domains are dynamically resolved based on the modeled process and the received role information. Trust realms between the dynamically resolved appropriate administrative domains are automatically derived based on the role information and the interactions from the modeled process. The secure interaction between the dynamically resolved appropriate administrative domains is effected through the automatically derived trust realms.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
modeling a process that involves secure interaction between administrative domains, the modeled process specifying role information for each of the administrative domains and interactions between the administrative domains; receiving the role information associated with candidate administrative domains; dynamically resolving appropriate administrative domains from the candidate administrative domains based on the modeled process and the received role information; automatically deriving trust realms between the dynamically resolved appropriate administrative domains based on the role information and the interactions from the modeled process; and effecting secure interaction between the dynamically resolved appropriate administrative domains through the automatically derived trust realms. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product, tangibly embodied in a machine-readable medium, the computer program product comprising instructions that, when read by a machine, operate to cause a data processing apparatus to:
-
model a process that involves secure interaction between administrative domains, the modeled process specifying role information for each of the administrative domains and interactions between the administrative domains; receive the role information from candidate administrative domains; dynamically resolving appropriate administrative domains from the candidate administrative domains based on the modeled process and the received role information; automatically derive trust realms between the dynamically resolved appropriate administrative domains based on the role information and the interactions from the modeled process; and effect secure interactions between the dynamically resolved appropriate administrative domains through the automatically derived trust realms.
-
-
20. A device comprising:
-
a processor configured to; model a process that involves secure interaction between administrative domains, the modeled process specifying role information for each of the administrative domains and interactions between the administrative domains, receive the role information associated with candidate administrative domains, dynamically resolve appropriate administrative domains from the candidate administrative domains based on the modeled process and the received role information, automatically derive trust realms between the dynamically resolved appropriate administrative domains based on the role information and the interactions from the modeled process, and effect secure interactions between the dynamically resolved appropriate administrative domains though the automatically derived trust realms; and a repository configured to; store the role information associated with each of the administrative domains and relationship types associated with each of the administrative domain, and transmit the role information and relationship type to the processor.
-
Specification