REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES
Embodiment described herein enable region-based authentication and/or access policies for services implemented in a cloud computing platform. For example, an authentication request is received from a service, the authentication request including a credential that includes region information that ind...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | PANASYUK, Anatoliy ROUSKOV, Yordan I |
| description | Embodiment described herein enable region-based authentication and/or access policies for services implemented in a cloud computing platform. For example, an authentication request is received from a service, the authentication request including a credential that includes region information that indicates a region the service is assigned to. An identity system authenticates the service and provides an access token that includes the region information. In another embodiment, the identity system determines a level of access to be provided to the service based on whether a criterion of an access policy is satisfied based on the region information and generates an access token indicating the level of access. In another embodiment, the identity system denies issuance of an access token if a criterion of an authentication policy is not satisfied based on the region information. In another embodiment, the identity system obtains region information stored in association with an identifier of the service. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2024171587A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2024171587A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2024171587A13</originalsourceid><addsrcrecordid>eNrjZLAJcnX39PfTdXIMdnVRcAwN8XD1C_F0dgwBCio4-gGFnJ1dg4MVAvx9PJ09XYMV3PyDFIJdg8I8gcI8DKxpiTnFqbxQmptB2c01xNlDN7UgPz61uCAxOTUvtSQ-NNjIwMjE0NzQ1MLc0dCYOFUApFAqeQ</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES</title><source>esp@cenet</source><creator>PANASYUK, Anatoliy ; ROUSKOV, Yordan I</creator><creatorcontrib>PANASYUK, Anatoliy ; ROUSKOV, Yordan I</creatorcontrib><description>Embodiment described herein enable region-based authentication and/or access policies for services implemented in a cloud computing platform. For example, an authentication request is received from a service, the authentication request including a credential that includes region information that indicates a region the service is assigned to. An identity system authenticates the service and provides an access token that includes the region information. In another embodiment, the identity system determines a level of access to be provided to the service based on whether a criterion of an access policy is satisfied based on the region information and generates an access token indicating the level of access. In another embodiment, the identity system denies issuance of an access token if a criterion of an authentication policy is not satisfied based on the region information. In another embodiment, the identity system obtains region information stored in association with an identifier of the service.</description><language>eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240523&DB=EPODOC&CC=US&NR=2024171587A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,309,781,886,25569,76552</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240523&DB=EPODOC&CC=US&NR=2024171587A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>PANASYUK, Anatoliy</creatorcontrib><creatorcontrib>ROUSKOV, Yordan I</creatorcontrib><title>REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES</title><description>Embodiment described herein enable region-based authentication and/or access policies for services implemented in a cloud computing platform. For example, an authentication request is received from a service, the authentication request including a credential that includes region information that indicates a region the service is assigned to. An identity system authenticates the service and provides an access token that includes the region information. In another embodiment, the identity system determines a level of access to be provided to the service based on whether a criterion of an access policy is satisfied based on the region information and generates an access token indicating the level of access. In another embodiment, the identity system denies issuance of an access token if a criterion of an authentication policy is not satisfied based on the region information. In another embodiment, the identity system obtains region information stored in association with an identifier of the service.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZLAJcnX39PfTdXIMdnVRcAwN8XD1C_F0dgwBCio4-gGFnJ1dg4MVAvx9PJ09XYMV3PyDFIJdg8I8gcI8DKxpiTnFqbxQmptB2c01xNlDN7UgPz61uCAxOTUvtSQ-NNjIwMjE0NzQ1MLc0dCYOFUApFAqeQ</recordid><startdate>20240523</startdate><enddate>20240523</enddate><creator>PANASYUK, Anatoliy</creator><creator>ROUSKOV, Yordan I</creator><scope>EVB</scope></search><sort><creationdate>20240523</creationdate><title>REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES</title><author>PANASYUK, Anatoliy ; ROUSKOV, Yordan I</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2024171587A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>PANASYUK, Anatoliy</creatorcontrib><creatorcontrib>ROUSKOV, Yordan I</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>PANASYUK, Anatoliy</au><au>ROUSKOV, Yordan I</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES</title><date>2024-05-23</date><risdate>2024</risdate><abstract>Embodiment described herein enable region-based authentication and/or access policies for services implemented in a cloud computing platform. For example, an authentication request is received from a service, the authentication request including a credential that includes region information that indicates a region the service is assigned to. An identity system authenticates the service and provides an access token that includes the region information. In another embodiment, the identity system determines a level of access to be provided to the service based on whether a criterion of an access policy is satisfied based on the region information and generates an access token indicating the level of access. In another embodiment, the identity system denies issuance of an access token if a criterion of an authentication policy is not satisfied based on the region information. In another embodiment, the identity system obtains region information stored in association with an identifier of the service.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US2024171587A1 |
| source | esp@cenet |
| subjects | ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | REGION-BASED AUTHENTICATION AND ACCESS POLICIES FOR SERVICES |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-15T01%3A09%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=PANASYUK,%20Anatoliy&rft.date=2024-05-23&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2024171587A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |