Usage based authorization
First Claim
1. A method of authorizing a request for a resource based on a context of the request, the method comprising:
- receiving at an authorization system the request from a requestor;
requesting by the authorization system context information describing the context of the request;
receiving at the authorization system the context information in response to the request, the context information including information identifying an intended use of the resource by the requestor if the request is authorized and wherein the intended use of the resource is not indicated by the request;
identifying by the authorization system the context of the request based on the received context information including the information identifying the intended use of the resource; and
determining by the authorization system whether to authorize the request based on the context of the request.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide systems and methods for authorizing a request to access a resource based on a context of the request. According to one embodiment, a method of authorizing a request for a resource based on a context of the request can comprise receiving the request from a requester, identifying the context of the request, and determining whether to authorize the request based on the context of the request. In some cases, the request can include context information describing the context of the request. In such cases, identifying the context can be based at least in part on the context information from the request. Additionally or alternatively, context information describing the context can be requested and received in response to the request. In such a case, identifying the context can be based at least in part on the received context information.
-
Citations
27 Claims
-
1. A method of authorizing a request for a resource based on a context of the request, the method comprising:
-
receiving at an authorization system the request from a requestor; requesting by the authorization system context information describing the context of the request; receiving at the authorization system the context information in response to the request, the context information including information identifying an intended use of the resource by the requestor if the request is authorized and wherein the intended use of the resource is not indicated by the request; identifying by the authorization system the context of the request based on the received context information including the information identifying the intended use of the resource; and determining by the authorization system whether to authorize the request based on the context of the request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An authorization system comprising:
-
a processor; and a memory communicatively coupled with and readable by the processor and having stored therein a sequence of instructions which, when executed by the processor, cause the processor to receive a request from a requestor, request context information describing the context of the request, receive the context information in response to the request, the context information including information identifying an intended use of the resource by the requestor if the request is authorized and wherein the intended use of the resource is not indicated by the request, identify a context of the request based on the received context information including the information identifying the intended use of the resource, and determine whether to authorize the request based on the context of the request. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A machine-readable memory having stored thereon a series of instructions which, when executed by a processor, cause the processor to authorize a request for a resource based on a context of the request by:
-
receiving the request from a requestor; requesting context information describing the context of the request; receiving the context information in response to the request, the context information including information identifying an intended use of the resource by the requestor if the request is authorized and wherein the intended use of the resource is not indicated by the request; identifying the context of the request based on the received context information including the information identifying the intended use of the resource; and determining whether to authorize the request based on the context of the request. - View Dependent Claims (24, 25, 26, 27)
-
Specification