| 摘要 |
Techniques for controlling access to at least one resource are provided. At least one shared key and at least one private key unique to one or more resource sets are generated. Each of the one or more resource sets identify the at least one resource. The at least one shared key and the at least one private key are transmitted to a security access point. The security access point controls access to the at least one resource. At least one resource key is generated. The resource key is a cryptographic function of the at least one private key and at least one resource identifier. The at least one resource key and the at least one shared key are transmitted to one or more local security managers. Each of the one or more local security managers is assigned to manage one of the one or more resource sets. In accordance with one or more policies, the one or more local security managers generate at least one credential using the at least one resource key and the at least one shared key. The at least one credential is distributed to one or more authenticated clients. Further, the at least one credential is used to grant the one or more authenticated clients access to the one or more resource sets through the security access point.
|
