Patent · US Active

Quantifying permissiveness of access control policies using model counting techniques and automated policy downscaling

US11165783B1 · kind B1 · utility

7Cited by

1References

20Claims

0Family size

Assignee

AMAZON TECHNOLOGIES, INC. · US

Inventors

William Joel Eiers · Rancho Cordova, US
Liana Sorina Hadarean · Sunnyvale, US
Kasper Soe Luckow · Sunnyvale, US
Neha Rungta · San Jose, US

Key dates

Filing date	Dec 13, 2019
Grant date	Nov 2, 2021
Priority date	—
Expiry date	Apr 17, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/34
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Systems and methods for quantifying permissiveness of access control policies using model counting techniques and automated policy downscaling are disclosed. A policy service receives an initial access policy and transforms the access policy into an access constraint compatible with a constraint solver. The policy service determines a degree of permissiveness of the policy based on a number of distinct solutions to the access constraint identified by the constraint solver. Using data associated with access requests precisely allowed by the initial access policy and the initial access policy, the policy service generates a modified policy by adding additional constraints to the access policy and determining that the modified policy is less permissive than the initial access policy.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.