Data Security and Risk Ranking Tool

US 20180144138A1
Filed: 11/21/2016
Published: 05/24/2018
Est. Priority Date: 11/21/2016
Status: Active Grant

First Claim

Patent Images

1. A risk ranking tool, comprising:

a retrieval engine configured to access graph data from a graph database;

a data risk engine configured to;

determine a plurality of defined data risk scores from the graph data; and

calculate, using the plurality of defined data risk scores and a plurality of nodes and edges from the graph data, a plurality of calculated data risk scores that each indicate an amount of data risk for a respective one of the nodes;

an operational risk engine configured to;

determine a plurality of defined operational risk scores from the graph data; and

calculate, using the plurality of defined operational risk scores and the plurality of nodes and edges from the graph data, a plurality of calculated operational risk scores that each indicate an amount of operational risk for a respective one of the nodes;

a data security engine configured to;

access the calculated data risk scores and the operational risk scores;

determine whether any of the calculated data or operational risk scores equal or exceed a predefined score, and in response;

send an alert that indicates which calculated risk score exceeds the predefined score; and

initiate a security action related to the calculated risk score that exceeds the predefined score.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A risk ranking tool includes a retrieval engine, a data risk engine, an operational risk engine, and a data security engine. The data risk engine calculates, using graph data, a plurality of calculated data risk scores that each indicate an amount of data risk for nodes of the graph data. The operational risk engine calculates, using the graph data, a plurality of calculated operational risk scores that each indicate an amount of operational risk for nodes of the graph data. The data security engine determines whether any of the calculated data or operational risk scores equal or exceed a predefined score, and in response, initiates a security action related to the calculated risk score that exceeds the predefined score.

21 Citations

20 Claims

1. A risk ranking tool, comprising:
- a retrieval engine configured to access graph data from a graph database;
  
  a data risk engine configured to;
  
  determine a plurality of defined data risk scores from the graph data; and
  
  calculate, using the plurality of defined data risk scores and a plurality of nodes and edges from the graph data, a plurality of calculated data risk scores that each indicate an amount of data risk for a respective one of the nodes;
  
  an operational risk engine configured to;
  
  determine a plurality of defined operational risk scores from the graph data; and
  
  calculate, using the plurality of defined operational risk scores and the plurality of nodes and edges from the graph data, a plurality of calculated operational risk scores that each indicate an amount of operational risk for a respective one of the nodes;
  
  a data security engine configured to;
  
  access the calculated data risk scores and the operational risk scores;
  
  determine whether any of the calculated data or operational risk scores equal or exceed a predefined score, and in response;
  
  send an alert that indicates which calculated risk score exceeds the predefined score; and
  
  initiate a security action related to the calculated risk score that exceeds the predefined score.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The risk ranking tool of claim 1, wherein the security action comprises one or more of:
    - moving one or more computing systems to a different network;
      
      installing security software on one or more computing systems;
      
      moving data from one computing system to another computing system to reduce a particular data risk score;
      
      configuring one or more computing systems for redundancy; and
      
      configuring a firewall.
  - 3. The risk ranking tool of claim 1, wherein the plurality of calculated data risk scores comprises:
    - a plurality of server data risk scores;
      
      a plurality of application data risk scores;
      
      a plurality of permission data risk scores;
      
      a plurality of user role data risk scores; and
      
      a plurality of person data risk scores.
  - 4. The risk ranking tool of claim 1, wherein the plurality of calculated operational risk scores comprises:
    - a plurality of server operational risk scores;
      
      a plurality of permission operational risk scores;
      
      a plurality of user role operational risk scores; and
      
      a plurality of person operational risk scores.
  - 5. The risk ranking tool of claim 1, wherein the plurality of nodes comprises:
    - a plurality of server nodes;
      
      a plurality of application nodes;
      
      a plurality of permission nodes;
      
      a plurality of user role nodes;
      
      a plurality of person nodes; and
      
      a plurality of data type nodes.
  - 6. The risk ranking tool of claim 1, wherein calculating the plurality of calculated data risk scores comprises:
    - determining nodes that have defined data risk scores; and
      
      propagating the defined data risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined data risk scores;
      
      wherein all defined data risk scored that are propagated to each particular node are added together to determine the calculated data risk score for that particular node.
  - 7. The risk ranking tool of claim 1, wherein calculating the plurality of calculated operational risk scores comprises:
    - determining nodes that have defined operational risk scores; and
      
      propagating the defined operational risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined operational risk scores;
      
      wherein all defined operational risk scores that are propagated to each particular node are added together to determine the calculated operational risk score for that particular node.

8. A method comprising:
- accessing graph data from a graph database;
  
  determining a plurality of defined data risk scores from the graph data;
  
  calculating, using the plurality of defined data risk scores and a plurality of nodes and edges from the graph data, a plurality of calculated data risk scores that each indicate an amount of data risk for a respective one of the nodes;
  
  determining a plurality of defined operational risk scores from the graph data;
  
  calculating, using the plurality of defined operational risk scores and the plurality of nodes and edges from the graph data, a plurality of calculated operational risk scores that each indicate an amount of operational risk for a respective one of the nodes;
  
  accessing the calculated data risk scores and the operational risk scores;
  
  determining whether any of the calculated data or operational risk scores equal or exceed a predefined score, and in response;
  
  sending an alert that indicates which calculated risk score exceeds the predefined score; and
  
  initiating a security action related to the calculated risk score that exceeds the predefined score.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the security action comprises one or more of:
    - moving one or more computing systems to a different network;
      
      installing security software on one or more computing systems;
      
      moving data from one computing system to another computing system to reduce a particular data risk score;
      
      configuring one or more computing systems for redundancy; and
      
      configuring a firewall.
  - 10. The method of claim 8, wherein the plurality of calculated data risk scores comprises:
    - a plurality of server data risk scores;
      
      a plurality of application data risk scores;
      
      a plurality of permission data risk scores;
      
      a plurality of user role data risk scores; and
      
      a plurality of person data risk scores.
  - 11. The method of claim 8, wherein the plurality of calculated operational risk scores comprises:
    - a plurality of server operational risk scores;
      
      a plurality of permission operational risk scores;
      
      a plurality of user role operational risk scores; and
      
      a plurality of person operational risk scores.
  - 12. The method of claim 8, wherein the plurality of nodes comprises:
    - a plurality of server nodes;
      
      a plurality of application nodes;
      
      a plurality of permission nodes;
      
      a plurality of user role nodes;
      
      a plurality of person nodes; and
      
      a plurality of data type nodes.
  - 13. The method of claim 8, wherein calculating the plurality of calculated data risk scores comprises:
    - determining nodes that have defined data risk scores; and
      
      propagating the defined data risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined data risk scores;
      
      wherein all defined data risk scores that are propagated to each particular node are added together to determine the calculated data risk score for that particular node.
  - 14. The method of claim 8, wherein calculating the plurality of calculated operational risk scores comprises:
    - determining nodes that have defined operational risk scores; and
      
      propagating the defined operational risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined operational risk scores;
      
      wherein all defined operational risk scores that are propagated to each particular node are added together to determine the calculated operational risk score for that particular node.

15. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
- access graph data from a graph database;
  
  determine a plurality of defined data risk scores from the graph data;
  
  calculate, using the plurality of defined data risk scores and a plurality of nodes and edges from the graph data, a plurality of calculated data risk scores that each indicate an amount of data risk for a respective one of the nodes;
  
  determine a plurality of defined operational risk scores from the graph data;
  
  calculate, using the plurality of defined operational risk scores and the plurality of nodes and edges from the graph data, a plurality of calculated operational risk scores that each indicate an amount of operational risk for a respective one of the nodes;
  
  access the calculated data risk scores and the operational risk scores;
  
  determine whether any of the calculated data or operational risk scores equal or exceed a predefined score, and in response;
  
  send an alert that indicates which calculated risk score exceeds the predefined score; and
  
  initiate a security action related to the calculated risk score that exceeds the predefined score.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The media of claim 15, wherein the security action comprises one or more of:
    - moving one or more computing systems to a different network;
      
      installing security software on one or more computing systems;
      
      moving data from one computing system to another computing system to reduce a particular data risk score;
      
      configuring one or more computing systems for redundancy; and
      
      configuring a firewall.
  - 17. The media of claim 15, wherein the plurality of calculated data risk scores comprises:
    - a plurality of server data risk scores;
      
      a plurality of application data risk scores;
      
      a plurality of permission data risk scores;
      
      a plurality of user role data risk scores; and
      
      a plurality of person data risk scores.
  - 18. The media of claim 15, wherein the plurality of calculated operational risk scores comprises:
    - a plurality of server operational risk scores;
      
      a plurality of permission operational risk scores;
      
      a plurality of user role operational risk scores; and
      
      a plurality of person operational risk scores.
  - 19. The media of claim 15, wherein the plurality of nodes comprises:
    - a plurality of server nodes;
      
      a plurality of application nodes;
      
      a plurality of permission nodes;
      
      a plurality of user role nodes;
      
      a plurality of person nodes; and
      
      a plurality of data type nodes.
  - 20. The media of claim 15, wherein:
    - calculating the plurality of calculated data risk scores comprises;
      
      determining nodes that have defined data risk scores; and
      
      propagating the defined data risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined data risk scores;
      
      calculating the plurality of calculated operational risk scores comprises;
      
      determining nodes that have defined operational risk scores; and
      
      propagating the defined operational risk scores from their respective nodes to each node that is directly or indirectly connected to the nodes that have defined operational risk scores; and
      
      all defined data risk scores that are propagated to each particular node are added together to determine the calculated data risk score for that particular node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Zhang, Zhidong

Granted Patent

US 10,318,741 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/1433 Vulnerability analysis

Data Security and Risk Ranking Tool

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data Security and Risk Ranking Tool

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links