Conventional content management systems, such as that shown in FIG. 1, typically include a Library Server (LS), one or more Resource Managers (RMs) and a client access application program interface (API). A client is coupled by a network to the API and seeks information stored in the Resource Manager. The Library Server stores metadata relating to all objects or data stored in the Resource Manager. The Library Server also controls the particular objects that a particular client user can access. The Library Server governs the level of access permitted a particular user, for example, 1) read access, 2) write access, 3) play, 4) update, 5) delete and so forth.
Users can submit requests through the API to search or retrieve metadata stored in the Library Server or objects stored in the Resource Manager. In one conventional access management method, the client user must obtain permission in the form of an access token from the Library Server prior to accessing a specific object stored in the Resource Manager. In this method the client user first sends a request to the Library Server asking to access one or more particular objects. The Library Server tests to determine if the client user has the privilege to access the particular object. If the client user is found to have the appropriate privilege, the Library Server generates a unique object ID (object identification) and an associated access token for each requested object. The object ID's and respective tokens are transmitted back to the client user. The client user then uses the object ID and respective access token to access objects stored in the Resource Manager. When the Resource Manager receives a request for an object from the client user, it validates the access token against the requested object. If the token is valid, the Resource Manager grants the request for access to the object and the object is transmitted to the client user. If the token is not found to be valid, the Resource Manager rejects the request for access.
Conventional token-based access control mechanisms such as that described above allow access tokens to be freely passed from one user to another. Such tokens are typically referred to as “transferable tokens”. Transferable tokens permit users who have obtained an access token from the Library Server to pass it along to other users. The Resource Manager does not check to determine if the user possessing the access token is the same user who originally obtained the access token from the Library Server.
This conventional token-based access control mechanism provides a good solution for managing access to objects stored in Resource Managers. Unfortunately, however, if the token falls into the wrong hands, an unintended party may access the information corresponding to the token.
What is needed is a mechanism and methodology to provide higher security to token-based access content management systems by denying access should the token fall into the wrong hands.