DATA SYSTEM FORENSICS SYSTEM AND METHOD

US 20120054827A1
Filed: 08/24/2010
Published: 03/01/2012
Est. Priority Date: 08/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for system security forensics in a system for allowing or denying a requester access to a protected asset comprising:

receiving a request to access a protected asset from a requester having a reputation;

making a decision whether to allow or to deny the requester access to the protected asset based upon the requester'"'"'s reputation;

creating access decision data related to the access decision; and

assessing the access decision data to determine why the access decision was made.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for creates, maintains and monitors individuals, organizations and artifacts relating to the same over time with respect to pedigree and reputation, security and reliability. One aspect of the present invention provides for a method and a system for collecting and maintaining historical party reputation data. Another aspect of the present invention provides for a method and a system for assessing an access decision to the historical party reputation data to a person after the person'"'"'s reputation has changed.

Citations

18 Claims

1. A method for system security forensics in a system for allowing or denying a requester access to a protected asset comprising:
- receiving a request to access a protected asset from a requester having a reputation;
  
  making a decision whether to allow or to deny the requester access to the protected asset based upon the requester'"'"'s reputation;
  
  creating access decision data related to the access decision; and
  
  assessing the access decision data to determine why the access decision was made.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method as defined in claim 1 further comprising determining that the requester'"'"'s reputation has changed, and if the decision is to deny the requester to access the protected asset, identifying other protected assets previously accessed by the requester.
  - 3. The method as defined in claim 2 further comprising assessing potential risk associated with the other protected assets being accessed by the requester after the requester'"'"'s reputation has changed.
  - 4. The method as defined in claim 2 further comprising determining other protected assets that, if accessed by the requester after the reputation change, would have been a violation.
  - 5. The method as defined in claim 4 further comprising assessing potential risk should there had been a violation.

6. A computer-readable medium storing computer instructions, which, when executed, enables a computer system operating with a reputation modification and decision making system, a reputation analyzer, a protected asset analyzer, and a protected asset access decision data assessor for system security forensics in a system for allowing or denying a requester access to a protected asset in a computer environment having hardware, the computer-readable medium storing computer instructions for performing a method comprising:
- receiving a request to access a protected asset from a requester having a reputation;
  
  making a decision whether to allow or to deny the requester access to the protected asset based upon the requester'"'"'s reputation;
  
  creating access decision data related to the access decision; and
  
  assessing the access decision data to determine why the access decision was made.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The computer-readable medium as defined in claim 6 wherein the method further comprises determining that the requester'"'"'s reputation has changed, making the decision to deny the requester to access the protected asset and identifying other protected assets accessed by the requester after the requester'"'"'s reputation has changed.
  - 8. The computer-readable medium as defined in claim 7 wherein the method further comprises assessing potential risk associated with the other protected assets accessed by the requester after the requester'"'"'s reputation has changed.
  - 9. The computer-readable medium as defined in claim 7 wherein the method further comprises determining other protected assets that, if accessed after the reputation change, would have been a violation.
  - 10. The computer-readable medium as defined in claim 9 wherein the method further comprises assessing potential risk should there had been a violation.

11. A method for deploying a reputation modification and decision making system having a reputation analyzer, a protected asset analyzer, and a protected asset access decision data assessor for system security forensics in a system for allowing or denying a requester access to a protected asset in a computer environment having hardware, for collecting and maintaining historical party reputation data and for assessing an access decision to the historical party reputation data to a person after the person'"'"'s reputation has changed, the method comprising a process comprising:
- receiving a request to access a protected asset from a requester having a reputation;
  
  making a decision whether to allow or to deny the requester access to the protected asset based upon the requester'"'"'s reputation;
  
  creating and storing access decision data related to the access decision; and
  
  assessing the access decision data to determine why the access decision was made.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method as defined in claim 11 wherein the process further comprises determining that the requester'"'"'s reputation has changed, and if the decision is to deny the requester to access the protected asset, identifying other protected assets accessed by the requester after the requester'"'"'s reputation has changed.
  - 13. The method as defined in claim 12 wherein the process further comprises assessing potential risk associated with the other protected assets being accessed by the requester after the requester'"'"'s reputation has changed.
  - 14. The method as defined in claim 13 wherein the process further comprises determining other protected assets that, if accessed after the reputation change, would have been a violation.
  - 15. The method as defined in claim 14 wherein the process further comprises assessing potential risk should there had been a violation.

16. A reputation modification and decision making system comprising:
- a reputation analyzer for determining whether the reputation of a requester to access a protected asset has changed;
  
  a protected asset analyzer for analyzing the access requirements of a requested protected asset;
  
  a risk assessor for assessing the risk of a requester to access a protected asset based upon the reputation of the requester and the access requirements of the requested protected asset; and
  
  a protected asset access decision maker for making a protected access decision based upon the risk assessment made by the risk assessor.
- View Dependent Claims (17, 18)
- - 17. The reputation modification and decision making system as defined in claim 16 further comprising a protected asset access decision data creator for creating and storing protected asset access decision data so that the access decision data may be analyzed to determine the logic as to the protected asset access decision.
  - 18. The reputation modification and decision making system as defined in claim 17 further comprising a protected asset access decision data assessor for assessing protected asset access decision data to determine the logic as to the protected asset access decision.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hom, Richard V., Roxin, David C.

Granted Patent

US 8,931,048 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/2
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/604   Tools and structures for ma...

G06F 21/6218   to a system of files or obj...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/102   Entity profiles

H04L 67/1057   involving pre-assessment of...

DATA SYSTEM FORENSICS SYSTEM AND METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

DATA SYSTEM FORENSICS SYSTEM AND METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links