SYSTEM AND METHOD FOR USER ACCESS RISK SCORING
First Claim
1. A method for measuring access risk associated with an enterprise having at least one resource accessible by at least one user with at least one entitlement to access the resource, the method comprising:
- identifying the resources;
identifying the users of the resources;
identifying the entitlements associated with each of the users;
associating an access risk score with each of the entitlements; and
for each user, combining the access risk scores associated with the user to form a composite access risk score; and
outputting the composite access risk scores for each of the users.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for measuring access risk associated with an enterprise having at least one resource accessible by at least one user with at least one entitlement to access the resource. Some embodiments implement a method of identifying the resources, users, and entitlements and associating access risk scores with the entitlements. The method can include combining the access risk scores associated with each user to form composite access risks scores and outputting the composite access risk scores. In some embodiments, the user with the highest composite access risk score can be identified and remedial action taken. The highest access risk user of some embodiments may be a department, a division, a subsidiary, or an organization. The method can occur in real time and an administrator can be alerted to changes in entitlements. Access risk scores can be adjusted for compensating controls and personal factors and attributes of the users.
-
Citations
20 Claims
-
1. A method for measuring access risk associated with an enterprise having at least one resource accessible by at least one user with at least one entitlement to access the resource, the method comprising:
-
identifying the resources; identifying the users of the resources; identifying the entitlements associated with each of the users; associating an access risk score with each of the entitlements; and for each user, combining the access risk scores associated with the user to form a composite access risk score; and outputting the composite access risk scores for each of the users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An enterprise system comprising:
-
at least one resource with access points for at least one user; a processor in communication with the resources; an output in communication with the processor; and a machine readable memory in communication with the processor and for storing instructions which when executed cause the machine to; identify the resources; identify the users of the resources; identify the entitlements associated with each of the users; associate an access risk score with each of the entitlements; and for each user, combine the access risk scores associated with the user to form a composite access risk score; and output the composite access risk scores for each of the users at the output. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer readable medium carrying machine readable instructions which when executed cause the machine to:
-
identify the resources of an enterprise; identify the users of the resources; identify the entitlements associated with each of the users; associate an access risk score with each of the entitlements; and for each user, combine the access risk scores associated with the user to form a composite access risk score; and output the composite access risk scores for each of the users at an output of one of the systems. - View Dependent Claims (20)
-
Specification