Apparatus and methods for providing authorized device access

摘要

Methods, apparatus, and systems are described for providing an accessor device an access credential to interact with a device resource on an accessee device. An authorization entity having a trust relationship with the accessee device, or a linked subordinate authorization entity, generates the access credential. The access credential includes a modification detection indicator, at least one access privilege, and an accessor public key. The at least one access privilege corresponds to at least one device resource on the accessee device. The authorization entity forwards the access credential to the accessor device, which presents the access credential to the accessee device for authentication. Once authenticated, the accessee device grants access to one or more device resources, and controls requests to insure they are within the scope of the at least one access privilege.

主权项

1. A method of gaining authorized access to a restricted resource on another device, comprising:
receiving, at an accessor device, an access credential from an external authorization entity having a trust relationship with an accessee device, wherein the access credential includes at least a modification detection indicator created by the external authorization entity; communicating, to the accessee device, at least the access credential and a request to interact with at least one resource on the accessee device; and receiving, at the accessor device, a result of an access authentication process that verifies an authenticity of the access credential based on the modification detection indicator created by the external authorization entity and grants or denies the accessor device access to the at least one resource on the accessee device in response to verifying a proof of identity associated with the accessor device based on an accessor public key.