1. A method, comprising:
receiving an authentication input at an authentication authority using an authentication protocol, the authentication input being associated with a client; and
providing one or more representations for the authentication input, each of the representations representing an attribute of the authentication input.
2. The method of claim 1, further comprising:
receiving an access request from a client at a server, the access request including the one or more representations of the authentication input;
comparing the one or more representations against an authorization policy accessible to the server; and
granting access to a resource if the one or more representations meet requirements of the authorization policy.
3. The method of claim 1, further comprising returning a token to the client using the authentication protocol, the token includes the one or more representations created from the validated authentication input, wherein receiving an access request includes receiving a token that includes the one or more representations.
4. The method of claim 3, wherein the authentication authority includes a Kerberos Key Distribution Center (KDC) in a Windows-based network and the tokens include Kerberos ticket granting tickets (TGTs), and wherein the representations are contained in the Privilege Attribute Certificate (PAC) of the Kerberos TGTs.
5. The method of claim 1, wherein the authentication input includes at least one of a strength attribute, a type attribute, and a type attribute.
6. The method of claim 2, further comprising notifying the client of an access grant to the resource.
7. The method of claim 2, wherein the authorization policy provides different access levels based on representations, and wherein granting access to a server includes grant a specific access level based on one or more attributes represented by the one or more representations.
8. The method of claim 5, wherein the authentication input includes at least one of a password, a hardware identity certificate, or a software identity certificate, and wherein the type attribute is configured to identify the authentication input as including at least one of a password, a hardware-based input, or a software-based input.
9. The method of claim 5, wherein the strength attribute is configured to identify one of a permutational complexity of a password or a cryptographic complexity of an identity certificate.
10. The method of claim 5, wherein the type attribute is configured to identify the authentication input as being obtained by one of a face-to-face request, a local network request, or a remote network request.
11. The method of claim 2, wherein the authorization policy is stored in one of a local location or a networked remote location.
12. The method of claim 2, wherein the server is a Windows-based server, and the local location is an Active Directory located on the Windows-based server.
13. The method of claim 2, wherein the resource is one of an operating system, an application, or a service on a resource server.
14. The method of claim 2, wherein comparing the one or more representations includes using at least one of an application, an operating system, a resource manager, or an authorization system to compare the one or more representations against an authorization policy.
15. The method of claim 2, wherein at least one of the representations and the authorization policy is formatted in one of Abstract Syntax Notation number One (ASN. 1), Extensible Markup Language (XML), or eXtensible rights Markup Language (XrML).
16. A computer readable medium having computer-executable instructions that, when executed, perform acts comprising:
receiving an authentication input at an authentication authority using an authentication protocol, the authentication input being associated with a client; and
returning a token to the client using the authentication protocol, the token includes one or more representations, wherein each claim represents an attribute of the authentication input.
17. The computer readable medium of claim 16, wherein the representations include representations that are represented by one of Object Identifiers (OlDs), Globally Unique Identifiers (GUIDs), Security Identifiers (SIDs), and strong representations.
18. The computer readable medium of claim 16, wherein the tokens include authorization tokens, service tokens, or Security Assertion Markup Language (SAML) tokens.
19. The computer readable medium of claim 16, wherein the authentication protocol is one a NT LAN Manager (NTLM) protocol, a Kerberos protocol, a Web Services (WS)-security protocol, a Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) protocol, a Secure Sockets Layer (SSL) protocol, and a Transport Layer Security (TLS) protocol.
20. A system, the system comprising:
one or more processors; and
memory to store a plurality of computer-executable instructions for execution by the one or more processors, the computer-executable instructions comprising:
receiving an authentication input at an authentication authority using an authentication protocol, wherein the authentication input is associated with a client; and
providing one or more representations for the authentication input, wherein each of the representations represents an attribute of the authentication input.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
1-17. (canceled)
18. A micromechanical component comprising:
a chip mounted on a substrate, and having an encapsulated chip area which is higher than its vicinity, a mounting area being provided in a vicinity of the encapsulated chip area;
wherein the chip is mounted on the substrate using a mounting arrangement which is connected to the mounting area, so that the encapsulated chip area faces the substrate and is positioned at a distance therefrom, the encapsulated chip area being surrounded by an underfill beneath the chip.
19. The micromechanical component of claim 18, wherein the mounting area includes a metal-plated area, and the mounting arrangement includes solder bumps for a flip-chip assembly.
20. The micromechanical component of claim 18, wherein the mounting area includes an adhesive area, and the mounting arrangement includes an adhesive arrangement.
21. The micromechanical component of claim 18, wherein the mounting area includes a welding area, and the mounting arrangement includes a welding zone.
22. The micromechanical component of claim 18, wherein the substrate includes an integrated circuit chip.
23. The micromechanical component of claim 18, wherein the chip includes at least one of a sensor chip, an actuator chip which has a sensor structure, and an actuator structure beneath the encapsulated chip area.
24. The micromechanical component of claim 18, wherein the substrate is mounted on a lead frame, and the component is surrounded by a plastic package.
25. The micromechanical component of claim 18, wherein the encapsulated chip area includes a cap-type cover for covering a functional area provided on a substrate, the cap-type cover having at least one perforated cover layer which is sealed by at least one sealing layer.
26. A method for making a micromechanical component, the method comprising:
providing a chip which includes an encapsulated chip area which is higher than its vicinity, and a mounting area in a vicinity of the encapsulated chip area;
mounting the chip on a substrate via a mounting arrangement, which is connected to the mounting area, so that the encapsulated chip area faces the substrate and is positioned at a distance therefrom; and
underfilling the chip so that the encapsulated chip area is surrounded by an underfill beneath the chip.
27. The method of claim 26, wherein the mounting area includes a metal-plated area, and the mounting arrangement includes solder bumps for a flip-chip assembly.
28. The method of claim 26, wherein the mounting area includes an adhesive area, and the mounting arrangement includes an adhesive arrangement.
29. The method of claim 26, wherein the mounting area includes a welding area, and the mounting arrangement includes a welding zone.
30. The method of claim 26, wherein the substrate includes an integrated circuit chip.
31. The method of claim 30, wherein a plurality of chips are mounted on a plurality of wafer-bonded IC chips, and the components are subsequently separated.
32. The method of claim 26, wherein the chip includes at least one of a sensor chip, an actuator chip which has a sensor structure, and an actuator structure beneath the encapsulated chip area.
33. The method of claim 26, wherein the substrate is mounted on a lead frame, and the component is surrounded by a plastic package.
34. The method of claim 26, wherein the encapsulated chip area includes a cap-type cover for covering a functional area provided on the substrate, the cap-type cover including at least one perforated cover layer which is sealed by at least one sealing layer.