Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Mandatory authorization method for application permission in unified identity authentication system

A technology of identity authentication and application authority, applied in the field of information security, can solve problems such as inability to apply entrusted authorization, and achieve the effects of promoting user experience and acceptance, protecting privacy, and reducing integrated development costs

Inactive Publication Date: 2010-11-24
ZHEJIANG ICINFO TECH
View PDF3 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The present invention provides a method for entrusting authorization of application rights in a unified identity authentication system. On the basis of avoiding changing the framework of the existing unified identity authentication system, the method makes full use of an attribute-based authorization mechanism to realize access authorization. The function of delegated authorization for applications solves the deficiency that the existing unified identity authentication system cannot delegate authorization for applications

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mandatory authorization method for application permission in unified identity authentication system
  • Mandatory authorization method for application permission in unified identity authentication system
  • Mandatory authorization method for application permission in unified identity authentication system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] as attached Figure 1~3 As shown, the method for delegated authorization of application permissions in the unified identity authentication system includes the following steps:

[0023] (1) The principal selects the application or application internal permission that needs to be authorized through the delegation management module. The application or application permission comes from the authorization management module of the unified identity authentication system, or is customized by the user.

[0024] (2) The delegator selects the delegator, and determines to delegate the selected application authority authorization to the delegator.

[0025] (3) After the client confirms the delegation, the delegation management module will add a record in the delegate attribute (delegate) of the client, which records the URL of the selected application and the identifier of the client (for example, the student number ) and whether the principal has accepted it. For example

[0026]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a mandatory authorizing method for application permission in a unified identity authentication system. A mandatory administration module expresses the mandatory information and mandatory acceptance information of a user into two attributes, the two attributes are transmitted to the accessed application by utilizing the transmission mechanism of the existing unified identity authentication system, and authorized logics for mandatory administration attributes are added during application access reconstruction, thereby realizing mandatory authorization to the application. The method can prevent the mandatary from illegally visiting other sensitive applications of the principal, thereby protecting privacy of the user. In addition, the method slightly or hardly changes the existing unified identity authentication system, so only low integration development cost is required for realizing the powerful function of mandatory administration, thereby being beneficial to popularization of the mode.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method for entrusting authorization for application rights in a unified identity authentication system. Background technique [0002] Most of the current unified identity authentication systems establish a unified single sign-on and access control server. All application systems connected to the unified identity authentication system will interact with this server to obtain corresponding login information, session information, attribute information or Policy information to determine whether the user is legal, whether to authorize the user, and whether to allow the user to access the application. When accessing, the application needs to be modified to a certain extent, such as adding a code that obtains user attributes and authorizes through the hypertext transfer protocol header attribute (HttpHeader) or application programming interface (API) call in the applicati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 刘维红阮林磊蒋淑红羊杰苏斌方君理
Owner ZHEJIANG ICINFO TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com