Access requests at IAM system implementing IAM data model

Assignee

• Bank of America Corporation · US

Inventors

• John Howard Kling · Bellevue, US
• Bryan Thompson · Fort Worth, US
• Ward Green · Charlotte, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2141
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods are provided for provisioning access rights to physical computing resources using an IAM system implementing an IAM data model. The IAM data model may identify logical and physical computing resources. An access request handler may receive an access request and identify a set of logical permissions based on the access request. The access request handler may derive a set of logical entitlements based on the set of logical permissions. An entitlement translator may translate the set of logical entitlements to a physical entitlement specification based on a set of physical permission specifications associated with the set of logical permissions. A physical permission specification may be obtained by mapping a logical permission to one or more physical permissions. An access control manager may then provision access rights to at least one physical computing resource indicated in the physical entitlement specification.