CPC G06F 21/604 (2013.01) | 12 Claims |
1. A computer system comprising:
a set of processing units for processing instructions; and
a non-transitory machine readable medium storing a program executing on at least one hardware processing unit of a computing device, the program for evaluating a policy for authorizing an API (Application Programming Interface) call to an application, the program comprising sets of instructions for:
based on a first set of parameters available before receiving the API call, evaluating only a portion of the policy to produce a partially evaluated policy;
storing the partially evaluated policy in a cache storage;
receiving the API call to authorize;
determining whether the API call should be authorized by fully evaluating the policy using (1) the partially evaluated policy retrieved from the cache storage and (2) a second set of parameters associated with the API call; and
responding to the API call with a policy decision based on the fully evaluated policy.
|