What technology area does this patent fall under?

Primary CPC classification G06F9/547. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Nov 07 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Governing access to third-party application programming interfaces

US11809923B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11809923-B2
Application number	US-202117328519-A
Country	US
Kind code	B2
Filing date	May 24, 2021
Priority date	Jun 30, 2017
Publication date	Nov 7, 2023
Grant date	Nov 7, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques for governing access to third-party application programming interfaces (API's) are disclosed. A proxy service exposes an API configured to receive requests, from user-facing services, to perform functions of backend services. The proxy service stores a usage policy that defines a criterion that is (a) different from any authorization criterion and (b) associated with using a function of a backend service. The proxy service receives a request to perform the function of the first backend service for a user-facing service and determines that the request does not satisfy the usage policy. Based on determining that the request does not satisfy the usage policy, the proxy service refrains from accessing the backend service to perform the function responsive to the request, and transmits an alert to the user-facing service indicating that the request does not satisfy the usage policy.

First claim

Opening claim text (preview).

What is claimed is: 1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, cause performance of operations comprising: receiving, via a plug-in application recipe (“PIAR”) management application, a plurality of PIAR definitions corresponding respectively to a plurality of PIARs; wherein the PIAR management application stores and manages the plurality of PIAR definitions; wherein a particular PIAR definition of the plurality of PIAR definitions, corresponding to a particular PIAR of the plurality of PIARs, identifies: (a) a trigger for which one or more trigger variables, values of which are necessary to evaluate the trigger on an ongoing basis, are exposed by a first plug-in application to the PIAR management application, wherein an instance of evaluating the trigger comprises determining whether a condition is satisfied based at least in part on one or more values of the one or more trigger variables, and (b) an action for which a second plug-in application exposes an interface to the PIAR management application for causing the second plug-in application to carry out the action, wherein an instance of evaluating the action comprises carrying out the action based on one or more values of one or more input variables that are input to the action in the PIAR definition; activating, by the PIAR management application, the particular PIAR by configuring execution of the action in response to detecting the trigger on an ongoing basis; receiving a PIAR restriction; determining that the PIAR restriction prohibits execution of the particular PIAR; and responsive to determining that the PIAR restriction prohibits execution of the particular PIAR, deactivating the particular PIAR. 2. The media of claim 1 , wherein determining that the PIAR restriction prohibits execution of the particular PIAR comprises determining that the PIAR restriction blocks one or more of using or activating the particular PIAR. 3. The media of claim 1 , wherein the PIAR restriction prohibits an operation that would otherwise be executed for completing the action associated with the particular PIAR. 4. The media of claim 1 , wherein deactivating the particular PIAR is performed by the PIAR management application. 5. The media of claim 1 , wherein deactivating the particular PIAR is performed by a connectivity manager in communication with the PIAR management application, the connectivity manager restricting data communication to and from the first plug-in application monitored by the particular PIAR. 6. The media of claim 1 , wherein: the trigger corresponds to exceeding a threshold data transmission rate; and the action corresponds to preventing subsequent data transmissions in response to detecting that the threshold data transmission rate has been exceeded. 7. The media of claim 1 , wherein: the trigger corresponds to a distributed denial of service network attack; and the action corresponds to preventing subsequent data transmissions in response to identifying the distributed denial of service network attack. 8. A method comprising: receiving, via a plug-in application recipe (“PIAR”) management application, a plurality of PIAR definitions corresponding respectively to a plurality of PIARs; wherein the PIAR management application stores and manages the plurality of PIAR definitions; wherein a particular PIAR definition of the plurality of PIAR definitions, corresponding to a particular PIAR of the plurality of PIARs, identifies: (a) a trigger for which one or more trigger variables, values of which are necessary to evaluate the trigger on an ongoing basis, are exposed by a first plug-in application to the PIAR management application, wherein an instance of evaluating the trigger comprises determining whether a condition is satisfied based at least in part on one or more values of the one or more trigger variables, and (b) an action for which a second plug-in application exposes an interface to the PIAR management application for causing the second plug-in application to carry out the action, wherein an instance of evaluating the action comprises carrying out the action based on one or more values of one or more input variables that are input to the action in the PIAR definition; activating, by the PIAR management application, the particular PIAR by configuring execution of the action in response to detecting the trigger on an ongoing basis; receiving a PIAR restriction; determining that the PIAR restriction prohibits execution of the particular PIAR; and responsive to determining that the PIAR restriction prohibits execution of the particular PIAR, deactivating the particular PIAR; wherein the method is performed by at least one device including a hardware processor. 9. The method of claim 8 , wherein determining that the PIAR restriction prohibits execution of the particular PIAR comprises determining that the PIAR restriction blocks one or more of using or activating the particular PIAR. 10. The method of claim 8 , wherein the PIAR restriction prohibits an operation that would otherwise be executed for completing the action associated with the particular PIAR. 11. The method of claim 8 , wherein deactivating the particular PIAR is performed by the PIAR management application. 12. The method of claim 8 , wherein deactivating the particular PIAR is performed by a connectivity manager in communication with the PIAR management application, the connectivity manager restricting data communication to and from the first plug-in application monitored by the particular PIAR. 13. The method of claim 8 , wherein: the trigger corresponds to exceeding a threshold data transmission rate; and the action corresponds to preventing subsequent data transmissions in response to detecting that the threshold data transmission rate has been exceeded. 14. The method of claim 8 , wherein: the trigger corresponds to a distributed denial of service network attack; and the action corresponds to preventing subsequent data transmissions in response to identifying the distributed denial of service network attack. 15. A system comprising: at least one device including a hardware processor; the system being configured to perform operations comprising: receiving, via a plug-in application recipe (“PIAR”) management application, a plurality of PIAR definitions corresponding respectively to a plurality of PIARs; wherein the PIAR management application stores and manages the plurality of PIAR definitions; wherein a particular PIAR definition of the plurality of PIAR definitions, corresponding to a particular PIAR of the plurality of PIARs, identifies: (a) a trigger for which one or more trigger variables, values of which are necessary to evaluate the trigger on an ongoing basis, are exposed by a first plug-in application to the PIAR management application, wherein an instance of evaluating the trigger comprises determining whether a condition is satisfied based at least in part on one or more values of the one or more trigger variables, and (b) an action for which a second plug-in application exposes an interface to the PIAR management application for causing the second plug-in application to carry out the action, wherein an instance of evaluating the action comprises carrying out the action based on one or more values of one or more input variables that are input to the action in the PIAR definition; activating, by the PIAR management application, the particular PIAR by configuring execution of the action in response to detecting the trigger on an ongoing basis; recei

Assignees

Oracle Int Corp

Inventors

Classifications

G06F9/547Primary
Remote procedure calls [RPC]; Web services · CPC title
H04L63/0281
Proxies · CPC title
H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
H04L67/56
Provisioning of proxy services (store-and-forward switching systems in data switching networks H04L12/54) · CPC title
H04L63/102
Entity profiles · CPC title

Patent family

Related publications grouped by family.

View patent family 67904509

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11809923B2 cover?: Techniques for governing access to third-party application programming interfaces (API's) are disclosed. A proxy service exposes an API configured to receive requests, from user-facing services, to perform functions of backend services. The proxy service stores a usage policy that defines a criterion that is (a) different from any authorization criterion and (b) associated with using a function…
Who is the assignee on this patent?: Oracle Int Corp
What technology area does this patent fall under?: Primary CPC classification G06F9/547. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Nov 07 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

How to read this patent

Abstract

First claim

Assignees

Inventors

Classifications

Patent family

External sources

Related patents

Universal platform application support for plugin modules

Methods and apparatuses for configuring message properties in a networked communications system

System and method for securing use of a portable drive with a computer network

Method and Device for Playing Plug-in in Browser

Privileged account plug-in framework - step-up validation

Processor and control method of processor

Authentication and authorization methods for cloud computing platform security

Frequently asked questions