US 12,306,982 B2
Systems using an authorization service user interface for secure role-based access control
Yan Bregman, East Brunswick, NJ (US); and Kizito Ofornagoro, Queens, NY (US)
Assigned to Rocket Software Technologies, Inc., Waltham, MA (US)
Filed by Rocket Software Technologies, Inc., Waltham, MA (US)
Filed on Apr. 25, 2024, as Appl. No. 18/646,124.
Application 18/646,124 is a continuation of application No. 18/306,933, filed on Apr. 25, 2023, granted, now 12,001,578.
Application 18/306,933 is a continuation of application No. 17/068,674, filed on Oct. 12, 2020, granted, now 11,693,982, issued on Jul. 4, 2023.
Claims priority of provisional application 62/923,381, filed on Oct. 18, 2019.
Prior Publication US 2024/0273229 A1, Aug. 15, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 3/0482 (2013.01); G06F 3/0483 (2013.01); G06F 16/21 (2019.01); G06F 16/25 (2019.01); G06F 21/31 (2013.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); G06F 40/106 (2020.01); G06N 5/01 (2023.01)
CPC G06F 21/6218 (2013.01) [G06F 3/0482 (2013.01); G06F 3/0483 (2013.01); G06F 16/211 (2019.01); G06F 16/256 (2019.01); G06F 21/31 (2013.01); G06F 21/604 (2013.01); G06F 40/106 (2020.01); G06N 5/01 (2023.01); H04L 63/101 (2013.01); H04L 63/102 (2013.01); H04L 63/105 (2013.01); H04L 63/205 (2013.01); G06F 2221/2141 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method for enterprise-wide fine-grained role-based access control to a plurality of organizational assets, the method comprising:
receiving, via an authorization service client Application Programming Interface (API), identification of an asset for fine-grained role-based access control from an organization;
receiving, via the authorization service client API, a definition of an asset type of the asset using the identification of the asset; receiving, via the authorization service client API, a definition of an asset value of the asset based on the asset type;
receiving, via the authorization service client API, a definition of an organizational role with fine-grained role-based access control to at least one of the asset, the asset type, and the asset value;
receiving, via the authorization service client API, permissions for fine-grained role-based access by the organizational role to at least one of the asset, the asset type, and the asset value, the permissions comprising at least one access rule having a set of variables based on the asset, the asset type, and the asset value;
generating a fine-grained role-based access control database schema using the asset, the definition of an asset type, the definition of an asset value, the definition of an organizational role, and the permissions for fine-grained role-based access by the organizational role to at least one of the asset, the asset type, and the asset value;
providing an authorization service user interface (UI) for enabling fine-grained role-based access control to the asset based on the fine-grained role-based access control database schema, wherein receiving, via the authorization service UI, the selection input of the organizational role is a root user; and wherein the receiving, via the authorization service UI, selection input of permissions for fine-grained role-based access by the root user includes permissions to access all asset types and asset values; and
receiving, via the authorization service client API, a request for permission to access at least one of the asset, the asset type, and the asset value by an authenticated user.