System for technology anomaly detection, triage and response using solution data modeling

US 10,496,460 B2
Filed: 11/15/2017
Issued: 12/03/2019
Est. Priority Date: 11/15/2017
Status: Active Grant

First Claim

Patent Images

1. A system for technology anomaly detection, triage, and response using solution data modeling, the system comprising:

one or more memory devices having computer readable code stored thereon;

wherein the one or more memory devices comprises a plurality of databases comprising a model database and a solution database;

one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer readable code to;

generate one or more solution data models comprising a plurality of asset systems and a plurality of users, wherein each of the plurality of asset systems is associated with at least one user of the plurality of users, at least a first of the plurality of asset systems is associated with at least a second of the plurality of asset systems, and the one or more solution data models are generated by;

accessing one or more authentication systems, wherein the one or more authentication systems comprise authentication information associated with the plurality of asset systems and the plurality of users;

extracting the authentication information associated with the plurality of asset systems and the plurality of users;

accessing one or more human resources systems, wherein the one or more human resources systems comprise human resources information associated with the plurality of users;

extracting the human resources information associated with the plurality of users;

accessing one or more asset management systems, wherein the one or more asset management systems comprise asset information associated with at least type and location of the plurality of asset systems;

extracting the asset information associated with plurality of asset systems;

identifying a first set of relationships between each of the plurality of asset systems based on the extracted authentication information;

identifying a second set of relationships between each of the plurality of users and each of the plurality of asset systems based on the extracted authentication information; and

formulating the one or more solution data models based on the first set of relationships, the second set of relationships, the asset information, and the human resources information;

store the one or more solution data models in the model database;

continuously monitor the plurality of asset systems;

detect an anomaly associated with one or more tasks associated with at least a first group of asset systems of the plurality of asset systems based on continuously monitoring the plurality of asset systems;

extract a first solution data model associated with the first group of asset systems from the model database based on detecting the anomaly associated with the one or more tasks;

identify one or more relationships associated with the first group of asset systems based on the extracted first solution data model; and

identify a point of failure associated with the anomaly and the first group of asset systems based on the one or more relationships, wherein the point of failure is associated with a first asset system of the first group of systems.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention provide a system for technology anomaly detection, triage, and response using solution data modeling. The system is configured for generating solution data models comprising a plurality of asset systems and a plurality of users and storing the solution data models in a model database, continuously monitoring the plurality of asset systems and detecting an anomaly associated with the one or more tasks associated with at least a first group of asset systems of the plurality of asset systems, extracting a first solution data model associated with the first group of asset systems from the model database, identifying one or more relationships associated with the first group of systems based on the extracted first solution data model, and identifying a point of failure associated with the anomaly and the first group of asset systems based on the one or more relationships.

64 Citations

17 Claims

1. A system for technology anomaly detection, triage, and response using solution data modeling, the system comprising:
- one or more memory devices having computer readable code stored thereon;
  
  wherein the one or more memory devices comprises a plurality of databases comprising a model database and a solution database;
  
  one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer readable code to;
  
  generate one or more solution data models comprising a plurality of asset systems and a plurality of users, wherein each of the plurality of asset systems is associated with at least one user of the plurality of users, at least a first of the plurality of asset systems is associated with at least a second of the plurality of asset systems, and the one or more solution data models are generated by;
  
  accessing one or more authentication systems, wherein the one or more authentication systems comprise authentication information associated with the plurality of asset systems and the plurality of users;
  
  extracting the authentication information associated with the plurality of asset systems and the plurality of users;
  
  accessing one or more human resources systems, wherein the one or more human resources systems comprise human resources information associated with the plurality of users;
  
  extracting the human resources information associated with the plurality of users;
  
  accessing one or more asset management systems, wherein the one or more asset management systems comprise asset information associated with at least type and location of the plurality of asset systems;
  
  extracting the asset information associated with plurality of asset systems;
  
  identifying a first set of relationships between each of the plurality of asset systems based on the extracted authentication information;
  
  identifying a second set of relationships between each of the plurality of users and each of the plurality of asset systems based on the extracted authentication information; and
  
  formulating the one or more solution data models based on the first set of relationships, the second set of relationships, the asset information, and the human resources information;
  
  store the one or more solution data models in the model database;
  
  continuously monitor the plurality of asset systems;
  
  detect an anomaly associated with one or more tasks associated with at least a first group of asset systems of the plurality of asset systems based on continuously monitoring the plurality of asset systems;
  
  extract a first solution data model associated with the first group of asset systems from the model database based on detecting the anomaly associated with the one or more tasks;
  
  identify one or more relationships associated with the first group of asset systems based on the extracted first solution data model; and
  
  identify a point of failure associated with the anomaly and the first group of asset systems based on the one or more relationships, wherein the point of failure is associated with a first asset system of the first group of systems.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein identifying the one or more relationships associated with the first group of systems further comprises:
    - identifying one or more upstream systems associated with the first group of asset systems;
      
      identifying one or more downstream systems associated with the first group of asset systems; and
      
      identifying one or more applications associated with the first group of systems.
  - 3. The system of claim 1, wherein identifying the point of failure comprises:
    - determining at least one change implemented on the first group of asset systems within a predetermined amount of time; and
      
      identifying source of the at least one change implemented on the first group of asset systems based on the one or more relationships, wherein the source of the at least one change is the first asset system.
  - 4. The system of claim 3, wherein the one or more processing devices are further configured to execute the computer readable code to:
    - transmit a notification to at least one user of the plurality of users associated with the first group of asset systems, wherein the notification comprises the point of failure and type of the at least one change implemented on at least the first asset system;
      
      receive a solution from the at least one user to resolve the anomaly associated with the one or more tasks associated with the point of failure; and
      
      implement the solution received from the at least one user, wherein the solution is associated at least with the point of failure.
  - 5. The system of claim 4, wherein the one or more processing devices are further configured to execute the computer readable code to determine that the anomaly associated with the one or more tasks has been resolved in response to implementing the solution associated with the point of failure.
  - 6. The system of claim 5, wherein the one or more processing devices are further configured to execute the computer readable code to store the point of failure and the solution in the solution database based on determining that the failure of the one or more tasks has been resolved.

7. A computer program product for technology anomaly detection, triage, and response using solution data modeling, the computer program product comprising at least one non-transitory computer readable medium comprises computer readable instructions for:
- generating one or more solution data models comprising a plurality of asset systems and a plurality of users, wherein each of the plurality of asset systems is associated with at least one user of the plurality of users, at least a first of the plurality of asset systems is associated with at least a second of the plurality of asset systems, and the one or more solution data models are generated by;
  
  accessing one or more authentication systems, wherein the one or more authentication systems comprise authentication information associated with the plurality of asset systems and the plurality of users;
  
  extracting the authentication information associated with the plurality of asset systems and the plurality of users;
  
  accessing one or more human resources systems, wherein the one or more human resources systems comprise human resources information associated with the plurality of users;
  
  extracting the human resources information associated with the plurality of users;
  
  accessing one or more asset management systems, wherein the one or more asset management systems comprise asset information associated with at least type and location of the plurality of asset systems;
  
  extracting the asset information associated with plurality of asset systems;
  
  identifying a first set of relationships between each of the plurality of asset systems based on the extracted authentication information;
  
  identifying a second set of relationships between each of the plurality of users and each of the plurality of asset systems based on the extracted authentication information; and
  
  formulating the one or more solution data models based on the first set of relationships, the second set of relationships, the asset information, and the human resources information;
  
  storing the one or more solution data models in a model database;
  
  continuously monitoring the plurality of asset systems;
  
  detecting an anomaly associated with one or more tasks associated with at least a first group of asset systems of the plurality of asset systems based on continuously monitoring the plurality of asset systems;
  
  extracting a first solution data model associated with the first group of asset systems from the model database based on detecting the anomaly associated with the one or more tasks;
  
  identifying one or more relationships associated with the first group of asset systems based on the extracted first solution data model; and
  
  identifying a point of failure associated with the anomaly and the first group of asset systems based on the one or more relationships, wherein the point of failure is associated with a first asset system of the first group of systems.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The computer program product of claim 7, wherein identifying the one or more relationships associated with the first group of systems further comprises:
    - identifying one or more upstream systems associated with the first group of asset systems;
      
      identifying one or more downstream systems associated with the first group of asset systems; and
      
      identifying one or more applications associated with the first group of systems.
  - 9. The computer program product of claim 7, wherein identifying the point of failure comprises:
    - determining at least one change implemented on the first group of asset systems within a predetermined amount of time; and
      
      identifying source of the at least one change implemented on the first group of asset systems based on the one or more relationships, wherein the source of the at least one change is the first asset system.
  - 10. The computer program product of claim 9, wherein the computer program product comprising the at least one non-transitory computer readable medium further comprises computer readable instructions for:
    - transmitting a notification to at least one user of the plurality of users associated with the first group of asset systems, wherein the notification comprises the point of failure and type of the at least one change implemented on at least the first asset system;
      
      receiving a solution from the at least one user to resolve the anomaly associated with the one or more tasks associated with the point of failure; and
      
      implementing the solution received from the at least one user, wherein the solution is associated at least with the point of failure.
  - 11. The computer program product of claim 10, wherein the computer program product comprising the at least one non-transitory computer readable medium further comprises computer readable instructions for determining that the anomaly associated with the one or more tasks has been resolved in response to implementing the solution associated with the point of failure.
  - 12. The computer program product of claim 11, wherein the computer program product comprising the at least one non-transitory computer readable medium further comprises computer readable instructions for storing the point of failure and the solution in a solution database based on determining that the failure of the one or more tasks has been resolved.

13. A computer implemented method for technology anomaly detection, triage, and response using solution data modeling, the method comprising:
- generating one or more solution data models comprising a plurality of asset systems and a plurality of users, wherein each of the plurality of asset systems is associated with at least one user of the plurality of users, at least a first of the plurality of asset systems is associated with at least a second of the plurality of asset systems, and the one or more solution data models are generated by;
  
  accessing one or more authentication systems, wherein the one or more authentication systems comprise authentication information associated with the plurality of asset systems and the plurality of users;
  
  extracting the authentication information associated with the plurality of asset systems and the plurality of users;
  
  accessing one or more human resources systems, wherein the one or more human resources systems comprise human resources information associated with the plurality of users;
  
  extracting the human resources information associated with the plurality of users;
  
  accessing one or more asset management systems, wherein the one or more asset management systems comprise asset information associated with at least type and location of the plurality of asset systems;
  
  extracting the asset information associated with plurality of asset systems;
  
  identifying a first set of relationships between each of the plurality of asset systems based on the extracted authentication information;
  
  identifying a second set of relationships between each of the plurality of users and each of the plurality of asset systems based on the extracted authentication information; and
  
  formulating the one or more solution data models based on the first set of relationships, the second set of relationships, the asset information, and the human resources information;
  
  storing the one or more solution data models in a model database;
  
  continuously monitoring the plurality of asset systems;
  
  detecting an anomaly associated with one or more tasks associated with at least a first group of asset systems of the plurality of asset systems based on continuously monitoring the plurality of asset systems;
  
  extracting a first solution data model associated with the first group of asset systems from the model database based on detecting the anomaly associated with the one or more tasks;
  
  identifying one or more relationships associated with the first group of asset systems based on the extracted first solution data model; and
  
  identifying a point of failure associated with the anomaly and the first group of asset systems based on the one or more relationships, wherein the point of failure is associated with a first asset system of the first group of systems.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer implemented method of claim 13, wherein identifying the one or more relationships associated with the first group of systems further comprises:
    - identifying one or more upstream systems associated with the first group of asset systems;
      
      identifying one or more downstream systems associated with the first group of asset systems; and
      
      identifying one or more applications associated with the first group of systems.
  - 15. The computer implemented method of claim 13, wherein identifying the point of failure comprises:
    - determining at least one change implemented on the first group of asset systems within a predetermined amount of time; and
      
      identifying source of the at least one change implemented on the first group of asset systems based on the one or more relationships, wherein the source of the at least one change is the first asset system.
  - 16. The computer implemented method of claim 15, wherein the method further comprises:
    - transmitting a notification to at least one user of the plurality of users associated with the first group of asset systems, wherein the notification comprises the point of failure and type of the at least one change implemented on at least the first asset system;
      
      receiving a solution from the at least one user to resolve the anomaly associated with the one or more tasks associated with the point of failure; and
      
      implementing the solution received from the at least one user, wherein the solution is associated at least with the point of failure.
  - 17. The computer implemented method of claim 16, wherein the method further comprises determining that the anomaly associated with the one or more tasks has been resolved in response to implementing the solution associated with the point of failure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Kephart, Aaron Dion, Huneycutt, Katy Leigh, Hayes, Richard LeRoy
Primary Examiner(s)
Guyton, Philip

Application Number

US15/814,028
Publication Number

US 20190146862A1
Time in Patent Office

748 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/0709   in a distributed system con...

G06F 11/0715   in a system implementing mu...

G06F 11/0793   Remedial or corrective acti...

G06F 11/3006   where the computing system ...

G06F 11/302   where the computing system ...

G06F 11/3476   Data logging G06F11/14, G06...

System for technology anomaly detection, triage and response using solution data modeling

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System for technology anomaly detection, triage and response using solution data modeling

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links