US 12,437,101 B2
Privilege graph-based representation of data access authorizations
Tarun Thakur, Los Gatos, CA (US); and Maohua Lu, Fremont, CA (US)
Assigned to Veza Technologies, Inc., Los Gatos, CA (US)
Filed by Veza Technologies, Inc., Los Gatos, CA (US)
Filed on Sep. 2, 2021, as Appl. No. 17/464,928.
Claims priority of provisional application 63/073,751, filed on Sep. 2, 2020.
Claims priority of provisional application 63/067,193, filed on Aug. 18, 2020.
Prior Publication US 2022/0067186 A1, Mar. 3, 2022
Int. Cl. G06F 21/62 (2013.01); G06F 16/21 (2019.01); G06F 16/901 (2019.01); G06F 21/60 (2013.01)
CPC G06F 21/6236 (2013.01) [G06F 16/21 (2019.01); G06F 16/9024 (2019.01); G06F 21/604 (2013.01); G06F 21/6218 (2013.01); G06F 21/6227 (2013.01); G06F 2221/2113 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for privilege graph-based representation of data access authorizations, the method comprising:
identifying first attributes of a first user;
performing a traversal of nodes of a privilege graph using the first attributes to determine subsequent nodes until one or more first nodes representing a first subset of environments of a plurality of data environments is reached, wherein the traversal passes through at least one parent node of the one or more first nodes, wherein the at least one parent node represents one or more privileges, and wherein the first user has the one or more privileges with respect to the first subset of environments as indicated by the traversal passing through the at least one parent node before reaching the first subset of environments; and
authorizing the first user to access the first subset.