Access control using tokens and black lists
First Claim
1. A method for access control, comprising:
- determining whether an event has occurred, wherein the event is at least one of receiving an unauthorized request to access a resource, modification to the resource, exceeding a specified number of failed attempts to access the resource, a change in employment of a user attempting to access the resource, known illegality of the resource, and known vulnerability of the resource;
based on determining that the event has occurred, pushing the event to a server;
receiving the pushed event;
adding a value of the pushed event to a black list of recently disabled users, devices, applications, or any combination thereof;
receiving a request to access the resource on the server, the request comprising an access token;
comparing a field value of the access token with the black list; and
declining the request based on a match of the field value of the access token with a value of the pushed event in the black list.
1 Assignment
0 Petitions
Accused Products
Abstract
Examples of techniques for validating access tokens are described herein. An example computer-implemented method includes receiving, via a processor, a pushed event at a server. The method includes adding, via the processor, a value of the pushed event to a black list of recently disabled users, devices, applications, or any combination thereof. The method also includes receiving, via the processor, a request to access a resource on the server, the request including an access token. The method further includes comparing, via the processor, a field value of the access token with the black list. The method further includes declining, via the processor, the request based on a match of the field value of the access token with a value of the pushed event in the black list.
30 Citations
20 Claims
-
1. A method for access control, comprising:
-
determining whether an event has occurred, wherein the event is at least one of receiving an unauthorized request to access a resource, modification to the resource, exceeding a specified number of failed attempts to access the resource, a change in employment of a user attempting to access the resource, known illegality of the resource, and known vulnerability of the resource; based on determining that the event has occurred, pushing the event to a server; receiving the pushed event; adding a value of the pushed event to a black list of recently disabled users, devices, applications, or any combination thereof; receiving a request to access the resource on the server, the request comprising an access token; comparing a field value of the access token with the black list; and declining the request based on a match of the field value of the access token with a value of the pushed event in the black list. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for access control, the computer program product comprising:
-
one or more computer-readable storage media and program instructions stored on the one or more computer-readable storage media, the program instructions comprising; program instructions to determine whether an event has occurred, wherein the event is at least one of receiving an unauthorized request to access a resource, modification to the resource, exceeding a specified number of failed attempts to access the resource, a change in employment of a user attempting to access the resource, known illegality of the resource, and known vulnerability of the resource; based on determining that the event has occurred, program instructions to push the event to a server; program instructions to receive the pushed event; program instructions to add a value from the pushed event to a black list of recently disabled users, devices, applications, or any combination thereof; program instructions to receive a request to access the resource on the server, the request comprising an access token; program instructions to compare a field value of the access token with the black list; and program instructions to decline the request based on a match of the field value with a value of the pushed event in the black list. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer system for access control, the computer system comprising:
-
one or more computer processors, one or more computer-readable storage media, and program instructions stored on the one or more computer-readable storage media for execution by at least one of the one or more processors, the program instructions comprising; program instructions to determine whether an event has occurred, wherein the event is at least one of receiving an unauthorized request to access a resource, modification to the resource, exceeding a specified number of failed attempts to access the resource, a change in employment of a user attempting to access the resource, known illegality of the resource, and known vulnerability of the resource; based on determining that the event has occurred, program instructions to push the event to a server; program instructions to receive the pushed event; program instructions to add a value from the pushed event to a black list of recently disabled users, devices, applications, or any combination thereof; program instructions to receive a request to access the resource on the server, the request comprising an access token; program instructions to compare a field value of the access token with the black list; and program instructions to decline the request based on a match of the field value with a value of the pushed event in the black list. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification