-
公开(公告)号:US10819747B1
公开(公告)日:2020-10-27
申请号:US14498784
申请日:2014-09-26
发明人: Khaled Salah Sedky , Kai Zhao , Jacob Andreas Kjelstrup , Ajith Harshana Ranabahu , Conor Patrick Cahill
摘要: A system and method for generating a policy entitlement map usable to provide a visualization of policies based at least in part on a set of resources of a service of a computing resource service provider, a set of actions that can be taken with the set of resources, or one or more identities. The policy entitlement map may be generated to reflect a set of actions performable by identities of the one or more identities, a set of resources accessible by the identities, or a set of actions that may be performed on the resources.
-
2.发明授权公开(公告)号:US11625273B1
公开(公告)日:2023-04-11
申请号:US16199037
申请日:2018-11-23
发明人: Mostafa Elhemali , Dolev Ish-am , Jonathan L. Meed , Richard Krog , Adel Gawdat , Kai Zhao , Saumil Ramesh Hukerikar
摘要: Throughput capacity may be changed to sustain throughput for accessing individual items in a database. A table hosted at storage nodes that provide access to the table in a database may be identified as allocated with a client-specified throughput capacity for accessing the table. Performance of access requests to the table at the storage nodes may be tracked. Based on the performance of the access requests, a change may be determined that modifies a throughput capacity for the table to sustain a guaranteed throughput for each access request independent of other access requests received for the table.
-
公开(公告)号:US10567388B1
公开(公告)日:2020-02-18
申请号:US15087007
申请日:2016-03-31
发明人: William Frederick Hingle Kruse , Jeffrey John Wierer , Nima Sharifi Mehr , Ashish Rangole , Kunal Chadha , Bharath Mukkati Prakash , Radu Mihai Berciu , Kai Zhao , Hardik Nagda , Chenxi Zhang
摘要: A policy/resource decommissioning service determines whether a resource has been inactive for a period of time greater than at least one period of time threshold for decommissioning. If the resource has been inactive greater than a first period of time threshold, the service disables the resource such that requests to access the resource are denied. If the resource has been inactive for a period of time greater than a second threshold, longer than the first period of time threshold, the service archives the resource. The service deletes the resource if the inactivity period of the resource is greater than a third period of time threshold, where the third period of time threshold is longer than the first and the second period of time thresholds.
-
公开(公告)号:US20180234462A1
公开(公告)日:2018-08-16
申请号:US15953262
申请日:2018-04-13
发明人: William Frederick Hingle Kruse , Bharath Mukkati Prakash , Ashish Rangole , Nima Sharifi Mehr , Jeffrey John Wierer , Kunal Chadha , Chenxi Zhang , Hardik Nagda , Kai Zhao
IPC分类号: H04L29/06
摘要: A computing resource service receives a request to access the service and perform various actions. In response to the request, the computing resource service obtains a set of active policies that are applicable to the request. As a result of the service determining that the set of active policies fail to provide sufficient permissions for fulfillment of the request, the service determines if an enforcement policy is available that is applicable to the request. The service evaluates the request using the enforcement policy such that if the enforcement policy includes permissions sufficient for fulfillment of the request, the request is fulfilled.
-
公开(公告)号:US09948681B1
公开(公告)日:2018-04-17
申请号:US15087014
申请日:2016-03-31
发明人: William Frederick Hingle Kruse , Bharath Mukkati Prakash , Ashish Rangole , Nima Sharifi Mehr , Jeffrey John Wierer , Kunal Chadha , Chenxi Zhang , Hardik Nagda , Kai Zhao
摘要: A computing resource service receives a request to access the service and perform various actions. In response to the request, the computing resource service obtains a set of active policies that are applicable to the request. As a result of the service determining that the set of active policies fail to provide sufficient permissions for fulfillment of the request, the service determines if an enforcement policy is available that is applicable to the request. The service evaluates the request using the enforcement policy such that if the enforcement policy includes permissions sufficient for fulfillment of the request, the request is fulfilled.
-
公开(公告)号:US10581919B2
公开(公告)日:2020-03-03
申请号:US15953262
申请日:2018-04-13
发明人: William Frederick Hingle Kruse , Bharath Mukkati Prakash , Ashish Rangole , Nima Sharifi Mehr , Jeffrey John Wierer , Kunal Chadha , Chenxi Zhang , Hardik Nagda , Kai Zhao
摘要: A computing resource service receives a request to access the service and perform various actions. In response to the request, the computing resource service obtains a set of active policies that are applicable to the request. As a result of the service determining that the set of active policies fail to provide sufficient permissions for fulfillment of the request, the service determines if an enforcement policy is available that is applicable to the request. The service evaluates the request using the enforcement policy such that if the enforcement policy includes permissions sufficient for fulfillment of the request, the request is fulfilled.
-
公开(公告)号:US10122757B1
公开(公告)日:2018-11-06
申请号:US14574328
申请日:2014-12-17
发明人: William Frederick Hingle Kruse , Ashish Rangole , James E. Scharf, Jr. , Kai Zhao , Jeffrey John Wierer
摘要: Techniques for self-learning access control policies are disclosed herein. A set of security policy modification recommendations is produced based on set of effective permissions and also based on a set of requests for access subject to that set of effective permission. Each policy modification recommendation is configured to alter the set of effective permissions by performing one or more actions altering one or more of the effective permissions. A selected policy modification recommendation is provided that is configured to produce a modified set of effective permissions.
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.016 秒)
