| 发明名称 |
RESOURCE ACCESS CONTROL USING A VALIDATION TOKEN |
| 摘要 |
Access to a resource controlled by a resource server (6, 8) is provided using a validity token issued by a validation server (4). When a resource request from a user (12) is received at the resource server (6, 8), then the resource server (6, 8) determines if the resource request satisfies a policy. If the resource request satisfies the policy, then access to the resource may be permitted without confirming the validity of the validation token with the validation server (4). Conversely, if the resource request does not satisfy the policy, then validation of the validation token with the validation server (4) is performed before the access requested is permitted. |
| 申请公布号 |
US2017126685(A1) |
申请公布日期 |
2017.05.04 |
| 申请号 |
US201515317805 |
申请日期 |
2015.05.29 |
| 申请人 |
ARM IP LIMITED |
发明人 |
TAYLOR Robert George;MERIAC Milosch;PRITCHARD Andrew John;TSCHOFENIG Hannes;PAOLA Christopher Mark |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of controlling access by a user to a resource controlled by a resource server, said method comprising the steps of:
receiving at a validation server a validation request from said user; if said validation request meets one or more validation criteria, then issuing to said user a validation token; receiving at said resource server a resource request and said validation token from said user seeking to access said resource; determining at said resource server if said resource request satisfies a policy and (i) if said resource request satisfies said policy, then permitting said user to access said resource without confirming validity of said validation token with said validation server; and (ii) if said resource request does not satisfy said policy, then confirming validity of said validation token with said validation server before permitting said user to access said resource. |
| 地址 |
Cambridge GB |
