US 12,224,981 B2
Techniques for onboarding web applications in a zero trust environment
Yehoshua Haim Chen, Tel Aviv (IL); Shay Farhuma Gutman, Tel Aviv (IL); Omri Himelbrand, Ramat Gan (IL); Gilad Kleinman, Tel Aviv (IL); Shay Shwartz, Tel Aviv (IL); and Natan Elul, Tel Aviv (IL)
Assigned to Hewlett Packard Enterprise Development LP, Spring, TX (US)
Filed by HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP, Spring, TX (US)
Filed on May 31, 2022, as Appl. No. 17/804,718.
Prior Publication US 2023/0388271 A1, Nov. 30, 2023
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/0236 (2013.01) [H04L 63/0263 (2013.01); H04L 63/083 (2013.01); H04L 63/102 (2013.01); H04L 63/20 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, at a system comprising a hardware processor, a request from an authorizing user device to initiate a network session with a zero trust environment, the request including a login credential corresponding to an authorizing user account;
recording, at the system, an interaction between the authorizing user device and a resource external to the zero trust environment, the interaction based on an access request of the authorizing user device to access the resource;
detecting, by the system, a domain associated with the resource accessed by the authorizing user device;
generating, by the system, a policy based on the recording of the interaction, the policy comprising a rule specifying a condition under which a designated user account different from the authorizing user account is permitted access to the domain; and
using, by a policy engine, the policy to determine whether to grant a designated user device associated with the designated user account access to the domain in response to a request from the designated user device, wherein the designated user account is assigned a privilege from the authorizing user device, the privilege allowing the designated user account to generate the request from the designated user device.