| 摘要 |
PURPOSE: A DRM(Digital Rights Management)-enabled policy management for an SP(Service Provider) in a federated environment is provided to enforce a digital rights management (DRM) scheme associated with a portion of content. CONSTITUTION: A trust service(414), or a distinct identity-and-attribute service as mentioned above, may include (or interact with) an internalized component as an STS(Security Token Service) component(416), which will provide token translation and will invoke ASR(Authentication Service Runtime)(418) to validate and generate tokens. The security token service provides the token issuance and validation services required by the trust service, which may include identity translation. The security token service therefore includes an interface for existing authentication service runtimes, or it incorporates authentication service runtimes into the service itself. Rather than being internalized within the trust service, the security token service component may also be implemented as a stand-alone component, e.g., to be invoked by the trust service, or it may be internalized within a transaction server, e.g., as part of an application server.
|
