| 摘要 |
Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; determine whether the one or more indicators of the protected resource data require consent from a resource owner of the protected resource data; transmit a request, to a user device associated with the resource owner, for consent from the resource owner in response to a determination that at least one of the one or more indicators require consent from the resource owner; generate an authorization code in response to receiving consent from the resource owner; and transmit, to the sending device of the request, the authorization code. |
| 主权项 |
1. A method comprising:
storing, by a device, a mapping between indicators and sensitivity levels, wherein the sensitivity levels include a first sensitivity level and a second sensitivity level, and wherein the first sensitivity level includes multiple levels that differ based on a method used to obtain consent from a resource owner; receiving, by the device and from another device, a request to authorize a release of one or more instances of protected resource data, wherein the request includes a device identifier that identifies the other device and one or more indicators that indicate one or more data attributes of the one or more instances of protected resource data being requested; authenticating the other device based on the device identifier included in the request; identifying, by the device, a sensitivity level of each indicator of the one or more indicators in response to a successful authentication of the other device, wherein the sensitivity level is any of multiple sensitivity levels including the first sensitivity level that requires consent from the resource owner to release one of the one or more instances of protected resource data indicated by one of the one or more indicators and the second sensitivity level that does not require consent from the resource owner to release the one of the one or more instances of protected resource data indicated by the one of the one or more indicators, and wherein the identifying includes identifying one or more sensitivity levels, corresponding to the one or more indicators included in the request, based on the mapping; determining, by the device, whether the one or more indicators of the one or more instances of protected resource data require consent, from the resource owner, to release the one or more instances of protected resource data, based on the identifying; requesting, by the device and to a user device associated with the resource owner, consent from the resource owner in response to determining that at least one of the one or more indicators requires consent from the resource owner to release at least one of the one or more instances of protected resource data; generating, by the device, an authorization code in response to receiving consent from the resource owner; and transmitting, by the device and to the other device, the authorization code. |
