×

System and method for a facet security model

  • US 9,825,821 B2
  • Filed: 09/27/2013
  • Issued: 11/21/2017
  • Est. Priority Date: 09/27/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • receiving a request to issue a first facet;

    identifying an endpoint with a resource for which the first facet is valid;

    identifying a set of actions capable of being performed on the resource;

    creating the first facet based, at least in part, on the set of actions and first validity information, wherein the first validity information includes a count of use parameter, a time duration parameter, and a periodic time duration parameter that indicate a validity of the first facet;

    issuing the first facet for a first entity, the first facet indicating the resource upon which the first entity is authorized to perform the set of actions;

    creating a URL endpoint uniquely identifying the endpoint and comprising an action request for the resource;

    identifying one or more input parameters for the action request; and

    preassembling a facet URL based on the URL endpoint, the one or more input parameters, and the first facet, wherein the first facet is delegated from a second facet, the second facet comprising a set of capabilities indicating a plurality of resources upon which a second entity holding the second facet is authorized to perform actions, wherein the first facet includes a subset of the set of capabilities of the second facet, the subset containing fewer capabilities than the set of capabilities of the second facet, wherein the second facet comprises second validity information that indicates a validity of the second facet, wherein at least one parameter of the first validity information is reduced from the second validity information.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×