US 11,870,786 B2
Access control for object instances
Marco Koch, Hamburg (DE); Stefan Boller, Heidelberg (DE); and Manfred Schmid, Offersheim (DE)
Assigned to SAP SE, Walldorf (DE)
Filed by SAP SE, Walldorf (DE)
Filed on Aug. 15, 2022, as Appl. No. 17/819,676.
Application 17/819,676 is a continuation of application No. 17/152,895, filed on Jan. 20, 2021, granted, now 11,463,448.
Claims priority of provisional application 62/989,123, filed on Mar. 13, 2020.
Prior Publication US 2022/0394041 A1, Dec. 8, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); H04L 67/025 (2022.01)
CPC H04L 63/105 (2013.01) [H04L 63/102 (2013.01); H04L 63/20 (2013.01); H04L 67/025 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer implemented method, comprising:
receiving, at a cloud application, a first request associated with a first user, wherein the first request corresponds to a first instance of a first artifact type;
determining that a first instance-based access policy exists for the first artifact type, the first instance-based access policy comprising a matching rule that selectively enables access to instances of the first artifact type;
evaluating the matching rule with respect to the first instance to determine whether the first instance-based access policy grants permission for the first user to access the first instance;
in response to determining that the first instance-based access policy grants permission for the first user to access the first instance, servicing the first request; and
in response to determining that the first instance-based access policy does not grant permission for the first user to access the first instance, denying the first request.