Patrick W Toole

US Patent:

20220350900, Nov 3, 2022

Filed:

Apr 29, 2022

Appl. No.:

17/733035

Inventors:

- San Mateo CA, US
Kaushik Shanadi - Washington DC, US
Dustin W. Webber - Dorchester MA, US
Patrick J. Toole - Wellington FL, US

International Classification:

G06F 21/60
H04L 41/28
H04L 9/40
H04W 48/02

Abstract:

An embedded policy takes the form of an executable entity local to the endpoint or end application attempting to access target data. The executable entity is compiled from a declarative remote policy based on objects, subjects and actions, and includes a library and API (Application Programming Interface) in conjunction with a client application seeking access according to the policy. Evaluation of appropriate access is resolved with a local function call to the executable entity, rather than a network message exchange, thus providing data target access according to the policy without incurring network latency.

US Patent:

20220353241, Nov 3, 2022

Filed:

Apr 29, 2022

Appl. No.:

17/733017

Inventors:

- San Mateo CA, US
Kaushik Shanadi - Washington DC, US
Dustin W. Webber - Dorchester MA, US
Patrick J. Toole - Wellington FL, US

International Classification:

H04L 9/40

Abstract:

An embedded policy takes the form of an executable entity local to the endpoint or end application attempting to access target data. The executable entity is compiled from a declarative remote policy based on objects, subjects and actions, and includes a library and API (Application Programming Interface) in conjunction with a client application seeking access according to the policy. Evaluation of appropriate access is resolved with a local function call to the executable entity, rather than a network message exchange, thus providing data target access according to the policy without incurring network latency.

US Patent:

20220353298, Nov 3, 2022

Filed:

Apr 29, 2022

Appl. No.:

17/733028

Inventors:

- San Mateo CA, US
Kaushik Shanadi - Washington DC, US
Dustin W. Webber - Dorchester MA, US
Patrick J. Toole - Wellington FL, US

International Classification:

H04L 9/40
G06F 21/62
G06F 9/54

Abstract:

A network device for enforcing an authorization policy to a database includes identifying an authorization policy based on declarative designations of a set of objects, subjects and actions affected by an access request, and distributing the executable entity to a plurality if endpoints of a network of users. Each endpoint of the plurality of endpoints has one or more client applications. The endpoint embeds the executable entity in the client application, the executable entity responsive to access requests from the client application, and the endpoint node grants the access request based on evaluating the access request against the authorization policy, evaluating based only on instructions in the executable entity.