Patent · US Active

Local evaluation of runtime authorization rules derived from externally-derived policy

US11146593B2 · kind B2 · utility

1Cited by

0References

24Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Richard James McCarty · Austin, US
Pradeep Kadiyala · Austin, US

Key dates

Filing date	May 10, 2019
Grant date	Oct 12, 2021
Priority date	—
Expiry date	Apr 9, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0815
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

An application-centric authorization model utilizes locally-evaluated rules derived from non-local policies and provided to the application via an authorization object, preferably in the subject's session context. Preferably, the approach does not involve a runtime determination regarding the policy or policies; rather, one or more existing policies are merely used to derive authorization rules associated with a subject, and which are then evaluated and enforced at runtime in a computationally-efficient manner within the local runtime context of the application or service.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.