Invention Grant
- Patent Title: Identity context-based access control
-
Application No.: US13608125Application Date: 2012-09-10
-
Publication No.: US09916461B2Publication Date: 2018-03-13
- Inventor: Kaushal Kiran Kapadia , Rahul Prabhakar Kulkarni , Nataraj Nagaratnam , Anindya Neogi , Magesh Rajamani
- Applicant: Kaushal Kiran Kapadia , Rahul Prabhakar Kulkarni , Nataraj Nagaratnam , Anindya Neogi , Magesh Rajamani
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agent Jeffrey S. LaBaw; David H. Judson
- Main IPC: G06F17/00
- IPC: G06F17/00 ; H04L29/06 ; G06F21/60
Abstract:
Identity context-based access control is implemented by generating an identity context expression from user identity data. In particular, users are clustered based on combinations of one or more attributes. These clusters comprise one or more identity context(s). Preferably, an intersection of attribute sets of each user in the cluster is formed. In addition, an intersection of attribute sets of each user not in the cluster also is formed. If the attribute set that is common across the cluster of users is not a subset of the attribute set that is common across the rest of the users, then the attribute set forms a unique identity context expression. To reduce the number of roles used in role-based access control (RBAC), at least one role is replaced with an identity context expression. Run-time access control is then enabled.
Public/Granted literature
- US20140075492A1 Identity context-based access control Public/Granted day:2014-03-13
Information query
