摘要 |
According to one embodiment, an apparatus may store a plurality of token-based rules that facilitate access to a resource, and a plurality of tokens indicating a user is using a device to request access to a resource over a network. The apparatus may receive a risk token indicating the risk associated with granting at least one of the user and the device access to the resource. The risk token may be computed from a set of tokens in the plurality of tokens. The apparatus may determine at least one token-based rule based at least in part upon the plurality of tokens and the risk token. The apparatus may then make an access decision based upon the at least one token-based rule, and communicate a decision token representing the access decision.
|