	US 12,067,132 B2
	Just-in-time data object permission restriction
John Michael Harres, Thornton, CO (US); Darren James Moffat, Lower Earley (GB); and Mark Leroy Shellenbaum, Westminster, CO (US)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on Dec. 23, 2021, as Appl. No. 17/561,469.
Prior Publication US 2023/0205903 A1, Jun. 29, 2023
Int. Cl. G06F 21/60 (2013.01); G06F 21/62 (2013.01)

CPC G06F 21/604 (2013.01) [G06F 21/6209 (2013.01); G06F 2221/2125 (2013.01); G06F 2221/2141 (2013.01)]

20 Claims

1. A method comprising:

receiving, using a computer system, an instruction to define or modify a permission constraint corresponding to one or more files, wherein the one or more files includes a particular file;

storing, in a data store, a permission-instruction data set representing the permission constraint;

subsequent to storing the permission-instruction data set, intercepting a user request to access the particular file;

querying the data store to determine whether any pending permission-instruction data set corresponds to the particular file;

determining, in response to the querying, that the permission-instruction data set corresponds to the particular file;

modifying or adding the permission constraint of the particular file based on the permission-instruction data set;

determining, based on the modified or added permission constraint, whether and or an extent to which the user request is authorized; and

outputting a response to the user request based on the determination as to whether and or an extent to which the user request is authorized.