METHOD AND SYSTEM FOR ACCESS CONTROL IN CLOUD COMPUTING SERVICE
First Claim
Patent Images
1. A collaborative service server of a cloud computing service, comprising:
- a user service list database to store right information of a user associated with a service subscribed to by the user and security policy information associated with the service; and
an access token issuing unit to issue an access token of the service based on a service access request of the user, user authentication, and a service right.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a method and system for assigning a suitable right to a user through a security policy based access control in a computing service. A collaborative service server may authenticate a user through a cloud service server, and may issue an access token including user authentication information and user right information. The cloud service server may compare information associated with the access token and an access control list and may determine whether to authorize an access of the user to the service based on the comparison result.
-
Citations
20 Claims
-
1. A collaborative service server of a cloud computing service, comprising:
-
a user service list database to store right information of a user associated with a service subscribed to by the user and security policy information associated with the service; and an access token issuing unit to issue an access token of the service based on a service access request of the user, user authentication, and a service right. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A cloud service server, comprising:
-
a policy information unit to store a security policy associated with a service accessed by a user and user right information associated with the service; and a policy decision unit to compare information associated with an access token with an access control list, the security policy, and the user right information, and to authorize an access of the user to the service when information associated with the access token matches the access control list, the security policy, and the user right information as the comparison result. - View Dependent Claims (9, 10)
-
-
11. A method of providing a collaborative service in a cloud computing service, the method comprising:
-
storing, by a user service list database, right information of a user associated with a service subscribed to by the user and security policy information associated with the service; and issuing, by an access token issuing unit, an access token of the service based on a service access request of the user, user authentication, and a service right. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A method of providing a cloud service, the method comprising:
-
storing, by a policy information unit, a security policy associated with a service accessed by a user and user right information associated with the service; and comparing, by a policy decision unit, information associated with an access token with an access control list, the security policy, and the user right information, to authorize an access of the user to the service when information associated with the access token matches the access control list, the security policy, and the user right information as the comparison result. - View Dependent Claims (19, 20)
-
Specification