US 12,137,098 B2
Systems and methods for access control
Adiel Cohen, New York City, NY (US)
Assigned to Aktana, Inc., San Francisco, CA (US)
Filed by Aktana, Inc., San Francisco, CA (US)
Filed on Jul. 22, 2021, as Appl. No. 17/383,242.
Application 17/383,242 is a continuation of application No. 17/002,697, filed on Aug. 25, 2020, granted, now 11,108,780.
Application 17/002,697 is a continuation of application No. PCT/US2020/036411, filed on Jun. 5, 2020.
Claims priority of provisional application 62/907,478, filed on Sep. 27, 2019.
Prior Publication US 2022/0086161 A1, Mar. 17, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 30/0201 (2023.01); G06N 3/08 (2023.01); H04L 9/40 (2022.01); H04W 12/00 (2021.01); H04W 12/08 (2021.01)
CPC H04L 63/101 (2013.01) [G06N 3/08 (2013.01); G06Q 30/0201 (2013.01); H04L 63/102 (2013.01); H04L 63/105 (2013.01); H04W 12/00 (2013.01); H04W 12/08 (2013.01); G06F 2221/2141 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A multi-tenant computing environment for providing access to a plurality of resources for a plurality of users, comprising:
(a) a plurality of data segments, wherein a data segment is associated with at least one respective resource of the plurality of resources and at least one respective user of the plurality of users, and wherein
the plurality of data segments is produced by segmenting data using machine learning or artificial intelligence based on (i) geographical boundaries or (ii) political boundaries and at least one of legal or corporate boundaries or roles or positions within a company, and
the plurality of resources comprises (i) drug sales data and (ii) health care provider data, and at least one of a database management tool, a scheduling tool, or a lead generation tool;
(b) a first access control system comprising at least one computer, wherein the first access control system is a role-based access control system (RBAC), an attribute-based access control system (ABAC), or an access control list (ACL), wherein the first access control system grants or denies an access of at least one user of the plurality of users to at least one resource of the plurality of resources, and wherein the at least one resource is associated with at least one data segment of the plurality of data segments; and
(c) a second access control system comprising at least one computer in communication with the first access control system, wherein when the first access control system grants the access of the at least one user to the at least one resource, wherein the second access control system is configured to verify whether the at least one user and the at least one resource are associated with the at least one data segment, and wherein, when the at least one user and the at least one resource are not associated with the at least one data segment, to deny the access of the at least one user to the at least one resource.