Continuous monitoring of access of computing resources
First Claim
1. A computer-implemented method of monitoring access of computing resources comprising:
- creating one or more usage rules each defining a usage constraint;
receiving a set of login credentials from a first user;
authorizing the first user to access a computing resource based on the set of login credentials received from the first user;
monitoring one or more actions the first user has requested to be performed at the computing resource by applying at least one of the one or more usage rules, wherein the one or more usage rules comprise a first usage rule defining a first usage constraint that is based on a total number of authorizations performed responsive to a usage constraint violation;
determining that one of the actions violates a usage constraint;
halting performance of the action until a second user authorizes the action; and
notifying a third user responsive to determining that a total number of authorizations performed by the second user for the first user exceeds a predetermined threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for monitoring access of computing resources. Usage rules may be created and stored that define a usage constraint based on actions available to be performed at the computing resources. An authenticator may verify login credentials received from a user and authorize the user to access a computing resource. A request to perform an action at the computing resource may be received, and a usage monitor may apply a usage rule to the requested action. If the requested action violates the usage constraint of the usage rule, the usage monitor may halt performance of the requested action and notify another user of the usage constraint violation. The authenticator may receive and verify another set of login credentials from that other user. In response to successful verification of the additional set of login credentials, the usage monitor may resume performance of the requested action.
25 Citations
15 Claims
-
1. A computer-implemented method of monitoring access of computing resources comprising:
-
creating one or more usage rules each defining a usage constraint; receiving a set of login credentials from a first user; authorizing the first user to access a computing resource based on the set of login credentials received from the first user; monitoring one or more actions the first user has requested to be performed at the computing resource by applying at least one of the one or more usage rules, wherein the one or more usage rules comprise a first usage rule defining a first usage constraint that is based on a total number of authorizations performed responsive to a usage constraint violation; determining that one of the actions violates a usage constraint; halting performance of the action until a second user authorizes the action; and notifying a third user responsive to determining that a total number of authorizations performed by the second user for the first user exceeds a predetermined threshold. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for monitoring access of computing resources comprising:
-
memory that stores one or more usage rules each defining a usage constraint and comprising a first usage rule defining a first usage constraint that is based on a total number of authorizations performed responsive to a usage constraint violation; an authenticator configured to authenticate a first user and authorize the first user to access a computing resource based on a set of login credentials received from the first user; and a usage monitor configured to apply at least one of the one or more usage rules to each action the first user has requested to be performed at the computing resource, determine that an action the first user has requested to be performed violates the usage constraint of one of the usage rules, halt performance of the action until a second user authorizes the action, and notify a third user responsive to determining that a total number of authorizations performed by the second user for the first user exceeds a predetermined threshold. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A computer-implemented method of monitoring access of computing resources comprising:
-
storing, at a memory, one or more usage rules each defining a usage constraint based on one or more actions available to be performed at one or more computing resources and comprising a first usage rule defining a first usage constraint that is based on a total number of authorizations performed responsive to a usage constraint violation; receiving, at an authenticator, a first set of login credentials from a first user; verifying, at the authenticator, the first set of login credentials; authorizing, using the authenticator, the first user to access a computing resource based on the first set of login credentials; receiving, from the first user, a request to perform an action at the computing resource; applying, using a usage monitor, at least one of the one or more usage rules to the action requested to be performed; determining, using the usage monitor, that the action requested to be performed violates the usage constraint of one of the usage rules; halting, using the usage monitor, performance of the action requested to be performed; notifying, using the usage monitor, a second user that the action violates the usage constraint wherein a notification provided to the second user identifies the first user, the action requested to be performed, the usage constraint violated by the action, and the usage rule that defines the usage constraint violated; receiving, at the authenticator, a second set of login credentials from the second user; verifying, at the authenticator, the second set of login credentials; resuming, using the usage monitor, performance of the action responsive to successful verification of the second set of login credentials; and notifying, using the usage monitor, a third user responsive to determining that a total number of authorizations performed by the second user for the first user exceeds a predetermined threshold. - View Dependent Claims (15)
-
Specification