Method and apparatus for providing reactive authorization

US 9,455,991 B2
Filed: 04/10/2015
Issued: 09/27/2016
Est. Priority Date: 05/28/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, via a processor, a request for access to at least one semantic network resource from a requesting entity,wherein an owner entity manages access to the semantic network resource;

causing, via the processor, a transmission of a notification to the requesting entity to initiate a creation of an authorization proxy entity, wherein the authorization proxy entity acts between the at least one semantic network resource and the requesting entity, wherein a decision by the owner entity to allow or deny access to the semantic network resource is determined, based on the authorization proxy entity, regarding whether the requesting entity should be linked to or discarded from a semantic graph of the at least one semantic resource, and wherein the authorization proxy entity has an access policy that determines a right to access the authorization proxy entity; and

causing, via the processor, an initiation of a deletion of the authorization proxy entity after a result of the decision is determined.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for providing reactive authorization for accessing a semantic network resource. An access application of a resource owner entity detects an authorization proxy entity acting between at least a semantic network resource and a requesting entity that requests access to the semantic network resource. The access application determines to cause, at least in part, actions that result in transmission of a query for whether to accept the requesting entity to an owner entity of the semantic network resource.

12 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, via a processor, a request for access to at least one semantic network resource from a requesting entity,wherein an owner entity manages access to the semantic network resource;
  
  causing, via the processor, a transmission of a notification to the requesting entity to initiate a creation of an authorization proxy entity, wherein the authorization proxy entity acts between the at least one semantic network resource and the requesting entity, wherein a decision by the owner entity to allow or deny access to the semantic network resource is determined, based on the authorization proxy entity, regarding whether the requesting entity should be linked to or discarded from a semantic graph of the at least one semantic resource, and wherein the authorization proxy entity has an access policy that determines a right to access the authorization proxy entity; and
  
  causing, via the processor, an initiation of a deletion of the authorization proxy entity after a result of the decision is determined.
- View Dependent Claims (2, 3, 4, 7)
- - 2. The method of claim 1, further comprising:
    - causing, at least in part, an encoding of the result of the decision in the semantic graph as one or more changes to the authorization proxy entity.
  - 3. The method of claim 2, wherein the requesting entity detects the one or more changes to the authorization proxy entity to determine the result of the decision.
  - 4. The method of claim 1, further comprising:
    - causing, at least in part, an establishment of a link between at least the requesting entity and the semantic network resource, when the owner entity accepts the requesting entity, orcausing, at least in part, a dropping a link between the authorization proxy entity and the semantic network resource, when the owner entity denies the requesting entity.
  - 7. The method of claim 4, wherein the authorization proxy entity is further created according to a reactive access policy set by the owner entity for accessing the semantic network resource, and the determinations are made at least in part based upon the reactive access policy.

5. The method of 1, further comprising:
- dropping a link between the authorization proxy entity and the semantic network resource after a predetermined time has passed since the transmission of the request.

6. The method of 4, further comprising:
- retrieving semantic information of the requesting entity; and
  
  causing, at least in part, a presentation of the semantic information to the owner entity.

8. A method comprising:
- causing, via a processor, a transmission of a request for accessing a semantic network resource,wherein an owner entity manages access to the semantic network resource;
  
  receiving, via a processor, a transmission of a notification which initiates a generation of an authorization proxy entity by an access application after the request is issued, wherein the authorization proxy entity determines a decision by the owner entity to allow or deny access to the semantic network resource, regarding whether a requesting entity should be linked to or discarded from a semantic graph of the at least one semantic resource, and has an access policy that determines a right to access the authorization proxy entity; and
  
  causing, at least in part, a deletion of the authorization proxy entity after a result of the decision is determined.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, further comprising:
    - causing, via the processor, a detection of one or more changes to the authorization proxy entity to determine the result of the decision, based on an encoding of the result of the decision in the semantic graph as the one or more changes to the authorization proxy entity.
  - 10. The method of claim 8, further comprising:
    - establishing one or more links between the requesting entity and the semantic network resource through the authorization proxy entity.
  - 11. The method of claim 10, further comprising:
    - detecting a direct link to the semantic network resource and accessing the semantic network resource through the direct link, when the owner entity accepts the requesting entity;
      
      ordropping the one or more links between the requesting entity and the semantic network resource through the authorization proxy entity, when the owner entity denies the request.

12. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,receive, via a processor, a request for access to at least one semantic network resource from a requesting entity,wherein an owner entity manages access to the semantic network resource;
  
  cause, via the processor, a transmission of a notification to the requesting entity to initiate a creation of an authorization proxy entity, wherein the authorization proxy entity acts between the at least one semantic network resource and the requesting entity, wherein a decision by the owner entity to allow or deny access to the semantic network resource is determined, based on the authorization proxy entity, regarding whether the requesting entity should be linked to or discarded from a semantic graph of the at least one semantic resource, and wherein the authorization proxy entity has an access policy that determines a right to access the authorization proxy entity; and
  
  cause, via the processor, an initiation of a deletion of the authorization proxy entity after a result of the decision is determined.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The apparatus of claim 12, further comprising:
    - cause, at least in part, an encoding of the result of the decision in the semantic graph as one or more changes to the authorization proxy entity.
  - 14. The apparatus of claim 13, wherein the requesting entity detects the one or more changes to the authorization proxy entity to determine the result of the decision.
  - 15. The apparatus of claim 12, wherein the apparatus is further caused to:
    - cause, at least in part, the establishment of a link between at least the requesting entity and the semantic network resource, when the owner entity accepts the requesting entity, orcause, at least in part, the dropping of a link between the authorization proxy entity and the semantic network resource, when the owner entity denies the requesting entity.
  - 16. The apparatus of claim 12, wherein the apparatus is further caused to:
    - drop a link between the authorization proxy entity and the semantic network resource after a predetermined time has passed since the transmission of the request.
  - 17. The apparatus of claim 15, wherein the apparatus is further caused to:
    - retrieve semantic information of the requesting entity; and
      
      cause, at least in part, the presentation of the semantic information to the owner entity.

18. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,cause, via a processor, a transmission of a request for accessing a semantic network resource,wherein an owner entity manages access to the semantic network resource;
  
  receive, via a processor, a transmission of a notification which initiates a generation of an authorization proxy entity by an access application after the request is issued, wherein the authorization proxy entity determines a decision by the owner entity to allow or deny access to the semantic network resource, regarding whether a requesting entity should be linked to or discarded from a semantic graph of the at least one semantic resource, and has an access policy that determines a right to access the authorization proxy entity; and
  
  cause, at least in part, a deletion of the authorization proxy entity after a result of the decision is determined.
- View Dependent Claims (19, 20)
- - 19. The apparatus of claim 18, wherein the apparatus is further caused to:
    - establish one or more links between the requesting entity and the semantic network resource through the authorization proxy entity.
  - 20. The apparatus of claim 19, wherein the apparatus is further caused to:
    - detect a direct link to the semantic network resource and accessing the semantic network resource through the direct link, when the owner entity accepts the requesting entity;
      
      ordrop the one or more links between the requesting entity and the semantic network resource through the authorization proxy entity, when the owner entity denies the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Grigoriev, Nikolai, Fortin, Sylvain, Thorkelsson, Halli
Primary Examiner(s)
SHAW, PETER C

Application Number

US14/683,430
Publication Number

US 20150215323A1
Time in Patent Office

536 Days
Field of Search

726/12
US Class Current

1/1
CPC Class Codes

G06F 16/36   Creation of semantic tools,...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

Method and apparatus for providing reactive authorization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for providing reactive authorization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links