×

Permissions decisions in a service provider environment

  • US 9,712,542 B1
  • Filed: 06/27/2014
  • Issued: 07/18/2017
  • Est. Priority Date: 06/27/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computer system, comprising:

  • at least one processor; and

    memory including instructions that, when executed by the at least one processor, cause the computer system to;

    receive an indication of a request to subscribe to an appliance by a customer, the appliance being provided by an appliance provider, the appliance being associated with a delegation profile, and the customer having a first level of access to a customer virtual network;

    enable the delegation profile based at least in part on the request for the customer to subscribe to the appliance, the delegation profile including an identifier, a validation policy that specifies the customer as being permitted to assume the delegation profile, and an authorization policy that specifies one or more permissions for accessing and utilizing one or more resources by the customer, the customer having an account maintained by a provider of the one or more resources accessible to the customer;

    receive, from the appliance provider, a request for a set of credentials to access the one or more resources associated with the account, the request including a reference to the delegation profile;

    verify that the customer is currently subscribed to the appliance; and

    provide the appliance provider with access to the one or more resources as set forth by the one or more permissions in the authorization policy, including a second level of access less than the first level of access to the customer virtual network, upon verification that the customer is subscribed to the appliance.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×