&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12289348.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,289,348 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Rules engine for selectively granting access to secured resources</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Jordan Hale,  Glen Allen, VA (US);  Devon Powley,  Reston, VA (US);  Wesley Sham,  Jericho, NY (US);  Thomas Shaffer,  Arlington, VA (US);  Jared Baker,  Henrico, VA (US);  John Bollinger,  Richmond, VA (US);  Robert Stump,  Glen Allen, VA (US); and  Gabriel Duke,  Richmond, VA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  CAPITAL ONE SERVICES, LLC,  McLean, VA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Capital One Services, LLC,  McLean, VA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Feb.  9, 2024, as Appl. No. 18/437,872.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/437,872 is a continuation of application No. 17/195,454, filed on Mar.  8, 2021, granted, now 11,909,772.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2024/0187457 A1, Jun.  6, 2024</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01); <i><b>H04L 29/06</b></i> (2006.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/205</b></i> (2013.01)&#xa0;[<i><b>H04L 63/105</b></i> (2013.01); <i><b>H04L 63/20</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>19 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12289348-20250429-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A system for providing least privilege access to a resource within a secured server, the system comprising:<div class="claim_text">one or more processors; and</div>
                <div class="claim_text">memory in communication with the one or more processors and storing instructions that, when executed by the one or more processors, are configured to cause the system to:<div class="claim_text">receive an access request from a client requesting access to the resource, the access request comprising a role or policy associated with the client and one or more actions associated with the resource;</div>
                  <div class="claim_text">initialize a rules engine defining one or more rules usable by the system to determine whether the access request complies with a least privilege policy;</div>
                  <div class="claim_text">analyze the role or policy and the access request with the rules engine to determine whether the access request complies with the least privilege policy; and</div>
                  <div class="claim_text">when the access request complies with the least privilege policy, provision the access request within the secured server such that the client can perform the one or more actions within the secured server,</div>
                  <div class="claim_text">determine that the access request does not comply with the least privilege policy when the access request comprises a wildcard resource or a wildcard action; and</div>
                  <div class="claim_text">deny access to the resource when the access request does not comply with the least privilege policy.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>