US 11,909,772 B2
Rules engine for selectively granting access to secured resources
Jordan Hale, Glen Allen, VA (US); Devon Powley, Reston, VA (US); Wesley Sham, Jericho, NY (US); Thomas Shaffer, Arlington, VA (US); Jared Baker, Henrico, VA (US); John Bollinger, Richmond, VA (US); Robert Stump, Glen Allen, VA (US); and Gabriel Duke, Richmond, VA (US)
Assigned to CAPITAL ONE SERVICES, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Mar. 8, 2021, as Appl. No. 17/195,454.
Prior Publication US 2022/0286484 A1, Sep. 8, 2022
Int. Cl. H04L 9/40 (2022.01); H04L 29/06 (2006.01)
CPC H04L 63/205 (2013.01) [H04L 63/105 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system for providing least privilege access to a resource within a secured server, the system comprising:
one or more processors; and
memory in communication with the one or more processors and storing instructions that, when executed by the one or more processors, are configured to cause the system to:
receive an access request from a client requesting access to the resource, the access request comprising a role or policy associated with the client and one or more actions associated with the resource;
initialize a rules engine defining one or more rules usable by the system to determine whether the access request complies with a least privilege policy;
analyze the role or policy and the access request with the rules engine to determine whether the access request complies with the least privilege policy;
when the access request complies with the least privilege policy, provision the access request within the secured server such that the client can perform the one or more actions within the secured server; and
when the access request does not comply with the least privilege policy:
deny access to the resource;
generate a report indicating to the client which rules of the one or more rules failed the least privilege policy; and
transmit the report to the client.