US 12,463,962 B2
Multiworkflow authorization system and method
Yaozong Yao, Houston, TX (US)
Assigned to Schlumberger Technology Corporation, Sugar Land, TX (US)
Appl. No. 18/259,450
Filed by Schlumberger Technology Corporation, Sugar Land, TX (US)
PCT Filed Dec. 22, 2021, PCT No. PCT/US2021/064799
§ 371(c)(1), (2) Date Jun. 27, 2023,
PCT Pub. No. WO2022/146811, PCT Pub. Date Jul. 7, 2022.
Claims priority of provisional application 63/132,769, filed on Dec. 31, 2020.
Prior Publication US 2024/0380748 A1, Nov. 14, 2024
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/083 (2013.01) 10 Claims
OG exemplary drawing
 
1. A central authorization system comprising:
one or more processors;
memory coupled with the one or more processors;
a first set of application programming interfaces (APIs) stored in the memory, the first set of APIs configured to receive authorization requests from a plurality of frameworks that execute workflows, wherein each framework includes a respective set of libraries having a respective second set of APIs, and the respective set of libraries are stored in the memory;
an authorization policy server coupled with the memory and configured to:
receive, from a first framework of the plurality of frameworks, a first authorization request for access to a service by a first workflow, the first authorization request including a token associated with the first workflow,
generate, from a rules evaluation engine, a rule-based decision for the token,
store, in a cache, rule-based decision information for the token, wherein the cache is configured to become enabled in response to an authorization workload exceeding an authorization workload level, wherein the cache includes a first time limit that is adjustable based on the authorization workload level,
receive, from a second framework of the plurality of frameworks, a second authorization request for access to the service by a second workflow, the second authorization request including the token associated with the first workflow, and
determine whether to authorize the second framework to access the service based at least in part on the token associated with the first workflow of the first framework; and
a decision point component coupled to the cache and to the rules evaluation engine, the decision point component comprising one of the first set of APIs, wherein the decision point component is configured to communicate with the rules evaluation engine in response to receipt of a non-authorization response from the cache and refrain from communicating with the rules evaluation engine in response to receipt of an authorization response from the cache.