UNIFIED ACCESS CONTROL SYSTEM AND METHOD FOR COMPOSED SERVICES IN A DISTRIBUTED ENVIRONMENT
First Claim
1. A computer device implemented method of providing a unified access control for a plurality of composed services in a distributed computing environment without requiring repeated input of security certification, the method comprising the steps of:
- acquiring a first role of a user in a first composed service by a role acquiring component of a computing system device;
sending an invoking request by a processing unit of the first composed service to a second composed service;
receiving the first role of the user in the first composed service and predefined role-role mapping relationships by a role determining component in response to the invoking request of the first composed service to the second composed service;
determining a second role of the user in the second composed service by the role determining component according to the first role of the user in the first composed service and the predefined role-role mapping relationships; and
sending the determined role in the second composed service by a role sending component to the second composed service, thereby providing unified access without requiring repeated input of security certification.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, a computer device implemented method, and a computer readable article of manufacture for executing a computer implemented method for a unified access control for a plurality of composed services in a distributed computing environment without requiring repeated input of security certification. The method includes the steps of: acquiring a first role of a user in a first composed service; sending an invoking request by a processing unit of the first composed service to a second composed service; receiving the first role of the user in the first composed service and predefined role-role mapping relationships, and determining a second role of the user in the second composed service by a role determining component; and then sending the determined role in the second composed service by a role sending component to the second composed service, thereby providing unified access without requiring repeated input of security certification.
-
Citations
20 Claims
-
1. A computer device implemented method of providing a unified access control for a plurality of composed services in a distributed computing environment without requiring repeated input of security certification, the method comprising the steps of:
-
acquiring a first role of a user in a first composed service by a role acquiring component of a computing system device; sending an invoking request by a processing unit of the first composed service to a second composed service; receiving the first role of the user in the first composed service and predefined role-role mapping relationships by a role determining component in response to the invoking request of the first composed service to the second composed service; determining a second role of the user in the second composed service by the role determining component according to the first role of the user in the first composed service and the predefined role-role mapping relationships; and sending the determined role in the second composed service by a role sending component to the second composed service, thereby providing unified access without requiring repeated input of security certification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A unified access control computer device system for providing a unified access control for a plurality of composed services in a distributed computing environment without requiring repeated input of security certification, the system comprising:
-
a role acquiring component for acquiring a first role of a user in a first composed service; a processing unit of the first composed service for sending an invoking request to a second composed service; a role determining component for determining a second role of the user in a second composed service according to the first role of the user in the first composed service and predefined role-role mapping relationships, in response to an invoking request of the first composed service to the second composed service; and a role sending component for sending the determined second role in the second composed service to the second composed service, thereby providing unified access without requiring repeated input of security certification. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer readable article of manufacture tangibly embodying computer readable instructions for executing a computer implemented method of providing a unified access control for a plurality of composed services in a distributed computing environment without requiring repeated input of security certification, the method comprising the steps of:
-
acquiring a first role of a user in a first composed service by a role acquiring component of a computing system device; sending an invoking request by a processing unit of the first composed service to a second composed service; receiving the first role of the user in the first composed service and predefined role-role mapping relationships by a role determining component in response to the invoking request of the first composed service to the second composed service; determining a second role of the user in the second composed service by the role determining component according to the first role of the user in the first composed service and the predefined role-role mapping relationships; and sending the determined role in the second composed service by a role sending component to the second composed service, thereby providing unified access without requiring repeated input of security certification.
-
Specification