Patents by Inventor Helali Bhuiyan
Helali Bhuiyan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220138340Abstract: Techniques for generating and using reader-friendly policy statements are disclosed. In one or more embodiments, a policy management service receives a request for an authorization policy in a language-localized syntax. The policy management service identifies a syntax graph corresponding to the authorization policy and traverses the syntax graph to obtain at least a requestor variable value associated with the authorization policy, an action variable value associated with the authorization policy, a resource variable value associated with the authorization policy, and a location variable value associated with the authorization policy. The policy authorization service generates a reader-friendly policy statement in the language-localized syntax using the requestor variable value, the action variable value, the resource variable value, and the location variable value. Responsive to the request, the policy authorization service provides the reader-friendly policy statement.Type: ApplicationFiled: January 19, 2022Publication date: May 5, 2022Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 11288390Abstract: Techniques for generating and using reader-friendly policy statements are disclosed. In one or more embodiments, a policy management service receives a request for an authorization policy in a language-localized syntax. The policy management service identifies a syntax graph corresponding to the authorization policy and traverses the syntax graph to obtain at least a requestor variable value associated with the authorization policy, an action variable value associated with the authorization policy, a resource variable value associated with the authorization policy, and a location variable value associated with the authorization policy. The policy authorization service generates a reader-friendly policy statement in the language-localized syntax using the requestor variable value, the action variable value, the resource variable value, and the location variable value. Responsive to the request, the policy authorization service provides the reader-friendly policy statement.Type: GrantFiled: July 26, 2019Date of Patent: March 29, 2022Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 11196749Abstract: Systems, methods, and other embodiments associated with controlling a multi-tenant service-oriented architecture are described. In one embodiment, a method includes providing a collection of policies based upon who can access information of a user, wherein the information of the user is managed by a second service. A multi-tenant control module determines if a first service is able to contact the second service and obtain access to the user's information through the second service. An authentication service works in conjunction with the first and second services to assist in determining if the first service is able to contact the second service and obtain access to the user's information through the second service.Type: GrantFiled: April 26, 2019Date of Patent: December 7, 2021Assignee: ORACLE INTERNATIONAL CORPORATIONInventors: Helali Bhuiyan, Geoff Hopcraft, Gayathri Premachandran, Jinai A
-
Patent number: 10997309Abstract: Techniques for making preliminary authorization determinations based on partial contextual information are disclosed. In one or more embodiments, an API receives an authorization request and partial contextual information associated with the authorization request. The API submits the partial contextual information to an authorization service, without submitting complete contextual information associated with the authorization request. The API receives, from the authorization service, a preliminary authorization response based on the partial contextual information. The preliminary authorization includes one of (a) denial of the authorization request and (b) non-denial of the authorization request.Type: GrantFiled: May 30, 2019Date of Patent: May 4, 2021Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 10949561Abstract: Techniques for generating syntax graphs corresponding to user-defined policy statement are disclosed. In one or more embodiments, a policy management service receives a user-defined policy statement that includes a requestor variable value, an action variable value, a resource variable value, and a location variable value. The user-defined policy statement describes an authorization policy. The policy authorization service converts the user-defined policy statement to a canonical policy statement, which involves: mapping the requestor variable value to a unique system-wide requestor identifier, and mapping the location variable value to a unique system-wide location identifier. The policy management service generates a syntax graph of the canonical policy statement. The syntax graph is traversable to determine whether the authorization policy is satisfied for a particular authorization request. The policy management service stores the syntax graph for use by an authorization service.Type: GrantFiled: May 30, 2019Date of Patent: March 16, 2021Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20200344235Abstract: Systems, methods, and other embodiments associated with controlling a multi-tenant service-oriented architecture are described. In one embodiment, a method includes providing a collection of policies based upon who can access information of a user, wherein the information of the user is managed by a second service. A multi-tenant control module determines if a first service is able to contact the second service and obtain access to the user's information through the second service. An authentication service works in conjunction with the first and second services to assist in determining if the first service is able to contact the second service and obtain access to the user's information through the second service.Type: ApplicationFiled: April 26, 2019Publication date: October 29, 2020Inventors: Helali BHUIYAN, Geoff HOPCRAFT, Gayathri PREMACHANDRAN, Jinai A
-
Publication number: 20190347437Abstract: Techniques for generating and using reader-friendly policy statements are disclosed. In one or more embodiments, a policy management service receives a request for an authorization policy in a language-localized syntax. The policy management service identifies a syntax graph corresponding to the authorization policy and traverses the syntax graph to obtain at least a requestor variable value associated with the authorization policy, an action variable value associated with the authorization policy, a resource variable value associated with the authorization policy, and a location variable value associated with the authorization policy. The policy authorization service generates a reader-friendly policy statement in the language-localized syntax using the requestor variable value, the action variable value, the resource variable value, and the location variable value. Responsive to the request, the policy authorization service provides the reader-friendly policy statement.Type: ApplicationFiled: July 26, 2019Publication date: November 14, 2019Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20190278935Abstract: Techniques for generating syntax graphs corresponding to user-defined policy statement are disclosed. In one or more embodiments, a policy management service receives a user-defined policy statement that includes a requestor variable value, an action variable value, a resource variable value, and a location variable value. The user-defined policy statement describes an authorization policy. The policy authorization service converts the user-defined policy statement to a canonical policy statement, which involves: mapping the requestor variable value to a unique system-wide requestor identifier, and mapping the location variable value to a unique system-wide location identifier. The policy management service generates a syntax graph of the canonical policy statement. The syntax graph is traversable to determine whether the authorization policy is satisfied for a particular authorization request. The policy management service stores the syntax graph for use by an authorization service.Type: ApplicationFiled: May 30, 2019Publication date: September 12, 2019Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20190278934Abstract: Techniques for making preliminary authorization determinations based on partial contextual information are disclosed. In one or more embodiments, an API receives an authorization request and partial contextual information associated with the authorization request. The API submits the partial contextual information to an authorization service, without submitting complete contextual information associated with the authorization request. The API receives, from the authorization service, a preliminary authorization response based on the partial contextual information. The preliminary authorization includes one of (a) denial of the authorization request and (b) non-denial of the authorization request.Type: ApplicationFiled: May 30, 2019Publication date: September 12, 2019Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 10410009Abstract: Techniques for making preliminary authorization determinations based on partial contextual information are disclosed. In one or more embodiments, an API receives an authorization request and partial contextual information associated with the authorization request. The API submits the partial contextual information to an authorization service, without submitting complete contextual information associated with the authorization request. The API receives, from the authorization service, a preliminary authorization response based on the partial contextual information. The preliminary authorization includes one of (a) denial of the authorization request and (b) non-denial of the authorization request.Type: GrantFiled: March 8, 2017Date of Patent: September 10, 2019Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 10410010Abstract: Techniques for generating and using reader-friendly policy statements are disclosed. In one or more embodiments, a policy management service receives a request for an authorization policy in a language-localized syntax. The policy management service identifies a syntax graph corresponding to the authorization policy and traverses the syntax graph to obtain at least a requestor variable value associated with the authorization policy, an action variable value associated with the authorization policy, a resource variable value associated with the authorization policy, and a location variable value associated with the authorization policy. The policy authorization service generates a reader-friendly policy statement in the language-localized syntax using the requestor variable value, the action variable value, the resource variable value, and the location variable value. Responsive to the request, the policy authorization service provides the reader-friendly policy statement.Type: GrantFiled: March 8, 2017Date of Patent: September 10, 2019Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 10410008Abstract: Techniques for evaluating authorization requests using cached policy data are disclosed. In one or more embodiments, a thick client receives an authorization request. The thick client evaluates the authorization request, based on partial contextual information associated with the authorization request and a local policy data cache, to generate a preliminary authorization response. The preliminary authorization response includes one of (a) denial of the authorization request and (b) non-denial of the authorization request. Responsive to the preliminary authorization response including non-denial of the authorization request, the thick client submits complete contextual information associated with the authorization request to an authorization service. The authorization service provides a final authorization result, which the thick client uses to grant or deny the authorization request.Type: GrantFiled: March 8, 2017Date of Patent: September 10, 2019Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Patent number: 10395050Abstract: Techniques for generating syntax graphs corresponding to user-defined policy statement are disclosed. In one or more embodiments, a policy management service receives a user-defined policy statement that includes a requestor variable value, an action variable value, a resource variable value, and a location variable value. The user-defined policy statement describes an authorization policy. The policy authorization service converts the user-defined policy statement to a canonical policy statement, which involves: mapping the requestor variable value to a unique system-wide requestor identifier, and mapping the location variable value to a unique system-wide location identifier. The policy management service generates a syntax graph of the canonical policy statement. The syntax graph is traversable to determine whether the authorization policy is satisfied for a particular authorization request. The policy management service stores the syntax graph for use by an authorization service.Type: GrantFiled: March 8, 2017Date of Patent: August 27, 2019Assignee: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20170262648Abstract: Techniques for making preliminary authorization determinations based on partial contextual information are disclosed. In one or more embodiments, an API receives an authorization request and partial contextual information associated with the authorization request. The API submits the partial contextual information to an authorization service, without submitting complete contextual information associated with the authorization request. The API receives, from the authorization service, a preliminary authorization response based on the partial contextual information. The preliminary authorization includes one of (a) denial of the authorization request and (b) non-denial of the authorization request.Type: ApplicationFiled: March 8, 2017Publication date: September 14, 2017Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20170264642Abstract: Techniques for evaluating authorization requests using cached policy data are disclosed. In one or more embodiments, a thick client receives an authorization request. The thick client evaluates the authorization request, based on partial contextual information associated with the authorization request and a local policy data cache, to generate a preliminary authorization response. The preliminary authorization response includes one of (a) denial of the authorization request and (b) non-denial of the authorization request. Responsive to the preliminary authorization response including non-denial of the authorization request, the thick client submits complete contextual information associated with the authorization request to an authorization service. The authorization service provides a final authorization result, which the thick client uses to grant or deny the authorization request.Type: ApplicationFiled: March 8, 2017Publication date: September 14, 2017Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20170264643Abstract: Techniques for generating and using reader-friendly policy statements are disclosed. In one or more embodiments, a policy management service receives a request for an authorization policy in a language-localized syntax. The policy management service identifies a syntax graph corresponding to the authorization policy and traverses the syntax graph to obtain at least a requestor variable value associated with the authorization policy, an action variable value associated with the authorization policy, a resource variable value associated with the authorization policy, and a location variable value associated with the authorization policy. The policy authorization service generates a reader-friendly policy statement in the language-localized syntax using the requestor variable value, the action variable value, the resource variable value, and the location variable value. Responsive to the request, the policy authorization service provides the reader-friendly policy statement.Type: ApplicationFiled: March 8, 2017Publication date: September 14, 2017Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel
-
Publication number: 20170262649Abstract: Techniques for generating syntax graphs corresponding to user-defined policy statement are disclosed. In one or more embodiments, a policy management service receives a user-defined policy statement that includes a requestor variable value, an action variable value, a resource variable value, and a location variable value. The user-defined policy statement describes an authorization policy. The policy authorization service converts the user-defined policy statement to a canonical policy statement, which involves: mapping the requestor variable value to a unique system-wide requestor identifier, and mapping the location variable value to a unique system-wide location identifier. The policy management service generates a syntax graph of the canonical policy statement. The syntax graph is traversable to determine whether the authorization policy is satisfied for a particular authorization request. The policy management service stores the syntax graph for use by an authorization service.Type: ApplicationFiled: March 8, 2017Publication date: September 14, 2017Applicant: Oracle International CorporationInventors: Helali Bhuiyan, Daniel M. Vogel