METHOD AND APPARATUS FOR USER AND ENTITY ACCESS MANAGEMENT FOR CODE SIGNING ONE OR MORE OF A PLURALITY OF DEVICES
First Claim
1. In system for managing the signing of data from at least one of a plurality of data publishers, a method of managing the signing of data for use with one or more of an plurality of devices of an application platform, each device a member of a device family of the application platform, the data to be installed on the one or more of the plurality of devices according to a management model of the device family, the method comprising:
- defining, by an administrator of the system, a hierarchy of a plurality of entities, the plurality entities comprising, in decreasing hierarchical order;
an application platform entity, having a sole owner;
at least one project entity for each application platform entity, the project entity comprising the device family;
at least one model entity for each project entity, the model entity defining the installation of the data on devices associated with the model entity; and
at least one configuration entity for each model entity, the configuration entity defining the data to be installed on devices associated with the configuration entity;
managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts, the plurality of accounts comprising;
an owner account of the application platform entity, the owner account issued only to the sole owner of the application platform entity, the owner account providing;
sole eligibility to authorize access the application platform entity;
eligibility to permit authorization of access to any of the plurality of entities hierarchically below the application platform entity; and
eligibility to authorize users associated with the owner account to access at least one configuration entity hierarchically below the application platform entity to sign the data to be installed on the devices associated with the at least one configuration entity;
at least one participant account of the application platform entity or the at least one project entity, providing;
eligibility to authorize users associated with the participant account and no other participant account to access at least one configuration entity hierarchically below the application platform entity or the at least one project entity, respectively, to sign the data to be installed on the devices associated with the at least one configuration entity.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus is provided for managing the eligibility of data signing in an online code signing system. The method is used by a plurality of data publishers in an online code signing system. The method includes defining, by an administrator of the system, a hierarchy of a plurality of entities, and managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts and eligibility to designate at least one of a plurality of managers via owner account to manage user access to sign data for at least one model entity.
2 Citations
20 Claims
-
1. In system for managing the signing of data from at least one of a plurality of data publishers, a method of managing the signing of data for use with one or more of an plurality of devices of an application platform, each device a member of a device family of the application platform, the data to be installed on the one or more of the plurality of devices according to a management model of the device family, the method comprising:
-
defining, by an administrator of the system, a hierarchy of a plurality of entities, the plurality entities comprising, in decreasing hierarchical order; an application platform entity, having a sole owner; at least one project entity for each application platform entity, the project entity comprising the device family; at least one model entity for each project entity, the model entity defining the installation of the data on devices associated with the model entity; and at least one configuration entity for each model entity, the configuration entity defining the data to be installed on devices associated with the configuration entity; managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts, the plurality of accounts comprising; an owner account of the application platform entity, the owner account issued only to the sole owner of the application platform entity, the owner account providing; sole eligibility to authorize access the application platform entity; eligibility to permit authorization of access to any of the plurality of entities hierarchically below the application platform entity; and eligibility to authorize users associated with the owner account to access at least one configuration entity hierarchically below the application platform entity to sign the data to be installed on the devices associated with the at least one configuration entity; at least one participant account of the application platform entity or the at least one project entity, providing; eligibility to authorize users associated with the participant account and no other participant account to access at least one configuration entity hierarchically below the application platform entity or the at least one project entity, respectively, to sign the data to be installed on the devices associated with the at least one configuration entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system managing the signing of data for use with one or more of an plurality of devices of an application platform, each device a member of a device family of the application platform, the data to be installed on the one or more of the plurality of devices according to a management model of the device family, comprising:
-
a processor; and a memory, communicatively coupled to the processor, the memory storing instructions comprising instructions for; defining, by an administrator of the system, a hierarchy of a plurality of entities, the plurality entities comprising, in decreasing hierarchical order; an application platform entity, having a sole owner; at least one project entity for each application platform entity, the project entity comprising the device family; at least one model entity for each project entity, the model entity defining the installation of the data on devices associated with the model entity; and at least one configuration entity for each model entity, the configuration entity defining the data to be installed on devices associated with the configuration entity; managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts, the plurality of accounts comprising; an owner account of the application platform entity, the owner account issued only to the sole owner of the application platform entity, the owner account providing; sole eligibility to authorize access the application platform entity; and eligibility to permit authorization of access to any of the plurality of entities hierarchically below the application platform entity; eligibility to authorize users associated with the owner account to access at least one configuration entity hierarchically below the application platform entity to sign the data to be installed on the devices associated with the at least one configuration entity; at least one participant account of the application platform entity or the at least one project entity, providing; eligibility to authorize users associated with the participant account and no other participant account to access at least one configuration entity hierarchically below the application platform entity or the at least one project entity, respectively, to sign the data to be installed on the devices associated with the at least one configuration entity. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for managing the signing of data from at least one of a plurality of data publishers, a method of managing the signing of data for use with one or more of an plurality of devices of an application platform, each device a member of a device family of the application platform, the data to be installed on the one or more of the plurality of devices according to a management model of the device family, the method comprising:
-
means for defining, by an administrator of the system, a hierarchy of a plurality of entities, the plurality entities comprising, in decreasing hierarchical order; an application platform entity, having a sole owner; at least one project entity for each application platform entity, the project entity comprising the device family; at least one model entity for each project entity, the model entity defining the installation of the data on devices associated with the model entity; and at least one configuration entity for each model entity, the configuration entity defining the data to be installed on devices associated with the configuration entity; means for managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts, the plurality of accounts comprising; an owner account of the application platform entity, the owner account issued only to the sole owner of the application platform entity, the owner account providing; sole eligibility to authorize access the application platform entity; and eligibility to permit authorization of access to any of the plurality of entities hierarchically below the application platform entity; eligibility to authorize users associated with the owner account to access at least one configuration entity hierarchically below the application platform entity to sign the data to be installed on the devices associated with the at least one configuration entity; at least one participant account of the application platform entity or the at least one project entity, providing; eligibility to authorize users associated with the participant account and no other participant account to access at least one configuration entity hierarchically below the application platform entity or the at least one project entity, respectively, to sign the data to be installed on the devices associated with the at least one configuration entity. - View Dependent Claims (18, 19, 20)
-
Specification