AD-HOC USER ACCOUNT CREATION
0 Assignments
0 Petitions
Accused Products
Abstract
A mechanism that allows a user to easily configure a rules engine to apply rules to decide which requests for access to a user'"'"'s computer resources are to be granted and which are denied. A trusted token, such as a certificate of identity issued by a trusted third party authority that verifies identities of computer users, is included in a calling card object provided by the requesting user to the (server) computer that controls the resources desired by the requester. Additional conditions for access may be specified as desired by the user of the server computer.
25 Citations
42 Claims
-
1-22. -22. (canceled)
-
23. A method for a first computerized apparatus to control access to resources by a second computerized apparatus, the method comprising:
-
receiving a resource request from the second computerized apparatus, the resource request at least comprising a trusted token from the second computerized apparatus, the trusted token containing identity data of a user of the first computerized apparatus; determining when the request is authorized to access at least the requested resource; and creating an ad-hoc user account configured to access the requested resource upon a determination of authorized access, the ad-hoc user account comprising at least the identity data; wherein the ad-hoc user account creation is characterized by automatic creation in response to the resource request. - View Dependent Claims (24, 25, 26, 27, 28, 29)
-
-
30. A computerized apparatus, comprising:
-
a network interface; a processor in data communication with the network interface; and a storage apparatus in data communication with the processor, the storage apparatus having a plurality of instructions stored thereon which are configured to, when executed by the processor; generate a data structure comprising at least a trusted token containing identity information of a user of the apparatus, the data structure generated via a rules engine configured according to one or more criteria; establish a connection to a remote computerized apparatus using the network interface; transmit a request via the connection to access at least one resource managed by the remote computerized apparatus, the request comprising at least the data structure; and access the at least one resource, where the at least one resource is accessed based on an establishment of an ad-hoe user account comprising at least the identity information, the ad-hoc user account creation is characterized by automatic creation in response to the request to access the at least one resource; wherein the transmitted data structure is configured to enable the establishment of the ad-hoc user account upon authentication of the trusted token. - View Dependent Claims (31, 32, 33, 34, 35, 36)
-
-
37. A computer-readable apparatus comprising a non-transitory storage medium, the storage medium comprising a plurality of executable instructions configured to, when executed:
-
receive a resource request from a first computerized apparatus, the resource request comprising at least a user identifier and a digital certificate; apply one or more access criteria against the request to determine an authorization to access the requested resource; and create an ad-hoc user account to enable access to the requested resource upon a determination that the request is authorized, the ad-hoc user account containing at least the user identifier; wherein the ad-hoc user account creation is characterized by automatic creation in response to the resource request without requiring additional user interaction. - View Dependent Claims (38, 39, 40, 41, 42)
-
Specification