Unified access controls for cloud services
First Claim
1. A method, comprising:
- receiving, from a user device, a request to access a cloud service to utilize a resource provided by the cloud service, wherein to utilize the resource, the user device is configured to at least one of request information from the resource or send information to the resource;
in response to receiving the request, determining a context of the request to access the cloud service;
comparing, by a processor, the context of the request to a cloud service access policy, the cloud service access policy to control utilization of the resource provided by the cloud service;
if the context of the request satisfies the cloud service access policy, determining a type of the information associated with the request, wherein the type of information is determined using at least one of a non-reversible hash and signature-based detection;
comparing, by the processor, the type of the information associated with the request to an information control policy, the information control policy to control what types of information are requested from the resource and sent by the user device to the resource in view of the context of the request to access to the cloud service; and
if the type of the information satisfies the information control policy, granting the user device access to the cloud service.
2 Assignments
0 Petitions
Accused Products
Abstract
A cloud service access and information gateway receives, from a user device, a request to access a cloud service. The cloud service access and information gateway determines a context of the request and compares the context of the request to a cloud service access policy. If the context of the request satisfies the cloud service access policy, the cloud service access and information gateway determines a type of information associated with the request and compares the type of information associated with the request to an information control policy. If the type of information satisfies the information control policy, the cloud service access and information gateway grants the user device access to the cloud service.
-
Citations
26 Claims
-
1. A method, comprising:
-
receiving, from a user device, a request to access a cloud service to utilize a resource provided by the cloud service, wherein to utilize the resource, the user device is configured to at least one of request information from the resource or send information to the resource; in response to receiving the request, determining a context of the request to access the cloud service; comparing, by a processor, the context of the request to a cloud service access policy, the cloud service access policy to control utilization of the resource provided by the cloud service; if the context of the request satisfies the cloud service access policy, determining a type of the information associated with the request, wherein the type of information is determined using at least one of a non-reversible hash and signature-based detection; comparing, by the processor, the type of the information associated with the request to an information control policy, the information control policy to control what types of information are requested from the resource and sent by the user device to the resource in view of the context of the request to access to the cloud service; and if the type of the information satisfies the information control policy, granting the user device access to the cloud service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system, comprising:
-
a memory; and a processor coupled with the memory to; receive, from a user device, a request to access a cloud service to utilize a resource provided by the cloud service, wherein to utilize the resource, the user device is configured to at least one of request information from the resource or send information to the resource; in response to receiving the request, determine a context of the request to access the cloud service; compare the context of the request to a cloud service access policy, the cloud service access policy to control utilization of the resource provided by the cloud service; if the context of the request satisfies the cloud service access policy, determine a type of the information associated with the request, wherein the type of information is determined using at least one of a non-reversible hash and signature-based detection; compare the type of the information associated with the request to an information control policy, the information control policy to control what types of information are requested from the resource and sent by the user device to the resource in view of the context of the request to access to the cloud service; and if the type of the information satisfies the information control policy, grant the user device access to the cloud service. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer readable storage medium including instructions that, when executed by a processor, cause the processor to perform operations comprising:
-
receiving, from a user device, a request to access a cloud service to utilize a resource provided by the cloud service, wherein to utilize the resource, the user device is configured to at least one of request information from the resource or send information to the resource; in response to receiving the request, determining a context of the request to access the cloud service; comparing, by a processor, the context of the request to a cloud service access policy, the cloud service access policy to control utilization of the resource provided by the cloud service; if the context of the request satisfies the cloud service access policy, determining a type of the information associated with the request, wherein the type of information is determined using at least one of a non-reversible hash and signature-based detection; comparing, by the processor, the type of the information associated with the request to an information control policy, the information control policy to control what types of information are requested from the resource and sent by the user device to the resource in view of the context of the request to access to the cloud service; and if the type of the information satisfies the information control policy, granting the user device access to the cloud service. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification