US 12,423,449 B2
Method and system for providing access control governance
Michael George Norman, Edinburgh (GB); Isaac Leonardo Blum, Armonk, NY (US); Roger F Bigger, Old Lyme, CT (US); and David Laurance, Ann Arbor, MI (US)
Assigned to JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed by JPMorgan Chase Bank, N.A., New York, NY (US)
Filed on Apr. 7, 2022, as Appl. No. 17/658,336.
Claims priority of provisional application 63/171,850, filed on Apr. 7, 2021.
Prior Publication US 2022/0327223 A1, Oct. 13, 2022
Int. Cl. G06F 21/60 (2013.01); H04L 9/40 (2022.01)
CPC G06F 21/604 (2013.01) [G06F 2212/7202 (2013.01); G06F 2221/2101 (2013.01); H04L 63/108 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for governing a policy for controlling access to a system, the method being implemented by at least one processor, the method comprising:
receiving, by the at least one processor, a plurality of policy data units, each respective policy data unit including information that relates to an access determination with respect to the system;
processing, by the at least one processor, the plurality of policy data units, and obtaining an access policy rule as a result of the processing;
generating, by the at least one processor before an access request is made, a signed access token that relates to a predetermined user based on the obtained access policy rule; and
transmitting, by the at least one processor to the predetermined user before the access request is made, the signed access token,
wherein when the access request is made, the signed access token is usable for generating one of the following: access permission, access denial, or a new policy data unit; and
wherein the signed access token has a lifespan and is reusable by the predetermined user for multiple access requests.