| CPC G06F 21/62 (2013.01) [H04L 63/105 (2013.01); H04L 63/107 (2013.01); H04L 9/3213 (2013.01)] | 16 Claims |
|
1. A system, comprising:
a memory; and
a processor coupled to the memory and configured to:
generate a token corresponding to a set of user data based at least in part on a token generation policy, wherein to generate the token comprises to add a predetermined value within the token;
store a mapping between the token and the set of user data;
determine whether to grant a token resolution request associated with the token based at least in part on a token access policy associated with the token and a context parameter associated with the token resolution request, wherein the context parameter is not included as an argument in the token resolution request, wherein to determine whether to grant the token resolution request comprises to:
in response to receiving the token resolution request, dynamically determine the context parameter by querying a third-party server using a request parameter that is included in the token resolution request to determine a relationship between a requestor associated with the token resolution request and a principal associated with the set of user data; and
determine whether the determined relationship matches a specified relationship for which the token is permitted to be resolved in accordance with the token access policy;
receive a token deletion request comprising the predetermined value; and
in response to a determination that the token comprises the predetermined value, cause the mapping to be associated with a post deletion access policy, wherein the post deletion access policy comprises an expiration date to be associated with the mapping.
|