Method and System for Implementing and Managing an Enterprise Identity Management for Distributed Security
First Claim
Patent Images
1. An audit system with a processor and a memory, said audit system configured to:
- monitor changes in a relationship between a user and an identity of an account over a period of time to periodically perform an automatic adjustment of authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user;
assign a positive weight for a successful transaction by said user on said account, wherein said successful transaction is based on security requirements of said account and risk factors relating to various transaction types associated with said account;
evaluate a current transaction of said user by comparing said current transaction to previous transactions performed by said user;
assign a positive weight for a similar transaction by said userassign a negative weight for an unsuccessful transaction by said user on said account, wherein assigning the positive weight for the similar transaction and the assigning the negative weight are based on the comparing;
aggregate said positive and negative weights to determine a usage history of said user;
remove a relationship between said identity and said account in response to said aggregation failing to meet a predetermined criteria; and
monitor aggregated behaviors, wherein said aggregated behaviors are used to weight transactions to further verify ownership of said account.
4 Assignments
0 Petitions
Accused Products
Abstract
An Enterprise Identity Management system includes a registration component, an ownership component, and an audit component. The registration component is configured to associate a user ID with specific accounts that are accessible via a computer system. The ownership component is configured to verify the ownership of the accounts. The audit component is configured to perform periodic checks to ensure the validity of the association between the user ID and the ownership of the accounts.
31 Citations
18 Claims
-
1. An audit system with a processor and a memory, said audit system configured to:
-
monitor changes in a relationship between a user and an identity of an account over a period of time to periodically perform an automatic adjustment of authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user; assign a positive weight for a successful transaction by said user on said account, wherein said successful transaction is based on security requirements of said account and risk factors relating to various transaction types associated with said account; evaluate a current transaction of said user by comparing said current transaction to previous transactions performed by said user; assign a positive weight for a similar transaction by said user assign a negative weight for an unsuccessful transaction by said user on said account, wherein assigning the positive weight for the similar transaction and the assigning the negative weight are based on the comparing; aggregate said positive and negative weights to determine a usage history of said user; remove a relationship between said identity and said account in response to said aggregation failing to meet a predetermined criteria; and monitor aggregated behaviors, wherein said aggregated behaviors are used to weight transactions to further verify ownership of said account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for facilitating issuance of an identity associated with an account, said method comprising:
-
assigning, by a computer, a positive weight for a successful transaction by a user on said account, wherein said successful transaction is based on security requirements of said account and risk factors relating to various transaction types associated with said account; evaluating, by said computer, a current transaction of said user by comparing said current transaction to previous transactions performed by said user; assigning, by said computer, a positive weight for a similar transaction by said user; assigning, by said computer, a negative weight for an unsuccessful transaction by said user on said account, wherein assigning the positive weight for the similar transaction and the assigning the negative weight are based on the comparing; aggregating, by said computer, said positive and negative weights to determine a usage history of said user; removing, by said computer, a relationship between said identity and said account when said aggregating step fails to meet a predetermined criteria; and monitoring, by said computer, aggregated behaviors, wherein said aggregated behaviors are used to weight transactions to further verify ownership of said account. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method implemented by a computer for facilitating issuance of an identity associated with an account, said method comprising:
-
issuing, by said computer, said identity to said user in response to at least a portion of authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account; monitoring, by said computer, changes in a relationship between said user and said identity over a period of time to periodically perform an automatic adjustment of said authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user; evaluating, by said computer, a current transaction of said user; comparing, by said computer, said current transaction to previous transactions performed by said user; and assigning, by said computer, a positive weight for a similar transaction by said user. - View Dependent Claims (18)
-
Specification