IDENTITY AND POLICY ENABLED COLLABORATION
First Claim
Patent Images
1. A machine-implemented method, comprising:
- receiving, from a principal, a request to access a resource;
acquiring a principal identity and a policy for the request, wherein the policy includes security restrictions for the principal identity when accessing the resource; and
enforcing the security restrictions when the principal accesses the resource.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for identity and policy enabled collaboration are provided. Access to assets of an enterprise is governed by identity relationships. A policy defines security restrictions between collaborating network resources based on identities assigned to the network resources. During collaboration, the security restrictions are enforced.
-
Citations
25 Claims
-
1. A machine-implemented method, comprising:
-
receiving, from a principal, a request to access a resource; acquiring a principal identity and a policy for the request, wherein the policy includes security restrictions for the principal identity when accessing the resource; and enforcing the security restrictions when the principal accesses the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine-implemented method, comprising:
-
receiving a policy from a first principal, wherein the policy includes security restrictions for accessing a resource in response to a second principal identity assigned to a second principal; configuring an environment that includes the resource with the security restrictions; and enforcing the security restrictions within the environment when the second principal accesses the resource. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A machine-implemented system, comprising:
-
an identity service implemented in a computer-readable storage medium and to process on a network; and a security service implemented in a computer-readable storage medium and to process on the network; wherein the identity service is to authenticate a principal to a principal identity when the principal requests access to a resource, and wherein the security service is to obtain a policy that is specific to the principal identity and the resource, the policy includes security restrictions that are enforced by the security service against the principal during access to the resource. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A machine-implemented system comprising:
-
a policy-identity collaboration interface implemented in a computer-readable storage medium and to process on a network; and a security service implemented in a computer-readable storage medium and to process on the network; wherein the policy-identity collaboration interface is to interact with a principal to define a policy, the policy includes security restrictions for a collaborations that can occur between two or more resources based on identities assigned to those two or more resources, and wherein the security service configures the policy and enforces the policy when the two or more resources collaborate with one another on the network. - View Dependent Claims (22, 23, 24, 25)
-
Specification