Granting privileges and sharing resources in a telecommunications system
First Claim
1. A method comprising:
- receiving, in a service-providing domain, a request to use a service in said service-providing domain that is made by a first data-processing system in a service-requesting domain;
transmitting a request for a token to a second data-processing system in said service-providing domain, wherein said second data-processing system is unaware of the identity of said first data-processing system;
receiving said token wherein said token specifies a granted privilege; and
extending said granted privilege to said first data-processing system,wherein a domain comprises a group of data-processing systems that share a common communications address, and wherein the common communications address of the service-providing domain is independent of the common communications address of the service-requesting domain.
26 Assignments
0 Petitions
Accused Products
Abstract
A method and an apparatus are disclosed that provide a privilege-granting technique for enabling a service-providing domain to grant a privilege to a requesting user in a service-requesting domain. A request handler in the service-providing domain, which comprises one or more service-associated resources, receives a user request to use a service and requests a token from a privilege-granting server, in accordance with the illustrative embodiment of the present invention. Upon receiving the token that specifies a granted privilege from the privilege-granting server, the request handler extends the privilege to the requesting user. Alternatively, the request handler can request a plurality of tokens in advance from the privilege-granting server; after receiving the tokens, the request handler extends a privilege to each requesting user as the handler receives requests to use one or more services.
51 Citations
28 Claims
-
1. A method comprising:
-
receiving, in a service-providing domain, a request to use a service in said service-providing domain that is made by a first data-processing system in a service-requesting domain; transmitting a request for a token to a second data-processing system in said service-providing domain, wherein said second data-processing system is unaware of the identity of said first data-processing system; receiving said token wherein said token specifies a granted privilege; and extending said granted privilege to said first data-processing system, wherein a domain comprises a group of data-processing systems that share a common communications address, and wherein the common communications address of the service-providing domain is independent of the common communications address of the service-requesting domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
receiving, in a service-providing domain, a request to use a service in said service-providing domain that is made by a first data-processing system in a service-requesting domain; transmitting a request for a token to a second data-processing system in said service-providing domain; receiving said token, wherein said token specifies a granted privilege that is for a time-limited use of at least one resource that is associated with said service; and extending said granted privilege to said first data-processing system, wherein a trust relationship is nonexistent between said service-requesting domain and said service-providing domain at the time of the reception, in said service-providing domain, of said request to use said service, wherein a domain comprises a group of data-processing systems that share a common communications address, and wherein the common communications address of the service-providing domain is independent of the common communications address of the service-requesting domain. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
transmitting, to a second data-processing system in a service-providing domain, a request for a plurality of tokens, wherein said second data-processing system is unaware of the identity of a first data-processing system in a service-requesting domain, and wherein said first data-processing system is capable of using a first service in said service-providing domain; receiving said plurality of tokens, wherein a first token of said plurality of tokens specifies a first granted privilege; and extending, to said first data-processing system, said first granted privilege that is associated with said first service, wherein a domain comprises a group of data-processing systems that share a common communications address, and wherein the common communications address of the service-providing domain is independent of the common communications address of the service-requesting domain. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
Specification