CPC H04L 63/105 (2013.01) [H04L 63/102 (2013.01); H04L 63/20 (2013.01); H04L 67/025 (2013.01)] | 20 Claims |
1. A computer implemented method, comprising:
receiving, at a cloud application, a first request associated with a first user, wherein the first request corresponds to a first instance of a first artifact type;
determining that a first instance-based access policy exists for the first artifact type, the first instance-based access policy comprising a matching rule that selectively enables access to instances of the first artifact type;
evaluating the matching rule with respect to the first instance to determine whether the first instance-based access policy grants permission for the first user to access the first instance;
in response to determining that the first instance-based access policy grants permission for the first user to access the first instance, servicing the first request; and
in response to determining that the first instance-based access policy does not grant permission for the first user to access the first instance, denying the first request.
|