SECURITY MODEL FOR INDUSTRIAL DEVICES
First Claim
Patent Images
1. An apparatus, comprising:
- a protocol buffer component configured to serialize a protocol message object into a series of bytes and to de-serialize the series of bytes into the protocol message object; and
a security token service configured to at least one of issue, renew, or validate a first security token in response to a token request having credential information from a requester, whereinthe apparatus obtains the token request as a first series of bytes, the protocol buffer component is further configured to de-serialize the first series of bytes into a token request message object retaining the credential information, and the security token service is further configured to generate the first security token based at least in part on the credential information.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and/or methods are described relating to a security model that provides interoperability with foreign security domains while remaining scalable to small embedded devices. A security token service is provided, which is configured to issue, renew, and/or validate security tokens in response to a token request. A communication protocol, corresponding message structures, and the security tokens are defined in accordance with protocol buffer definitions.
66 Citations
20 Claims
-
1. An apparatus, comprising:
-
a protocol buffer component configured to serialize a protocol message object into a series of bytes and to de-serialize the series of bytes into the protocol message object; and a security token service configured to at least one of issue, renew, or validate a first security token in response to a token request having credential information from a requester, wherein the apparatus obtains the token request as a first series of bytes, the protocol buffer component is further configured to de-serialize the first series of bytes into a token request message object retaining the credential information, and the security token service is further configured to generate the first security token based at least in part on the credential information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
obtaining a token request, as a series of bytes, that includes credential information to be authenticated; de-serializing the series of bytes to obtain the token request as an object structured in accordance with a first protocol buffer definition; serializing a security token, structured in accordance with a second protocol buffer definition, into a byte stream; and communicating the byte stream as a response to the token request. - View Dependent Claims (16, 17, 18, 19)
-
-
20. An industrial automation apparatus, comprising:
-
a user interface configured to display a graphical user interface to a user and to obtain input information from the user; an security component, comprising; an authentication component configured to validate credential information; and a security token service configured to issue a security token based at least in part on authentication results from the authentication component; and an access control component configured to render access control decisions based at least in part on the security token.
-
Specification