OBLIGATION ENFORCEMENT FOR RESOURCE ACCESS CONTROL
First Claim
Patent Images
1. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
- a request handler configured to cause the at least one processor to receive an enforcement request for enforcement of an obligation required as a condition for a previously-granted first resource access request;
an obligation enforcer configured to cause the at least one processor to enforce the obligation, based on the enforcement request; and
a compliance manager configured to cause the at least one processor to obtain certification of execution of the obligation from an obligation certification service, and to provide the certification as a basis for granting a second resource access request.
2 Assignments
0 Petitions
Accused Products
Abstract
A request handler may be configured to receive an enforcement request for enforcement of an obligation required as a condition for a previously-granted first resource access request. n obligation enforcer may be configured to enforce the obligation, based on the enforcement request, and a compliance manager may be configured to obtain certification of execution of the obligation from an obligation certification service, and to provide the certification as a basis for granting a second resource access request.
-
Citations
20 Claims
-
1. A system including instructions recorded on a non-transitory computer-readable medium, and executable by at least one processor, the system comprising:
-
a request handler configured to cause the at least one processor to receive an enforcement request for enforcement of an obligation required as a condition for a previously-granted first resource access request; an obligation enforcer configured to cause the at least one processor to enforce the obligation, based on the enforcement request; and a compliance manager configured to cause the at least one processor to obtain certification of execution of the obligation from an obligation certification service, and to provide the certification as a basis for granting a second resource access request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for executing instructions stored on a non-transitory computer readable storage medium, the method comprising:
-
providing, by at least one processor, an enforcement request for enforcement of an obligation required as a condition for a previously-granted first resource access request; obtaining, by at least one processor, certification of execution of the obligation from an obligation certification service; and executing, by at least one processor, an access control decision with respect to a second resource access request, based on the certification. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one processor to:
-
receive an enforcement request for enforcement of an obligation required by an access control policy as a condition for a previously-granted first resource access request for access to a first resource by at least one client system; enforce the obligation at the at least one client system, based on the enforcement request; obtain certification of execution of the obligation from a third-party obligation certification service; and provide the certification as a basis for granting a second resource access request for access to a second resource by the at least one client system, and in accordance with the access control policy. - View Dependent Claims (17, 18, 19, 20)
-
Specification