Systems and methods for supporting information security and sub-system operational protocol conformance
First Claim
Patent Images
1. A system comprising:
- one or more data processors; and
a non-transitory, computer-readable storage medium containing instructions which, when executed on the one or more data processors, cause the one or more data processors to perform actions including;
detecting a request from an agent device;
responsive to the request, identifying an access-right indicator configured to enable determination of which type of access for electronic resources are to be granted;
generating or retrieving one or more identifiers for the agent device, the one or more identifiers uniquely corresponding to the agent device amongst a set of agent devices and being configured to inhibit identity discovery;
generating a credential for the agent device that represents the access-right indicator and the one or more identifiers;
storing, in a data store, the credential in association with a token;
transmitting an instance of the token to the agent device;
receiving a request communication from the agent device, the request communication comprising the instance of the token;
querying the data store with the instance of the token;
in response to the query, receiving the credential from the data store; and
transmitting, to the agent device or a second device, the credential in response to the request communication.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described that support information security and sub-system operational conformance with protocols. In some embodiments, agent access to resources can be controlled via generation of credentials and/or tokens and/or conditioned external authentication. In some embodiments, workflows used to assess protocol conformance can be conditionally triggered at sub-systems.
136 Citations
20 Claims
-
1. A system comprising:
-
one or more data processors; and a non-transitory, computer-readable storage medium containing instructions which, when executed on the one or more data processors, cause the one or more data processors to perform actions including; detecting a request from an agent device; responsive to the request, identifying an access-right indicator configured to enable determination of which type of access for electronic resources are to be granted; generating or retrieving one or more identifiers for the agent device, the one or more identifiers uniquely corresponding to the agent device amongst a set of agent devices and being configured to inhibit identity discovery; generating a credential for the agent device that represents the access-right indicator and the one or more identifiers; storing, in a data store, the credential in association with a token; transmitting an instance of the token to the agent device; receiving a request communication from the agent device, the request communication comprising the instance of the token; querying the data store with the instance of the token; in response to the query, receiving the credential from the data store; and transmitting, to the agent device or a second device, the credential in response to the request communication. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-program product tangibly embodied in a non-transitory, machine-readable storage medium, including instructions configured to cause one or more data processors to perform actions including:
-
detecting a request from an agent device; responsive to the request, identifying an access-right indicator configured to enable determination of which type of access for electronic resources are to be granted; generating or retrieving one or more identifiers for the agent device, the one or more identifiers uniquely corresponding to the agent device amongst a set of agent devices and being configured to inhibit identity discovery; generating a credential for the agent device that represents the access-right indicator and the one or more identifiers; storing, in a data store, the credential in association with a token; transmitting an instance of the token to the agent device; receiving a request communication from the agent device, the request communication comprising the instance of the token; querying the data store with the instance of the token; in response to the query, receiving the credential from the data store; and transmitting, to the agent device or a second device, the credential in response to the request communication. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for facilitating information security and sub-system operational conformance of protocols, the method comprising:
-
detecting a request from an agent device; responsive to the request, identifying an access-right indicator configured to enable determination of which type of access for electronic resources are to be granted; generating or retrieving one or more identifiers for the agent device, the one or more identifiers uniquely corresponding to the agent device amongst a set of agent devices and being configured to inhibit identity discovery; generating a credential for the agent device that represents the access-right indicator and the one or more identifiers; storing, in a data store, the credential in association with a token; transmitting an instance of the token to the agent device; receiving a request communication from the agent device, the request communication comprising the instance of the token; querying the data store with the instance of the token; in response to the query, receiving the credential from the data store; and transmitting, to the agent device or a second device, the credential in response to the request communication. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification