ACCESS MANAGEMENT IN A DATA STORAGE SYSTEM
First Claim
1. A computer-implemented method comprising:
- receiving, by a first system, a request from a requester to access information;
determining, by the first system, that an access token is stored in a cache in the first system, the access token providing an indication to the first system that the requester is authenticated with the first system;
retrieving, by the first system, one or more roles stored in the cache, the one or more roles associated with the access token;
determining, by the first system, that the requester is authorized to access the information based on the one or more roles; and
in response to the determining, providing, by the first system, the information to the requester.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for managing access to information stored in a data storage system of an organization is provided. In an embodiment, the data storage system may be configured to receive a request from a requester on a client device to access information stored in the data storage system. In some aspects, upon receiving the request, the first system may determine that an access token identifying the requester is stored in a cache in the data storage system. In some aspects, the data storage system may then retrieve one or more roles from the cache. In some examples, the roles may be associated with the access token. In certain embodiments, the data storage system may then be configured to determine that the requester is authorized to access the information based on the roles and provide the information to the requester on the client device.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a first system, a request from a requester to access information; determining, by the first system, that an access token is stored in a cache in the first system, the access token providing an indication to the first system that the requester is authenticated with the first system; retrieving, by the first system, one or more roles stored in the cache, the one or more roles associated with the access token; determining, by the first system, that the requester is authorized to access the information based on the one or more roles; and in response to the determining, providing, by the first system, the information to the requester. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
memory configured to store computer-executable instructions; and at least one processor configured to access the memory and execute the computer-executable instructions to collectively at least; receive a request from a requester to access information; determine that an access token is stored in a cache in the system, the access token providing an indication to the system that the requester is authenticated with the system; retrieve one or more roles stored in the cache, the one or more roles associated with the access token; determine that the requester is authorized to access the information based on the one or more roles; and provide the information to the requester. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable media storing computer-executable instructions executable by one or more processors, the computer-executable instructions comprising:
-
instructions that cause the one or more processors to receive a request from a requester to access information; instructions that cause the one or more processors to determine that an access token is stored in a cache in a first system, the access token providing an indication to the first system that the requester is authenticated with the first system; instructions that cause the one or more processors to retrieve one or more roles stored in the cache, the one or more roles associated with the access token; instructions that cause the one or more processors to determine that the requester is authorized to access the information based on the one or more roles; and instructions that cause the one or more processors to provide the information to the requester. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification