Restriction transitivity for session credentials

Restriction transitivity for session credentials

Transitive restrictions can be applied to requests received on a session. A session token can be issued for an active session, and a transitivity setting specified to indicate the types of requests for which the transitive restriction is to be enforced. This can include enforcing the restriction on...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Naydichev, Julian Eric, Akinapally, Praveen, Frenkel, Dmitry, Cahill, Conor Patrick, Agarwal, Ankur, Kats, Lennart Christopher Leon, Jain, Rachit
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Transitive restrictions can be applied to requests received on a session. A session token can be issued for an active session, and a transitivity setting specified to indicate the types of requests for which the transitive restriction is to be enforced. This can include enforcing the restriction on requests received from outside a trusted environment, requests within a scope of enforcement, or enforcing the restriction at request authentication. Any request received from an untrusted source that fails to satisfy the transitive restriction will be denied. Requests from inside the trusted environment may not have the transitive restriction enforced, such as where a new token is issued. This enables services within the environment to make calls on behalf of the customer, while ensuring that third parties obtaining the session token cannot successfully initiate such calls.