ENFORCEMENT OF POLICIES ON CONTEXT-BASED AUTHORIZATION
First Claim
1. A method of enforcing usage/context-based authorization, the method comprising:
- generating an authorization context for access to a resource, wherein the access includes a first set of access parameters;
storing the authorization context associated with the resource;
intercepting, at a policy enforcer, an access request for the resource, wherein the access request includes a second set of access parameters;
checking, by the policy enforcer, the access request against the authorization context to determine if the second set of access parameters matches the first set of access parameters; and
in response to the first set of access parameters matching the second set of access parameters, permitting access to the resource in accordance with the second set of access parameters.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide methods and systems for enforcing usage/context-based authorization. The method may include generating an authorization context for access to a resource. The access may include a first set of access parameters. The method may further store the authorization context associated with the resource, and intercept an access request for the resource. The access request may include a second set of access parameters. The method may further check the access request against the authorization context to determine if the second set of access parameters matches the first set of access parameters, and in response to the first set of access parameters matching the second set of access parameters, permit access to the resource in accordance with the second set of access parameters.
-
Citations
24 Claims
-
1. A method of enforcing usage/context-based authorization, the method comprising:
-
generating an authorization context for access to a resource, wherein the access includes a first set of access parameters; storing the authorization context associated with the resource; intercepting, at a policy enforcer, an access request for the resource, wherein the access request includes a second set of access parameters; checking, by the policy enforcer, the access request against the authorization context to determine if the second set of access parameters matches the first set of access parameters; and in response to the first set of access parameters matching the second set of access parameters, permitting access to the resource in accordance with the second set of access parameters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system enforcing usage based authorization, the system comprising:
-
a requesting entity configured to request access to a resource, wherein the request includes access parameters; and an authorization entity coupled with the requestor, the authorization entity configured to receive the request from the requesting entity, identify a context associated with the request, and determine whether to authorize the request based on the context of the request and the access parameters. - View Dependent Claims (20, 21, 22)
-
-
23. A machine-readable medium including sets of instruction for enforcing usage-based authorization which, when executed by a machine, cause the machine to:
-
receive, from a third party service provider, a request for access to an address of an end-user device; in response to the request, provide a token to the third party service provider; receive the token and an accompanying message from the third party service provider; use the token to determine the address of the end-user device; and transmit the accompanying message to the end-user device. - View Dependent Claims (24)
-
Specification