| 发明名称 | Authenticating and authorizing a user by way of a digital certificate | ||
| 摘要 | An administrator may issue a credential to a user and may define a policy that authorizes its use based on a predefined location. The policy and the credential may be bound in a digital certificate signed by a trusted party. When the user operates a computing device to access a resource, the computing device may present the digital certificate to the resource. In turn, the resource may use the digital certificate to authenticate the user and to verify that the policy authorizes his or her access. | ||
| 申请公布号 | US9332002(B1) | 申请公布日期 | 2016.05.03 |
| 申请号 | US201313829885 | 申请日期 | 2013.03.14 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Bowen Peter Zachary |
| 分类号 | H04L29/06 | 主分类号 | H04L29/06 |
| 代理机构 | Baker & Hostetler LLP | 代理人 | Baker & Hostetler LLP |
| 主权项 | 1. A method of controlling access by a client node to a server node, the method comprising: transmitting from the client node a digital certificate associated with a user of the client node over a network to the server node in conjunction with a request to authenticate the user, the digital certificate comprising information indicative of a policy configured to authorize the user associated with the digital certificate based at least in part on a location restriction; receiving over a network, from the server node, information indicative that the user was granted access to a resource associated with the server node, the access being based at least in part on the information indicative of the policy; and accessing the resource associated with the server node based at least in part on the authentication and the authorization. | ||
| 地址 | Reno NV US | ||