公开(公告)号：US20250023878A1

公开(公告)日：2025-01-16

申请号：US18220629

申请日：2023-07-11

Applicant: Dell Products L.P.

Inventor： Sumedh Wasudeo Sathaye ,  Yi Fang ,  Yidong Wang ,  Ranjit Kollu ,  Murali Kadala Keloth ,  David Scott Thompson ,  Ching-Yun Chao

IPC: H04L9/40 ,  G06F9/54

Abstract: A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: generating a request for a client identifier or an access token for access to a target application programming interface (API); obtaining an access policy associated with the target API; determining a least privileged API access permission based upon the access policy associated with the target API; and, using the client identifier or access token to access the target API when the least privileged API access permission allows access to the target API.

公开(公告)号：US20250124145A1

公开(公告)日：2025-04-17

申请号：US18486317

申请日：2023-10-13

Applicant: Dell Products L.P.

Inventor： Daniel K. O'Reilly, JR. ,  Chooi Peng Low ,  Yi Fang ,  Ranjit Kollu ,  Jonathon Cwik ,  Ching-Yun Chao

IPC: G06F21/60 ,  G06F21/53 ,  G06F21/54

Abstract: Up front authorization of a workflow and a security context for workflow execution are disclosed. All possible authorizations that may be required by a workflow are identified up front. A requestor is allowed to execute the workflow only when the authorizations of the user include the authorizations that may be required by the workflow. A security context is generated and associated with the workflow or an instance thereof. The security context scopes or limits the workflow to at least the type or capacity of work requested, work uniquely identified in the security context, and/or service/workflow/call paths that the request is allowed to be processed through.

公开(公告)号：US12225019B2

公开(公告)日：2025-02-11

申请号：US18220629

申请日：2023-07-11

Applicant: Dell Products L.P.

Inventor： Sumedh Wasudeo Sathaye ,  Yi Fang ,  Yidong Wang ,  Ranjit Kollu ,  Murali Kadala Keloth ,  David Scott Thompson ,  Ching-Yun Chao

IPC: H04L9/40 ,  G06F9/54

Abstract: A system, method, and computer-readable medium for performing a data center monitoring and management operation. The data center monitoring and management operation includes: generating a request for a client identifier or an access token for access to a target application programming interface (API); obtaining an access policy associated with the target API; determining a least privileged API access permission based upon the access policy associated with the target API; and, using the client identifier or access token to access the target API when the least privileged API access permission allows access to the target API.

公开(公告)号：US20240414169A1

公开(公告)日：2024-12-12

申请号：US18331770

申请日：2023-06-08

Applicant: Dell Products L.P.

Inventor： Yi Fang ,  David Scott Thompson ,  Yidong Wang ,  Ranjit Kollu ,  Jennifer Minarik ,  Reut Kovetz ,  Ching-Yun Chao ,  Qi Jin ,  Jonathon Cwik

IPC: H04L9/40

Abstract: A system can identify an attribute-based access control policy that comprises a pair comprising a permission policy and a condition policy that is associated with performing an operation on a computing resource. The system can identify that the attribute-based access control policy corresponds to a role policy that is associated with the account. The system can determine whether the account and the role policy satisfy the attribute-based access control policy with respect to the operation, wherein the determining comprises evaluating whether the computing resource and a required permission of the permission policy is declared in the role policy, and evaluating whether the account and the role policy satisfy the condition policy evaluates to true based on attributes of the account and attributes of the computing resource. The system can, in response to determining that the account satisfy the permission policy and the condition policy, perform the operation on the computing resource.