摘要 |
This invention generally relates to methods, systems and computer program code for flexible but secure delegation, particularly where a chain of accountability is required in a system where trust is delegated. A method of delegation is described, for delegating from a first data processing entity to a second data processing entity, said first and second entities having a bidirectional communication link with one another. The method comprises sending a delegation token from said first entity to said second entity, said delegation token including information relating to a delegation request; receiving a reply from said second entity at said first entity, said reply including information for determining acceptance of delegation represented by said delegation token by said second entity; and sending a signature from said first entity to said second entity responsive to said reply, said signature comprising a signature of at least said delegation token. |