US Patent 12069095 Automated authentication and authorization in a communication system

An application-operating organization may delegate a third-party server to serve as an automated contextual authentication responder and an authorization responder. The third-party server may manage a delegated section of the organization's namespace that includes the public identities of various devices controlled by the organization. The third-party server may also dynamically generate interaction control list that is tailored to a requesting device's context based on the interaction control policies set forth by the organization. The interaction control list may include information that determines the authorization of the requesting device to interact with another device. The third-party server may also automatically determine the role of a new device to which existing policies are inapplicable and provide guided workflow for the organization to set up new interaction control policies in governing the new device. The determination of the roles of devices may be based on an iterative process using external data sources.