专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130298186A1 System and Method for Policy Based Privileged User Access Management 有权
标题翻译：基于策略的特权用户访问管理系统与方法
公开(公告)号：US20130298186A1
公开(公告)日：2013-11-07
申请号：US13463160
申请日：2012-05-03
申请人： John Christopher Radkowski , Swetta Singh
发明人： John Christopher Radkowski , Swetta Singh
IPC分类号： G06F21/00 , G06F17/00
CPC分类号： G06F17/00 , G06F21/00 , G06F21/6218
摘要： Embodiments dynamically manage privileged access to a computer system according to policies enforced by rule engine. User input to the rule engine may determine an extent of system access, as well as other features such as intensity of user activity logging (including logging supplemental to a system activity log). Certain embodiments may provide access based upon user selection of a pre-configured ID at a dashboard, while other embodiments may rely upon direct user input to the rule engine to generate an ID at a policy enforcement point. Embodiments of methods and apparatuses may be particularly useful in granting and/or logging broad temporary access rights allowed based upon emergency conditions.
摘要翻译：实施例根据规则引擎执行的策略动态管理对计算机系统的特权访问。对规则引擎的用户输入可以确定系统访问的程度，以及诸如用户活动日志记录强度（包括对系统活动日志的补充记录）等其他功能。某些实施例可以基于用户在仪表板上选择预先配置的ID来提供访问，而其他实施例可以依赖于直接用户输入规则引擎以在策略执行点生成ID。方法和装置的实施例可能特别有助于授予和/或记录基于紧急情况允许的广泛临时访问权限。

2. 发明授权

US08869234B2 System and method for policy based privileged user access management 有权
标题翻译：基于策略的特权用户访问管理的系统和方法
公开(公告)号：US08869234B2
公开(公告)日：2014-10-21
申请号：US13463160
申请日：2012-05-03
申请人： John Christopher Radkowski , Swetta Singh
发明人： John Christopher Radkowski , Swetta Singh
IPC分类号： H04L29/06
CPC分类号： G06F17/00 , G06F21/00 , G06F21/6218
摘要： Embodiments dynamically manage privileged access to a computer system according to policies enforced by rule engine. User input to the rule engine may determine an extent of system access, as well as other features such as intensity of user activity logging (including logging supplemental to a system activity log). Certain embodiments may provide access based upon user selection of a pre-configured ID at a dashboard, while other embodiments may rely upon direct user input to the rule engine to generate an ID at a policy enforcement point. Embodiments of methods and apparatuses may be particularly useful in granting and/or logging broad temporary access rights allowed based upon emergency conditions.
摘要翻译：实施例根据规则引擎执行的策略动态管理对计算机系统的特权访问。对规则引擎的用户输入可以确定系统访问的程度，以及诸如用户活动日志记录强度（包括对系统活动日志的补充记录）等其他功能。某些实施例可以基于用户在仪表板上选择预先配置的ID来提供访问，而其他实施例可以依赖于直接用户输入规则引擎以在策略执行点生成ID。方法和装置的实施例可能特别有助于授予和/或记录基于紧急情况允许的广泛临时访问权限。

3. 发明申请

US20150074014A1 SYSTEM AND METHOD FOR AUTOMATED ROLE RE-FACTORING 审中-公开
标题翻译：自动化反应的系统和方法
公开(公告)号：US20150074014A1
公开(公告)日：2015-03-12
申请号：US14025046
申请日：2013-09-12
申请人： John Christopher Radkowski , Saye Arumugam
发明人： John Christopher Radkowski , Saye Arumugam
IPC分类号： G06Q10/06
CPC分类号： G06Q10/0631 , G06F21/41 , G06F21/6218 , G06F2221/2141
摘要： In an example embodiment, roles within a job based security model are refactored to roles within a task oriented security model. The task oriented security model comprises task roles, which allow access to functionality and data, and enabler roles, which provide limits on the scope of the task roles. Data such as user assignment data, role to functionality mapping, functionality authorization objects, user identity and organizational data may be combined and normalized to create a mapping of users to functionality and organizational data. A refactoring engine may then examine the map to identify new candidate roles using contiguous regions of the map. Tuning parameters and constraints allow tuning of the candidate roles, and statistical metrics allow evaluation of the candidate roles. Candidate roles may be tested and applied in the new system.
摘要翻译：在示例实施例中，基于作业的安全模型中的角色被重构为面向任务的安全模型内的角色。面向任务的安全模型包括任务角色，允许访问功能和数据以及启用角色，这些角色限制了任务角色的范围。诸如用户分配数据，功能映射的角色，功能授权对象，用户身份和组织数据的数据可以被组合和归一化以创建用户到功能和组织数据的映射。然后，重构引擎可以使用地图的连续区域来检查地图以识别新的候选角色。调整参数和约束可以调整候选角色，统计指标可以评估候选角色。候选角色可以在新系统中进行测试和应用。

4. 发明申请

US20130085800A1 System and Method of Business Risk Based Authorization 审中-公开
标题翻译：基于业务风险的授权制度与方法
公开(公告)号：US20130085800A1
公开(公告)日：2013-04-04
申请号：US13252036
申请日：2011-10-03
申请人： John Christopher Radkowski , Sarma Adithe Venkata Ram
发明人： John Christopher Radkowski , Sarma Adithe Venkata Ram
IPC分类号： G06Q10/00
CPC分类号： G06Q10/0635
摘要： A system and method of authorizing access in a computer system. The method includes receiving a request to use the computer system, reading authorization data associated with the user, and denying the request according to the authorization data. The method further includes determining a business process risk associated with the request and comparing a characteristic of the request and the business process risk. The method further includes authorizing the request to use the computer system by the user when the business process risk exceeds the characteristic. In this manner, the delay involved in performing the normal access provisioning process is avoided for situations in which the business risk exceeds the cost of the delay.
摘要翻译：授权在计算机系统中访问的系统和方法。所述方法包括接收使用所述计算机系统的请求，读取与所述用户相关联的授权数据，以及根据所述授权数据拒绝所述请求。该方法还包括确定与请求相关联的业务流程风险并比较请求的特征和业务流程风险。该方法还包括当业务流程风险超过特征时授权用户使用计算机系统的请求。以这种方式，在业务风险超过延迟成本的情况下，避免了执行正常访问配置过程所涉及的延迟。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式