Invention Grant
- Patent Title: Access control in a decentralized control plane of a computing system
-
Application No.: US15195513Application Date: 2016-06-28
-
Publication No.: US10198210B2Publication Date: 2019-02-05
- Inventor: Georgios Chrysanthakopoulos , Pieter Noordhuis
- Applicant: VMware, Inc.
- Applicant Address: US CA Palo Alto
- Assignee: VMware, Inc.
- Current Assignee: VMware, Inc.
- Current Assignee Address: US CA Palo Alto
- Agency: Patterson + Sheridan, LLP
- Main IPC: G06F3/06
- IPC: G06F3/06 ; G06F9/54 ; H04L29/08 ; G06F8/30 ; H04L12/24 ; G06F17/30 ; H04L29/06 ; G06F9/50
Abstract:
A method of controlling access to a target resource of a plurality of resources managed by a control plane executing on a computing system includes: receiving, at the control plane, a request for the target resource by a client, the request including a user indicator; identifying a user group in which the user indicator is a member; identifying a role that includes an access policy, applicable to the user group, for accessing a group of the plurality of resources, the group of resources defined by a query executable against an index of states of the plurality of resources; obtaining a state of the target resource in response to the request; and applying the access policy of the role to the request for the target resource based on a determination of whether the state of the target resource satisfies a query filter corresponding to the query of the role.
Public/Granted literature
- US20170373945A1 ACCESS CONTROL IN A DECENTRALIZED CONTROL PLANE OF A COMPUTING SYSTEM Public/Granted day:2017-12-28
Information query
