×

AUTHENTICATION SYSTEM, AUTHENTICATION METHOD, AND STORAGE MEDIUM FOR REALIZING A MULTITENANT SERVICE

  • US 20120331539A1
  • Filed: 06/19/2012
  • Published: 12/27/2012
  • Est. Priority Date: 06/24/2011
  • Status: Active Grant
First Claim
Patent Images

1. An authentication system comprising:

  • a management unit configured to manage whether a screen corresponding to a URL can be provided based on role information, manage application program interface (API) execution authority based on role information, and manage whether data is distributed based on role information;

    a reception unit configured to receive an access allowance or denial confirmation with respect to a resource and an authentication token;

    a determination unit configured to determine role information associated with the authentication token received by the reception unit;

    a URL verification unit configured to verify, if a resource type corresponding to the access allowance or denial confirmation received by the reception unit is a URL resource, whether access is permitted based on the role information determined by the determination unit and role information of the URL resource based on a management content of the management unit;

    a provision unit configured to provide a screen corresponding to the URL resource if the access is permitted by the URL verification unit;

    an API verification unit configured to verify, if a resource type corresponding to the access allowance or denial confirmation received by the reception unit is execution of an API, whether access is permitted based on the role information determined by the determination unit and role information of execution authority of the API based on a management content of the management unit;

    an execution unit configured to execute the API if it is determined that the access is permitted by the API verification unit; and

    a data distribution verification unit configured to verify, if a resource type corresponding to the access allowance or denial confirmation received by the reception unit is distribution of data, whether access is permitted based on the role information determined by the determination unit and role information of distribution of the data based on a management content of the management unit; and

    a distribution unit configured to distribute the data if it is determined that the access is permitted by the data distribution verification unit.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×