摘要 |
A method for performing delegation of resources, in particular services, wherein a user—resource owner—has access to a resource offered by a service provider and wherein the resource is delegated to at least one other user—delegate—by using delegation credentials, is characterized in that the method includes the steps of defining authorization rules for the delegate regarding resource access restrictions and registering the authorization rules at an identity provider thereby employing the delegation credentials, performing an authentication of the delegate at the service provider, and performing an authorization of the delegate at the identity provider based on the authorization rules. Furthermore, a corresponding system is disclosed.
|