System for managing access control
First Claim
1. A method for managing access control in a content distribution system, the system comprising:
- an organization for providing content data and related meta data; and
a rendering device for rendering the content data and related meta data and executing an application, said rendering device having controlled access to resources for supplying necessary information for the rendering device to effect performance of predetermined rendering operations;
said method comprising the steps of;
setting an access policy required to be adhered to by the organization according to a predefined data access format, the access policy comprising access parameters for controlling access by the rendering device to said necessary information;
providing, in accordance with an access policy actually adhered to by the organization, content data and related meta data and an organization application for manipulating the content data and related meta data, said access policy actually adhered to providing authorization for the rendering device to access said necessary information;
regardless of whether the access policy actually adhered to by the organization complies with the access policy required to be adhered to, setting a user policy for the rendering device that, while executing the organization application, further restricts access by the rendering device to said necessary information relative to the access policy actually adhered to by the organization; and
adjusting the user access policy, based on trust data applicable to the organization, for selectively determining what, if any, of said necessary information will be made accessible to the rendering device.
1 Assignment
0 Petitions
Accused Products
Abstract
A content distribution system (300) has access control according to a predefined data access format. The system has organizations (32) for providing content data and related meta data on record carriers (34), and a rendering device (39), and applications for manipulating the content data and related meta data. An access policy for the organization is set according to the predefined data access format, and has access parameters for controlling access to resources of the rendering device and to said content data and related meta data. An organization application (35) complying with the access policy of the organization for accessing said data is executed while accessing the resources of the rendering device according to the access policy of the organization. According to the invention a user access policy is maintained that restricts, for the organization application, access to the resources of the rendering device relative to the access policy of the organization. The user access policy is adjusted based on additional trust data for selectively allowing the organization application to access the resources according to the access policy of the organization. Hence the user controls the access that applications have to resources of the rendering device.
34 Citations
10 Claims
-
1. A method for managing access control in a content distribution system, the system comprising:
-
an organization for providing content data and related meta data; and a rendering device for rendering the content data and related meta data and executing an application, said rendering device having controlled access to resources for supplying necessary information for the rendering device to effect performance of predetermined rendering operations; said method comprising the steps of; setting an access policy required to be adhered to by the organization according to a predefined data access format, the access policy comprising access parameters for controlling access by the rendering device to said necessary information; providing, in accordance with an access policy actually adhered to by the organization, content data and related meta data and an organization application for manipulating the content data and related meta data, said access policy actually adhered to providing authorization for the rendering device to access said necessary information; regardless of whether the access policy actually adhered to by the organization complies with the access policy required to be adhered to, setting a user policy for the rendering device that, while executing the organization application, further restricts access by the rendering device to said necessary information relative to the access policy actually adhered to by the organization; and adjusting the user access policy, based on trust data applicable to the organization, for selectively determining what, if any, of said necessary information will be made accessible to the rendering device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium having stored thereon a computer program for causing a processor to manage access control in a content distribution system, the system comprising:
-
an organization for providing content data and related meta data; and a rendering device for rendering the content data and related meta data and executing an application, said rendering device having controlled access to resources for supplying necessary information for the rendering device to effect performance of predetermined rendering operations; said computer program causing the processor to perform the steps of; setting an access policy required to be adhered to by the organization according to a predefined data access format, the access policy comprising access parameters for controlling access by the rendering device and to said necessary information; providing, in accordance with an access policy actually adhered to by the organization, content data and related meta data and an organization application for manipulating the content data and related meta data, said access policy actually adhered to providing authorization for the rendering device to said necessary information; regardless of whether the access policy actually adhered to by the organization complies with the access policy required to be adhered to, setting a user access policy for the rendering device that, while executing the organization application, further restricts access by the rendering device to said necessary information relative to the access policy actually adhered to the organization; and adjusting the user access policy, based on trust data applicable to the organization, for selectively determining what, if any, of said necessary information will be made accessible to the rendering device.
-
-
8. A rendering device for rendering content data and related meta data for use in a content distribution system, the system comprising an organization for providing content data and related meta data;
-
said system being arranged for; setting an access policy required to be adhered to by the organization according to a predefined data access format, the access policy comprising access parameters for controlling access by the rendering device to necessary information for performing predetermined rendering operations; providing, in accordance with an access policy actually adhered to by the organization, content data and related meta data and an organization application for manipulating the content data and related meta data, said access policy actually adhered to providing authorization for the rendering device to access said necessary information; said rendering device further comprising an access control device for; regardless of whether the access policy actually adhered to by the organization complies with the access policy required to be adhered to, setting a user access policy for the rendering device that further restricts access by the rendering device to said necessary information relative to the access policy actually adhered to by the organization; and adjusting the user access policy, based on trust data applicable to the organization, for selectively determining what, if any, of said necessary information will be made accessible to the rendering device. - View Dependent Claims (9)
-
-
10. A database entity for use in a content distribution system comprising:
-
an organization for providing content data and related meta data; and a rendering device for rendering the content data and related meta data, said rendering device having controlled access to resources for supplying necessary information for the rendering device to effect performance of predetermined rendering operations; the system being arranged for; setting an access policy required to be adhered to by the organization according to a predefined data access format, the access policy comprising access parameters for controlling access by the rendering device to said necessary information; providing, in accordance with an access policy actually adhered to by the organization, content data and related meta data and an organization application for manipulating the content data and related meta data, said access policy actually adhered to providing authorization for the rendering device to access said necessary information; regardless of whether the access policy actually adhered to by the organization complies with the access policy required to be adhered to, setting a user access policy for the rendering device that, while executing the organization application, further restricts access by the rendering device to said necessary information relative to the access policy actually adhered to by the organization; and adjusting the user access policy, based on trust data applicable to the organization, for selectively determining what, if any, of said necessary information will be made accessible to the rendering device; said database entity maintaining said trust data.
-
Specification