Please download the dossier by clicking on the dossier button x
×

Access policy management using identified roles

  • US 9,602,545 B2
  • Filed: 01/12/2015
  • Issued: 03/21/2017
  • Est. Priority Date: 01/13/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • identifying, by a computer system, an account associated with an identity of a user, wherein the account has an entitlement to access a resource of a target system;

    determining, by the computer system, a set of access policies that are used to manage access to one or more resources of the target system;

    determining, by the computer system, that the account is not managed by an access policy in the set of access policies;

    identifying, by the computer system, a role associated with the identity;

    determining, by the computer system, a first access policy in the set of access policies, the first access policy being determined as associated with the identified role;

    determining a value of an attribute in access policy data corresponding to the first access policy, wherein the value of the attribute indicates whether the first access policy is to be associated with one or more accounts enabling access to the resource of the target system;

    storing, by the computer system, data indicating an association between the account and the first access policy based on determining that the identified role is associated with the first access policy and based on the value of the attribute;

    detecting a change in the first access policy, wherein the change is associated with the access to the resource of the target system; and

    sending, by the computer system, a request to the target system, wherein the request causes the target system to configure the account to change the access to the resource based on the detected change in the first access policy.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×