Systems and methods for administrating access in an on-demand computing environment
First Claim
Patent Images
1. A system for managing protected data resources, comprising:
- a resource server configured to store the protected data resources; and
an authorization module coupled to the resource server and configured to store access protocols,the authorization module further configured to receive a service request from a user via a client module, the service request including user credentials,the authorization module further configured to evaluate the user credentials to determine when the service request is from a legitimate user, andwherein, when the authorization module determines that the user credentials are acceptable, the authorization module is configured to evaluate the service request based on the access protocols and send an authorization code to the user based on the access protocols,the authorization module further configured to receive a token request with the authorization code from the user via the client module and to send an access token to the client module based on the authorization code for accessing the protected data resources of the resource server,wherein the authorization module is configured to receive an administration request from an administrator device, the administration request including administrator credentials,the authorization module configured to evaluate the administrator credentials to determine when the administration request is from a legitimate administrator and,wherein, when the authorization module determines that the administrator credentials are acceptable, the authorization module is configured to provide a location reference for an administration program stored on the authorization module to the administrator device based on the administrator credentials such that, upon execution of the administration program, administration capabilities from the administration program are installed on the administrator device, andwherein the authorization module is configured to receive and store the access protocols from the administrator device generated with the administration capabilities, the access protocols comprising a data table that defines rights associated with the protected data resources for a list of users or groups.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is provided for managing protected data resources. The system includes a resource server configured to store the protected data resources and an authorization module coupled to the resource server and configured to store access protocols. The authorization module further is configured to receive a service request from a user via a client module, evaluate the service request based on the access protocols, and send an access token to the client module if the user satisfies the access protocols.
165 Citations
15 Claims
-
1. A system for managing protected data resources, comprising:
-
a resource server configured to store the protected data resources; and an authorization module coupled to the resource server and configured to store access protocols, the authorization module further configured to receive a service request from a user via a client module, the service request including user credentials, the authorization module further configured to evaluate the user credentials to determine when the service request is from a legitimate user, and wherein, when the authorization module determines that the user credentials are acceptable, the authorization module is configured to evaluate the service request based on the access protocols and send an authorization code to the user based on the access protocols, the authorization module further configured to receive a token request with the authorization code from the user via the client module and to send an access token to the client module based on the authorization code for accessing the protected data resources of the resource server, wherein the authorization module is configured to receive an administration request from an administrator device, the administration request including administrator credentials, the authorization module configured to evaluate the administrator credentials to determine when the administration request is from a legitimate administrator and, wherein, when the authorization module determines that the administrator credentials are acceptable, the authorization module is configured to provide a location reference for an administration program stored on the authorization module to the administrator device based on the administrator credentials such that, upon execution of the administration program, administration capabilities from the administration program are installed on the administrator device, and wherein the authorization module is configured to receive and store the access protocols from the administrator device generated with the administration capabilities, the access protocols comprising a data table that defines rights associated with the protected data resources for a list of users or groups. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method of regulating access to protected data resources, the method comprising:
-
receiving a service request at an authorization module from a user via a client module to access the protected data resources stored in a resource server, the service request including user credentials; evaluating the user credentials to determine when the service request is from a legitimate user; evaluating, when determining that the user credentials are acceptable, the service request with the authorization module based on access protocols; sending an authorization code to the user based on the access protocols; receiving a token request with the authorization code from the user via the client module; sending an access token to the client module to access the protected data resources; and receiving an administration request at the authorization module from an administrator device and providing administration capabilities to the administrator device, the administration request including administrator credentials, evaluating the administrator credentials to determine when the administration request is from a legitimate administrator; providing, when the authorization module determines that the administrator credentials are acceptable, a location reference for an administration program stored on the authorization module to the administrator device based on the administrator credentials such that, upon execution of the administration program, administration capabilities from the administration program are installed on the administrator device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system comprising a processor and a memory, wherein the memory comprises computer-executable instructions that, when executed by the processor, cause the system to:
-
receive a service request from a user via a client module, the service request including user credentials, evaluate the user credentials to determine when the service request is from a legitimate user; evaluate, when determining that the user credentials are acceptable, the service request based on the access protocols, and send an authorization code to the user based on the access protocols, receive a token request with the authorization code from the user via the client module; send an access token to the client module to access the protected data resources, wherein the instructions additionally cause the system to receive an administration request at the authorization module from an administrator device, the administration request including administrator credentials, evaluate the administrator credentials to determine when the administration request is from a legitimate administrator; provide, when the authorization module determines that the administrator credentials are acceptable, a location reference for an administration program stored on the authorization module such that upon execution of the administration program, administration capabilities are installed on the administrator device, and store the access protocols from the administrator device generated with the administration capabilities. - View Dependent Claims (14, 15)
-
Specification