Method and system for dynamically implementing an enterprise resource policy
First Claim
Patent Images
1. A centralized system to process authenticated user requests to access resources, comprising:
- a coded policy corresponding to each resource;
a policy enforcement point operable to receive a user request to access a resource;
an authentication mechanism to authenticate an identity of the user;
a sever operable to;
receive the user request to access the resource from the user with an authenticated identity;
retrieve a rule associated with the user request;
determine and retrieve data elements required to evaluate the user request;
evaluate the user request in real time;
allow the user request to access the resource when the evaluation of the user request is favorable; and
deny the user request to access the resource when the evaluation of the user request is unfavorable.
5 Assignments
0 Petitions
Accused Products
Abstract
A rules evaluation engine that controls user'"'"'s security access to enterprise resources that have policies created for them. This engine allows real time authorization process to be performed with dynamic enrichment of the rules if necessary. Logging, alarm and administrative processes for granting or denying access to the user are also realized. The access encompasses computer and physical access to information and enterprise spaces.
-
Citations
20 Claims
-
1. A centralized system to process authenticated user requests to access resources, comprising:
-
a coded policy corresponding to each resource;
a policy enforcement point operable to receive a user request to access a resource;
an authentication mechanism to authenticate an identity of the user;
a sever operable to;
receive the user request to access the resource from the user with an authenticated identity;
retrieve a rule associated with the user request;
determine and retrieve data elements required to evaluate the user request;
evaluate the user request in real time;
allow the user request to access the resource when the evaluation of the user request is favorable; and
deny the user request to access the resource when the evaluation of the user request is unfavorable. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method to process authenticated user requests to access resources, comprising:
-
receiveing a user request to access a resource;
authenticating an identity of the user;
receiving the user request to access the resource from the user with an authenticated identity;
retrieve a rule associated with the user request corresponding to the resource to be accessed;
determining data elements required to evaluate the user request;
retrieving data elements required to evaluate the user request;
evaluating the user request in real time;
allowing the user request to access the resource when the evaluation of the user request is favorable; and
denying the user request to access the resource when the evaluation of the user request is unfavorable. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification