公开(公告)号：US20250103740A1

公开(公告)日：2025-03-27

申请号：US18429356

申请日：2024-01-31

Applicant: Salesforce, Inc.

Inventor： Chi Wang ,  Eugene Wayne Becker ,  Nidhi Chaudhary ,  Kishore Chaganti ,  Prasad Nimmakayala ,  Qingbo Cai ,  Linwei Zhu ,  Hsiang-Yun Lee ,  Amit Zohar ,  Raghu Setty ,  Bhavesh Doshi

IPC: G06F21/62

Abstract: System and method for fine granularity control of data access and usage for across multi-tenant systems. A user makes a request to access a particular set of data from a particular remote data source for a specific purpose. The system authorizes the user to validate whether the user is qualified to make the request. The data source is checked to see if the particular data has been granted access for that particular purpose. A cloud neutral token is created and converted into a cloud specific token upon reaching the remote data source. The cloud specific token is used to create a temporary IAM role and IAM policy with a predetermined time to live. After the time to live expires, the IAM role and IAM policy are deleted.

公开(公告)号：US20250106200A1

公开(公告)日：2025-03-27

申请号：US18429187

申请日：2024-01-31

Applicant: Salesforce, Inc.

Inventor： Chi Wang ,  Eugene Wayne Becker ,  Nidhi Chaudhary ,  Kishore Chaganti ,  Prasad Nimmakayala ,  Qingbo Cai ,  Linwei Zhu ,  Hsiang-Yun Lee ,  Amit Zohar ,  Raghu Setty ,  Bhavesh Doshi

IPC: H04L9/40

Abstract: System and method for fine granularity control of data access and usage for across multi-tenant systems. A user makes a request to access a particular set of data from a particular remote data source for a specific purpose. The system authorizes the user to validate whether the user is qualified to make the request. The data source is checked to see if the particular data has been granted access for that particular purpose. A cloud neutral token is created and converted into a cloud specific token upon reaching the remote data source. The cloud specific token is used to create a temporary IAM role and IAM policy with a predetermined time to live. After the time to live expires, the IAM role and IAM policy are deleted.

公开(公告)号：US20250103739A1

公开(公告)日：2025-03-27

申请号：US18429275

申请日：2024-01-31

Applicant: Salesforce, Inc.

Inventor： Chi Wang ,  Eugene Wayne Becker ,  Nidhi Chaudhary ,  Kishore Chaganti ,  Prasad Nimmakayala ,  Qingbo Cai ,  Linwei Zhu ,  Hsiang-Yun Lee ,  Amit Zohar ,  Raghu Setty ,  Bhavesh Doshi

IPC: G06F21/62

Abstract: System and method for fine granularity control of data access and usage for across multi-tenant systems. A user makes a request to access a particular set of data from a particular remote data source for a specific purpose. The system authorizes the user to validate whether the user is qualified to make the request. The data source is checked to see if the particular data has been granted access for that particular purpose. A cloud neutral token is created and converted into a cloud specific token upon reaching the remote data source. The cloud specific token is used to create a temporary IAM role and IAM policy with a predetermined time to live. After the time to live expires, the IAM role and IAM policy are deleted.

公开(公告)号：US20250106221A1

公开(公告)日：2025-03-27

申请号：US18429331

申请日：2024-01-31

Applicant: Salesforce, Inc.

Inventor： Chi Wang ,  Eugene Wayne Becker ,  Nidhi Chaudhary ,  Kishore Chaganti ,  Prasad Nimmakayala ,  Qingbo Cai ,  Linwei Zhu ,  Hsiang-Yun Lee ,  Amit Zohar ,  Raghu Setty ,  Bhavesh Doshi

IPC: H04L9/40

Abstract: System and method for fine granularity control of data access and usage for across multi-tenant systems. A user makes a request to access a particular set of data from a particular remote data source for a specific purpose. The system authorizes the user to validate whether the user is qualified to make the request. The data source is checked to see if the particular data has been granted access for that particular purpose. A cloud neutral token is created and converted into a cloud specific token upon reaching the remote data source. The cloud specific token is used to create a temporary IAM role and IAM policy with a predetermined time to live. After the time to live expires, the IAM role and IAM policy are deleted.