Techniques for enforcing application environment based security policies using role based access control

Assignee

• Oracle International Corporation · US

Inventors

• Janaki Narasinghanallur · San Ramon, US
• Min-Hank Ho · Redwood Shores, US
• Thomas Keefe · Mill Valley, US
• Eric Sedlar · San Francisco, US
• Chi Ching Chui · San Ramon, US
• Vikram Pesati · San Jose, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/6218
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

An application platform examines, at runtime, various specified aspects of an application environment in which an application interacts with a user. Such examinations are made to determine a state for each of the various specified aspects. Further, the platform automatically activates particular application environment roles for the user depending on the result of the examinations. For example, an application environment role may be activated representing a particular detected mode of communication (e.g., encrypted network communications) or a particular detected manner of authentication (e.g., password authentication). Such activations are based on the detected states and specified states for the various specified aspects of the application environment. Such activations may occur in the context of an application attempting to perform an operation on an access controlled object on behalf of a user. Further, such activations may occur in the context of establishing or maintaining a user session for a user of an application.