Trust management systems and methods

US 7,313,692 B2
Filed: 05/21/2001
Issued: 12/25/2007
Est. Priority Date: 05/19/2000
Status: Active Grant

First Claim

Patent Images

1. In a computer-implemented authorization management system, a method for controlling a user'"'"'s access to a computing resource that is managed by said computer-implemented authorization management system, the method including:

receiving an electronic request for the computing resource;

retrieving a group of computer-readable authorization certificates from at least one computer-readable authorization certificate storage location accessible to said computer-implemented authorization management system, each certificate containing at least one computer-readable authorization by at least one principal;

identifying a set of principals associated with the group of computer-readable authorization certificates;

creating a lattice of authorization values associated with each principal of said set of principals in a memory device in communication with the computer-implemented authorization system, wherein the lattice of authorization values is a monotone function of one or more authorization values of the set of principals;

evaluating a certificate as a monotone function, at least in part, of the one or more authorization values associated with one or more of the principals;

updating the one or more authorization values of one or more of the principals if the result of said evaluating step indicates that an authorization value of a principal should be changed, the step of updating the authorization value being a monotone function; and

repeating said evaluating and updating steps until a steady state of said lattice of authorizations values is reached.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for making efficient trust management decisions. A trust management engine is provided that processes requests for system resources, authorizations or certificates, and the identity of one or more root authorities that are ultimately responsible for granting or denying the requests. To determine whether a request should be granted, the trust management engine identifies a set principals from whom authorization may flow, and interprets each of the certificates as a function of the state of one or more of the principals. The processing logic iteratively evaluates the functions represented by the certificates, updates the states of the principals, and repeats this process until a reliable determination can be made as to whether the request should be granted or denied. The certificates may be evaluated until the state of the root authority indicates that the request should be granted, or until further evaluation of the certificates is ineffective in changing the state of the principals.

Citations

16 Claims

1. In a computer-implemented authorization management system, a method for controlling a user'"'"'s access to a computing resource that is managed by said computer-implemented authorization management system, the method including:
- receiving an electronic request for the computing resource;
  
  retrieving a group of computer-readable authorization certificates from at least one computer-readable authorization certificate storage location accessible to said computer-implemented authorization management system, each certificate containing at least one computer-readable authorization by at least one principal;
  
  identifying a set of principals associated with the group of computer-readable authorization certificates;
  
  creating a lattice of authorization values associated with each principal of said set of principals in a memory device in communication with the computer-implemented authorization system, wherein the lattice of authorization values is a monotone function of one or more authorization values of the set of principals;
  
  evaluating a certificate as a monotone function, at least in part, of the one or more authorization values associated with one or more of the principals;
  
  updating the one or more authorization values of one or more of the principals if the result of said evaluating step indicates that an authorization value of a principal should be changed, the step of updating the authorization value being a monotone function; and
  
  repeating said evaluating and updating steps until a steady state of said lattice of authorizations values is reached.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method as in claim 1, further including:
    - constructing a dependency graph representation in a memory device in communication with the computer-implemented authorization system, the dependency graph containing a node corresponding to each principal in the set of principals; and
      
      assigning at least two nodes in the dependency graph with a certificate that expresses a dependency of one node on the state of another node;
      
      wherein the dependency graph representation is used, at least in part, during said evaluating, updating, and repeating to determine which certificates to evaluate.
  - 3. A method as in claim 1, in which said updating is performed after all of the certificates have been evaluated.
  - 4. A method as in claim 1, in which the request for the computing resource is received from a first principal, and in which at least one of the certificates is received from the first principal, the certificate having been issued by a second principal.
  - 5. A method as in claim 1, in which the certificates comprise Simple Public Key Infrastructure certificates.
  - 6. A method as in claim 1, in which the electronic request is to access to a piece of electronic content;
    - use a computer program;
      
      execute a transaction;
      
      access a computer;
      
      or access a network.

7. A computer program product for making authorization management determinations for controlling a user'"'"'s access to a computing resource that is managed by said computer-implemented authorization management system, the computer program product including the stepsof:
- receiving an electronic request to perform a predefined action;
  
  retrieving a group of computer-readable authorizations for the predefined action from at least one computer-readable authorization certificate storage location accessible to said computer-implemented authorization management system, one or more of the computer-readable authorizations in the group being a monotone function of the authorization state of one or more principals;
  
  identifying a set of principals associated with the group of computer-readable authorizations and for initializing a lattice of authorization values associated with each principal of said set of principals in a memory device in communication with the computer-implemented authorization system;
  
  evaluating one or more authorizations in the group of computer-readable authorizations using an authorization value associated with each principal;
  
  updating the authorization value of one or more principals in the set of principals, the updating of the authorization value being a monotone function;
  
  causing repeated execution of said computer code for evaluating one or more authorizations in the group of computer-readable authorizations and for updating the authorization value of one or more principals in the set of principals until a steady state of said lattice of authorization values is reached; and
  
  storing the computer codes.
- View Dependent Claims (8)
- - 8. A computer program product as in claim 7, in which the computer-readable medium is one of:
    - CD-ROM, DVD, MINIDISC, floppy disk, magnetic tape, flash memory, ROM, RAM, system memory, network server, hard drive, and optical storage.

9. A computer-implemented system for controlling access to electronic content or processing resources managed by a computer-implemented authorization management system, the system comprising:
- means for receiving an electronic request from a requesting principal to access a piece of electronic content or a processing resource;
  
  means for collecting a set of one or more computer-readable authorization certificates relating to the request, the requesting principal, or the piece of electronic content or processing resource from at least one computer-readable authorization certificate storage location accessible to said computer-implemented authorization management system;
  
  means for identifying a root principal from whom authorization is needed in order to grant the electronic request;
  
  means for creating a lattice of monotone authorization values in a memory device associated with a memory device in communication with said system and performing at least a portion of a least fixpoint computation over said authorization values to determine whether the root principal has authorized the requesting principal to access the piece of electronic content or processing resource; and
  
  means for granting the requesting principal access to the piece of electronic content or processing resource when the least fixpoint computation indicates that the root principal has authorized said access.

10. A computer-implemented system for controlling access to electronic resources, the system comprising:
- a first computer system for processing electronic requests for access to electronic resources, the first computer system comprising;
  
  a computer network interface configured to receive digital certificates from other computer systems and for electronically receiving and processing requests to access electronic resources;
  
  a memory device in communication with said first computer system for storing electronic resources and one or more computer-readable authorization certificates relating to authorization for controlling access thereto; and
  
  a trust management engine for processing digital certificates and requests for electronic resources, and for making access control decisions by creating a lattice of monotone authorization values in a memory device associated with a memory device in communication with said system and performing least fixpoint computations using said authorization values.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. A system as in claim 10, further comprising:
    - a second computer system for making a request for electronic resources from the first computer system; and
      
      a third computer system for generating a first digital certificate, the first digital certificate including an authorization value that is generated from a first monotone function, the authorization value effective for authorizing, at least in part, the second computer system to access a predefined electronic resource.
  - 12. A system as in claim 11, further comprising:
    - a fourth computer system, the fourth computer system being operable to generate a second digital certificate including an authorization value that is generated from a second monotone function, the second digital certificate authorizing, at least in part, the third computer system to authorize, at least in part, the user of the second computer system to access the predefined system resource.
  - 13. A system as in claim 12, in which the third computer system is operable to transmit the first digital certificate to the second computer system, the second computer system is operable to transmit the first digital certificate to the first computer system in connection with said request, and the fourth computer system is operable to transmit the second digital certificate to the first computer system.
  - 14. A system as in claim 13, in which the first computer system further comprises a public key stored in a memory device in communication with said first computer system and associated with the fourth computer system, the public key corresponding to a private key used to sign the second digital certificate.
  - 15. A system as in claim 10, in which at least some of the digital certificates comprise SPKI certificates.
  - 16. A system as in claim 10, in which at least some of the digital certificates corn p rise Keynote certificates.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Serret-Avila, Xavier, Weeks, Stephen P.
Primary Examiner(s)
Vu; Kim
Assistant Examiner(s)
TRUONG, THANHNGA B

Application Number

US09/863,199
Publication Number

US 20020087859A1
Time in Patent Office

2,409 Days
Field of Search

713/200, 713156-157, 726/2, 703/2
US Class Current

713/156
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 9/3263   involving certificates, e.g...

Trust management systems and methods

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Trust management systems and methods

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links