Field of the Invention
The present invention relates to an authorization delegation system, a control method, an authorization server, and a storage system.
Description of the Related Art
In recent years, the use of a service developed on the internet referred to as a “cloud service” is expanding. For example, managing a customer relationship by using a CRM (Customer Relationship Management) service is expanding in the business field. Furthermore, performing information transmission or information gathering by using SNS (Social Networking Service) is expanding not only in private but also in the business field.
In addition, a number of these cloud services individually publishes an API (Application Programming Interface) for a Web service. Accordingly, it becomes possible to use a function provided by a service via API from other applications or cloud services. And therefore, functions referred to as mash-ups, which combine the APIs published from a plurality of cloud services and configures it if it were a one web service, are spreading. When viewed from a service provider, preferably the mechanism for cooperating between the cloud services is should be easy to implement.
In contrast, due to an increase in use opportunities of mash-up functions cooperating with a plurality of cloud services, more information than the user desired is exchanged between the plurality of cloud services, and the risk of the leakage of user data or personal information is increasing. Originally, in the respective cloud service, it is not preferable to acquire the user data, personal information, or the like more than necessary. Further, the risk that the user data or personal information will be provided to a cloud service with which the user does not desire to cooperate increases.
In such circumstances, a protocol referred to as OAuth 2.0 for realizing cooperation of authorization is being developed. A description of OAuth 2.0 is given below. In Japanese Patent Laid-Open No. 2014-067379, a technology using OAuth 2.0 is disclosed.