Addressing login platform security risks

US 10,205,737 B2
Filed: 01/11/2016
Issued: 02/12/2019
Est. Priority Date: 01/11/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

identifying security credentials of a user for a primary login platform, wherein the security credentials of the user indicate an access level for the user and security category for the primary login platform;

identifying one or more security developments, said one or more security developments comprising suspected fraudulent attempts being associated with said primary login platform, wherein identifying said one or more security developments further comprises;

identifying one or more sensitive information databases,receiving a primary sensitive information artefact, said primary sensitive information artefact being associated with said primary login platform,determining whether one or more matching sensitive information artefacts match said primary sensitive information artefact, said one or more matching sensitive information artefacts being stored in at least one of said one or more sensitive information databases and each of said one or more matching sensitive information artefacts being associated with a matching login platform,responsive to said one or more matching sensitive information artefacts matching said primary sensitive information artefact, determining a security divergence factor between said primary login platform and each said matching login platform based on at least one of one or more security levels associated with each of said primary login factor and each said matching login platform and one or more security categories associated with each of said primary login factor and each said matching login platform, anddetermining whether said security divergence factor exceeds a predefined security divergence threshold; and

responsive to identifying the one or more security developments, automatically updating the security credentials of the user to decrease the access level, increasing the security category for the primary login platform, and modifying one or more sensitive information artefacts associated with the primary login platform for the user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method includes identifying a primary login platform and identifying one or more security developments associated with the primary login platform. The computer-implemented method further includes determining one or more security corrective actions based on the one or more security developments. A corresponding computer program product and computer system are also disclosed.

32 Citations

View as Search Results

17 Claims

1. A computer-implemented method comprising:
- identifying security credentials of a user for a primary login platform, wherein the security credentials of the user indicate an access level for the user and security category for the primary login platform;
  
  identifying one or more security developments, said one or more security developments comprising suspected fraudulent attempts being associated with said primary login platform, wherein identifying said one or more security developments further comprises;
  
  identifying one or more sensitive information databases,receiving a primary sensitive information artefact, said primary sensitive information artefact being associated with said primary login platform,determining whether one or more matching sensitive information artefacts match said primary sensitive information artefact, said one or more matching sensitive information artefacts being stored in at least one of said one or more sensitive information databases and each of said one or more matching sensitive information artefacts being associated with a matching login platform,responsive to said one or more matching sensitive information artefacts matching said primary sensitive information artefact, determining a security divergence factor between said primary login platform and each said matching login platform based on at least one of one or more security levels associated with each of said primary login factor and each said matching login platform and one or more security categories associated with each of said primary login factor and each said matching login platform, anddetermining whether said security divergence factor exceeds a predefined security divergence threshold; and
  
  responsive to identifying the one or more security developments, automatically updating the security credentials of the user to decrease the access level, increasing the security category for the primary login platform, and modifying one or more sensitive information artefacts associated with the primary login platform for the user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1, wherein said one or more security developments comprise at least one security incident selected from the group consisting of:
    - an increase in a security risk measure associated with said primary login platform exceeding a predefined security risk increase threshold;
      
      a number of hacking incidents associated with said primary login platform exceeding a predefined hacking risk threshold;
      
      a number of fraud incidents associated with said primary login platform exceeding a predefined fraud risk threshold; and
      
      a number of phishing incidents associated with said primary login platform exceeding a predefined phishing risk threshold.
  - 3. The computer-implemented method of claim 1, wherein identifying said one or more security developments comprises accessing at least one security analysis service provider at predefined regular intervals.
  - 4. The computer-implemented method of claim 1, further comprising:
    - performing at least one of said one or more security corrective actions.
  - 5. The computer-implemented method of claim 1, further comprising:
    - determining at least one of at least one notifying action or at least one preventive action.
  - 6. The computer-implemented method of claim 5, wherein:
    - said at least one notifying action comprises sending at least one notification via at least one communication profile associated with said primary login platform; and
      
      said at least one preventive action is selected from the group consisting of;
      
      automatically changing one or more sensitive information artefacts associated with said login platform; and
      
      initiating at least one financial account suspending process.

7. A computer program product, comprising one or more computer readable storage media and program instructions stored on said one or more computer readable storage media, said program instructions comprising instructions to:
- identify security credentials of a user for a primary login platform, wherein the security credentials of the user indicate an access level for the user and security category for the primary login platform;
  
  identify one or more security developments said one or more security developments comprising suspected fraudulent attempts being associated with said primary login platform, wherein said instructions to identify said one or more security developments further comprise instructions to;
  
  identify one or more sensitive information databases,receive a primary sensitive information artefact, said primary sensitive information artefact being associated with said primary login platform,determine whether one or more matching sensitive information artefacts match said primary sensitive information artefact, said one or more matching sensitive information artefacts being stored in at least one of said one or more sensitive information databases and each of said one or more matching sensitive information artefacts being associated with a matching login platform,responsive to said one or more matching sensitive information artefacts matching said primary sensitive information artefact, determine a security divergence factor between said primary login platform and each said matching login platform based on at least one of one or more security levels associated with each of said primary login factor and each said matching login platform and one or more security categories associated with each of said primary login factor and each said matching login platform, anddetermine whether said security divergence factor exceeds a predefined security divergence threshold; and
  
  responsive to identifying the one or more security developments, automatically update the security credentials of the user to decrease the access level, increase the security category for the primary login platform, and modify one or more sensitive information artefacts associated with the primary login platform for the user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The computer program product of claim 7, wherein said one or more security developments comprise at least one security incident selected from the group consisting of:
    - an increase in a security risk measure associated with said primary login platform exceeding a predefined security risk increase threshold;
      
      a number of hacking incidents associated with said primary login platform exceeding a predefined hacking risk threshold;
      
      a number of fraud incidents associated with said primary login platform exceeding a predefined fraud risk threshold; and
      
      a number of phishing incidents associated with said primary login platform exceeding a predefined phishing risk threshold.
  - 9. The computer program product of claim 7, wherein said instructions to identify said one or more security developments further comprise instructions to access at least one security analysis service provider at predefined regular intervals.
  - 10. The computer program product of claim 7, wherein said program instructions further comprise instructions to perform at least one of said one or more security corrective actions.
  - 11. The computer program product of claim 7, further comprise:
    - instructions to determine at least one of at least one notifying action or at least one preventive action.
  - 12. The computer program product of claim 11, wherein:
    - said at least one notifying action comprises sending at least one notification via at least one communication profile associated with said primary login platform; and
      
      said at least one preventive action is selected from the group consisting of;
      
      automatically changing one or more sensitive information artefacts associated with said login platform; and
      
      initiating at least one financial account suspending process.

13. A computer system comprising:
- a processor;
  
  one or more computer readable storage media;
  
  computer program instructions;
  
  said computer program instructions being stored on said one or more computer readable storage media; and
  
  said computer program instructions comprising instructions to;
  
  identify security credentials of a user for a primary login platform, wherein the security credentials of the user indicate an access level for the user and security category for the primary login platform;
  
  identify one or more security developments said one or more security developments comprising suspected fraudulent attempts being associated with said primary login platform, wherein said instructions to identify said one or more security developments further comprise instructions to;
  
  identify one or more sensitive information databases,receive a primary sensitive information artefact, said primary sensitive information artefact being associated with said primary login platform,determine whether one or more matching sensitive information artefacts match said primary sensitive information artefact, said one or more matching sensitive information artefacts being stored in at least one of said one or more sensitive information databases and each of said one or more matching sensitive information artefacts being associated with a matching login platform,responsive to said one or more matching sensitive information artefacts matching said primary sensitive information artefact, determine a security divergence factor between said primary login platform and each said matching login platform based on at least one of one or more security levels associated with each of said primary login factor and each said matching login platform and one or more security categories associated with each of said primary login factor and each said matching login platform, anddetermine whether said security divergence factor exceeds a predefined security divergence threshold; and
  
  responsive to identifying the one or more security developments, automatically update the security credentials of the user to decrease the access level, increase the security category for the primary login platform, and modify one or more sensitive information artefacts associated with the primary login platform for the user.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer system of claim 13, wherein said one or more security developments comprise at least one security incident selected from the group consisting of:
    - an increase in a security risk measure associated with said primary login platform exceeding a predefined security risk increase threshold;
      
      a number of hacking incidents associated with said primary login platform exceeding a predefined hacking risk threshold;
      
      a number of fraud incidents associated with said primary login platform exceeding a predefined fraud risk threshold; and
      
      a number of phishing incidents associated with said primary login platform exceeding a predefined phishing risk threshold.
  - 15. The computer system of claim 13, wherein said instructions to identify said one or more security developments further comprise instructions to access at least one security analysis service provider at predefined regular intervals.
  - 16. The computer system of claim 13, further comprise:
    - instructions to determine at least one of at least one notifying action or at least one preventive action.
  - 17. The computer system of claim 16, wherein:
    - said at least one notifying action comprises sending at least one notification via at least one communication profile associated with said primary login platform; and
      
      said at least one preventive action is selected from the group consisting of;
      
      automatically changing one or more sensitive information artefacts associated with said login platform; and
      
      initiating at least one financial account suspending process.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arkose Labs Holdings Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Chen, Yi-Chun, Hong, Zen-Jerr, Liang, Lin Chung, Wu, Min-Tsung
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Sarker, Sanchit K

Application Number

US14/992,054
Publication Number

US 20170201512A1
Time in Patent Office

1,128 Days
Field of Search

726 8
US Class Current
CPC Class Codes

H04L 63/083 using passwords cryptograph...

H04L 63/1433 Vulnerability analysis

Addressing login platform security risks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

32 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Addressing login platform security risks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links