Cloud least identity privilege and data access framework
A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. Using a d...
Saved in:
Main Authors | , , , , |
---|---|
Format | Patent |
Language | English |
Published |
13.04.2023
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. The data model also supports a cloud "least privilege and access" framework. Least privilege is a set of minimum permissions that are associated to a given identity; least access is a minimal set of persons that need to have access to given piece data. The framework maps an identity to one or more actions collected in cloud audit logs, and dynamically-build a compete view of an identity's effective permissions. The resulting least privilege and access policies are then applied natively to a given cloud environment to manage access. |
---|---|
AbstractList | A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. The data model also supports a cloud "least privilege and access" framework. Least privilege is a set of minimum permissions that are associated to a given identity; least access is a minimal set of persons that need to have access to given piece data. The framework maps an identity to one or more actions collected in cloud audit logs, and dynamically-build a compete view of an identity's effective permissions. The resulting least privilege and access policies are then applied natively to a given cloud environment to manage access. |
Author | Wuest, Ben A Peters, Brad J Davis, Gregory A Bird, William A Chavda, Dasharath P |
Author_xml | – fullname: Wuest, Ben A – fullname: Bird, William A – fullname: Chavda, Dasharath P – fullname: Peters, Brad J – fullname: Davis, Gregory A |
BookMark | eNqNyj0OAiEQBlAKLfy7wyTWJsA2tmajsVfrzQS-NWRxIIAab2_jAaxe85ZqJkmwUPs-pqenCK6Ngoe00D6US3iFiDuIxZPnxsTOoVYaCz_wTmVaq_nIsWLzc6W2p-O1P--Q04Ca2UHQhtvFatsZo63VB9P9t77KoTDZ |
ContentType | Patent |
DBID | EVB |
DatabaseName | esp@cenet |
DatabaseTitleList | |
Database_xml | – sequence: 1 dbid: EVB name: esp@cenet url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP sourceTypes: Open Access Repository |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Medicine Chemistry Sciences Physics |
ExternalDocumentID | US2023110220A1 |
GroupedDBID | EVB |
ID | FETCH-epo_espacenet_US2023110220A13 |
IEDL.DBID | EVB |
IngestDate | Fri Jul 19 12:47:58 EDT 2024 |
IsOpenAccess | true |
IsPeerReviewed | false |
IsScholarly | false |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-epo_espacenet_US2023110220A13 |
Notes | Application Number: US202117487124 |
OpenAccessLink | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20230413&DB=EPODOC&CC=US&NR=2023110220A1 |
ParticipantIDs | epo_espacenet_US2023110220A1 |
PublicationCentury | 2000 |
PublicationDate | 20230413 |
PublicationDateYYYYMMDD | 2023-04-13 |
PublicationDate_xml | – month: 04 year: 2023 text: 20230413 day: 13 |
PublicationDecade | 2020 |
PublicationYear | 2023 |
RelatedCompanies | Sonrai Securty Inc |
RelatedCompanies_xml | – name: Sonrai Securty Inc |
Score | 3.4678063 |
Snippet | A network-accessible service provides an enterprise with a view of identity and data activity in the enterprise's cloud accounts. The service enables distinct... |
SourceID | epo |
SourceType | Open Access Repository |
SubjectTerms | CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
Title | Cloud least identity privilege and data access framework |
URI | https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20230413&DB=EPODOC&locale=&CC=US&NR=2023110220A1 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfR3LSsNAcCj1edOoVK2yoOQWTJo1SQ9FbB4UoQ9sK72Vbh4QCGloU8W_d2ZNtacedwaG2YXZec8APMbcjOxY2FrU4rbGEx1FShgLTbf0UFgRWvwm9Tv3B1Zvyt9mz7MaZNteGDkn9EsOR0SJClHeS_lfF_9BLE_WVq6fRIqg5Usw6Xhq5R1ThNMwVa_b8UdDb-iqrtuZjtXBu8QZ5N3or-grHZAhTZP2_Y8u9aUUu0olOIPDEdLLy3OoxbkCJ-5295oCx_0q5a3AkazRDNcIrORwfQGOmy03Ecto8Q5Lf3ttv1mxSj9TCgOwRR4xqv1kC7kPkSXbEqxLeAj8idvTkJn5393n0_Eu5-YV1PNlHjeAOTxJQhO1PfoP3GkLJ-EtIRyrTYkxNDOuobmP0s1-9C2c0pHSJobZhHq52sR3qH1LcS8f7QfsVobK |
link.rule.ids | 230,309,786,891,25594,76903 |
linkProvider | European Patent Office |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LT8JAEJ4QfOBNUYOKuommt8aWrm05NEZamqpQiIDhRrp9JE2a0kDR-O-dXUE5cd1JJrObzM588wS4j6kWGTEz5KhFDZkmCqoUUwNZ0ZWQ6RF6_Brvd-77ujehr9PHaQWyTS-MmBP6JYYjokaFqO-l-K-L_yCWI2orlw8sxaP5kzu2HGmNjnmEU9Ukp2N1hwNnYEu2bU1Gkv8uaCpHN8ozYqU9A0GhAEsfHd6XUmwbFfcY9ofILy9PoBLndajZm91rdTjsr1PedTgQNZrhEg_Xerg8BdPO5quIZHzxDkl_e22_SbFIP1MeBiBBHhFe-0kCsQ-RJJsSrDO4c7tj25NRmNnf3WeT0bbk2jlU83keN4CYNElCDa094gdqtpmZ0BZjpt7miTF0My6guYvT5W7yLdS8cb836734b1dwxEk8haJqTaiWi1V8jZa4ZDfiAX8AXx-JtA |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Cloud+least+identity+privilege+and+data+access+framework&rft.inventor=Wuest%2C+Ben+A&rft.inventor=Bird%2C+William+A&rft.inventor=Chavda%2C+Dasharath+P&rft.inventor=Peters%2C+Brad+J&rft.inventor=Davis%2C+Gregory+A&rft.date=2023-04-13&rft.externalDBID=A1&rft.externalDocID=US2023110220A1 |