Test mode authorization logging

摘要

Systems and techniques are provided for deploying an authorization policy to an enterprise server in a test mode. An authorization server generates and provides a test rule set based on the policy to enterprise server. An endpoint device transmits a restricted action request to the enterprise server which analyzes the request in view of the test rule set. A request decision based on the test rule set is made and recorded without being implemented by the enterprise server. A test mode report is generated based on one or more recorded decisions and the policy is enabled or invalidated based on the test mode report.

主权项

1. A method comprising:
distributing a first rule set from an authorization server to an enterprise server based on a policy that is in a test mode, wherein the policy belongs to a lifecycle having at least three steps, including a test mode step and an enforcement mode step, and wherein, in the test mode prior to deploying the first rule set, the enterprise server analyzes requests for access in view of the policy without enforcing the policy; receiving, by the enterprise server, a request to perform a restricted action from an endpoint device and transmitting a decision, by the enterprise server after analyzing the first rule set, to the authorization server that includes at least approving a threshold amount of access requests; and generating, by the authorization server, a test mode report based on the received decision from the enterprise server and entering the policy enforcement mode upon the approval of the policy in the test mode.