Please download the dossier by clicking on the dossier button x
×

System and method for intelligent agents for decision support in network identity graph based identity management artificial intelligence systems

  • US 10,523,682 B1
  • Filed: 02/26/2019
  • Issued: 12/31/2019
  • Est. Priority Date: 02/26/2019
  • Status: Active Grant
First Claim
Patent Images

1. An identity management system, comprising:

  • a graph data store;

    a processor;

    a non-transitory, computer-readable storage medium, including computer instructions for;

    obtaining historical certification data for an enterprise, the historical certification data comprising a set of historical certification decisions, each historical certification decision comprising a historical access request including an identity and an entitlement, and an approval or denial decision for the historical access request;

    enhancing the historical certification data with a value for a feature for each historical access certification decision, the value for the feature determined from an identity graph associated with the enterprise;

    training a classifier with the enhanced historical certification data;

    receiving an access request including an identity and an entitlement and a request for an approval or denial decision for the access request;

    enhancing the received access request with a value for the feature, based on the identity or entitlement of the access request and the identity graph associated with the enterprise;

    submitting the enhanced access request to the classifier;

    receiving an approval or denial decision for the enhanced access request from the classifier; and

    returning the approval or denial decision for the access request to a user of the identity management system, wherein the identity graph associated with the enterprise comprises;

    generating a first identity graph from the identity management data by;

    creating a node of the first identity graph for each of a set of identities determined from identity management data of the enterprise, the identity management data comprising data on the set of identities and a set of entitlements associated with the set of identities utilized in identity management in the enterprise;

    for each first identity and second identity that share at least one entitlement of the set of entitlements, creating an edge of the first identity graph between a first node representing the first identity and a second node of the identity graph representing the second identity, andgenerating a similarity weight for each edge of the first identity graph between each first node and second node based on a number of the set of entitlements shared between the first identity represented by the first node and the second identity represented by the second node.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×