公开(公告)号：US12126628B2

公开(公告)日：2024-10-22

申请号：US17668367

申请日：2022-02-09

Applicant: Microsoft Technology Licensing, LLC

Inventor： Abhijeet Kumar Sinha ,  Caleb Geoffrey Baker ,  Stuart Kwan ,  Zhifeng Wang ,  Adam Edwards ,  William Bruce Barr, III ,  Arturo Huato Lucatero ,  Christopher Adam Brooks ,  Carlos Adrian Lopez Castro

IPC: H04L9/40

CPC classification number: H04L63/107 ,  H04L63/0272 ,  H04L63/20

Abstract: Generally discussed herein are devices, systems, and methods for adaptive authorization using a local route as a named location. A method can include defining a local route and a corresponding local route endpoint, associating a compute resource as a destination of the local route endpoint, defining an adaptive authorization policy that limits access to the compute resource to be through the local route endpoint, and enforcing access to the compute resource based on the defined adaptive authorization policy.

公开(公告)号：US11580239B2

公开(公告)日：2023-02-14

申请号：US16660275

申请日：2019-10-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： Daniel John Carroll, Jr. ,  Kameshwar Jayaraman ,  Stuart Kwan ,  Kartik Tirunelveli Kanakasabesan ,  Shefali Gulati ,  Charles Glenn Jeffries ,  Ganesh Pandey ,  Roberto Carlos Taboada ,  Parul Manek ,  Steven Mark Silverberg

IPC: H04L9/00 ,  G06F21/62 ,  G06F9/451 ,  G06F9/50 ,  G06F21/31 ,  G06F21/60

Abstract: Access to data and resources in a multi-tenant computing system is managed by tagging the data and resources with attributes, as well as by tagging users with attributes. Tenant-specific access policies are configured. When an access request is received from a workload, a policy decision engine processes the attributes that are tagged to the requesting workload (e.g., user, application, etc.) as well as those tagged to the requested data or resource, given a relevant tenant-specific policy. An access decision is provided in response to the access request, and the access decision can be enforced by a tenant-specific enforcement system.

公开(公告)号：US20210117561A1

公开(公告)日：2021-04-22

申请号：US16660275

申请日：2019-10-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： Daniel John CARROLL, JR. ,  Kameshwar Jayaraman ,  Stuart Kwan ,  Kartik Tirunelveli Kanakasabesan ,  Shefali Gulati ,  Charles Glenn Jeffries ,  Ganesh Pandey ,  Roberto Carlos Taboada ,  Parul Manek ,  Steven Mark Silverberg

IPC: G06F21/62 ,  G06F21/31 ,  G06F21/60 ,  G06F9/50 ,  G06F9/451

Abstract: Access to data and resources in a multi-tenant computing system is managed by tagging the data and resources with attributes, as well as by tagging users with attributes. Tenant-specific access policies are configured. When an access request is received from a workload, a policy decision engine processes the attributes that are tagged to the requesting workload (e.g., user, application, etc.) as well as those tagged to the requested data or resource, given a relevant tenant-specific policy. An access decision is provided in response to the access request, and the access decision can be enforced by a tenant-specific enforcement system.