×

Methods and systems for gradual expiration of credentials

  • US 10,007,779 B1
  • Filed: 09/29/2015
  • Issued: 06/26/2018
  • Est. Priority Date: 09/29/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • receiving, at a first access request time, a first access request for accessing a resource using a credential, the first access request time occurring after an initial expiration time associated with the credential and before a final expiration time, the final expiration time determined by adding a predetermined grace period to the initial expiration time;

    selecting a first access rule from a plurality of access rules based at least in part on first durations between the first access request time, the initial expiration time, and the final expiration time;

    determining a first access right with respect to the resource based at least in part on the selected first access rule, the first access right configured to be more restrictive than an access granted prior to the initial expiration time;

    generating a first access response corresponding to the first access request based at least in part on the first access right;

    receiving, at a second access request time, a second request for accessing the resource using the credential, the second access request time occurring after the first access request time and before the final expiration time;

    selecting a second access rule from the plurality of access rules based at least in part on second durations between the second access request time, the initial expiration time, and the final expiration time;

    determining a second access right with respect to the resource based at least in part on the selected second access rule, historical access data associated with aggregated user behavior for selected previous access to the resource, and one or more attributes associated with sensor data indicating security breaches at the resource, the second access right being more restrictive than the first access right; and

    generating a second access response corresponding to the second access request based at least in part on the second access right.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×