MACHINE LEARNING SYSTEM FOR COMPUTING ASSET ACCESS

US 20190012441A1
Filed: 07/06/2017
Published: 01/10/2019
Est. Priority Date: 07/06/2017
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

accessing access data for each user of a plurality of users, the access data for a respective user indicating an access history by the respective user to one or more of a plurality of available computing assets;

analyzing, by a machine learning algorithm executing on one or more hardware processors, the access data of each user to generate at least one characteristic associated with the access data of each user;

receiving an indication of a current access attempt of one of the available computing assets using an identity of a first user of the plurality of users;

comparing at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user; and

selecting one of a plurality of authentication processes for presentation to the first user for the current access attempt based on the comparing of the at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In various example embodiments, a method for controlling computing asset access using machine learning is presented. In an example embodiment, access data for each user of a plurality of users are accessed, wherein the access data for a user indicate an access history by that user to one or more available assets. Using a machine learning algorithm, the access data of each user are analyzed to generate a characteristic associated with the access data of each user. An indication of a current access attempt of one of the assets is received using an identity of a first user. A characteristic associated with the current access attempt is compared to the characteristic associated with the access data of the first user. Based on the comparison, an authentication process is selected for presentation to the first user for the current access attempt.

Citations

20 Claims

1. A method comprising:
- accessing access data for each user of a plurality of users, the access data for a respective user indicating an access history by the respective user to one or more of a plurality of available computing assets;
  
  analyzing, by a machine learning algorithm executing on one or more hardware processors, the access data of each user to generate at least one characteristic associated with the access data of each user;
  
  receiving an indication of a current access attempt of one of the available computing assets using an identity of a first user of the plurality of users;
  
  comparing at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user; and
  
  selecting one of a plurality of authentication processes for presentation to the first user for the current access attempt based on the comparing of the at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the selecting of the one of the plurality of authentication processes is further based on a requested privilege level associated with the current access attempt.
  - 3. The method of claim 1, further comprising:
    - accessing identification data for each user, the identification data for a respective user describing an operational role assigned to the respective user within an organization, wherein the analyzing of the access data of each user is based on the operational role assigned to the respective user.
  - 4. The method of claim 1, wherein the analyzing of the access data of each user comprises identifying similarities between the access data of the first user and the access data of a second user of the plurality of users to generate the at least one characteristic associated with the access data of the first user.
  - 5. The method of claim 4, wherein:
    - the access data of the first user comprises a first network graph;
      
      the access data of the second user comprises a second network graph; and
      
      the method further comprises generating a correlation metric relating the first network graph to the second network graph, wherein the identifying of similarities between the access data of the first user and the access data of the second user is based on the correlation metric.
  - 6. The method of claim 1, wherein the selecting of the one of the plurality of authentication processes is further based on a security level associated with the one of the available computing assets.
  - 7. The method of claim 1, wherein the selecting of the one of the plurality of authentication processes is based on the at least one characteristic associated with the current access attempt being anomalous to the at least one characteristic associated with the access data of the first user.
  - 8. The method of claim 7, wherein the selected one of the plurality of authentication processes comprises a multi-factor authentication process.
  - 9. The method of claim 1, wherein the at least one characteristic comprises at least one of an identity of a source device of the current access attempt, a location of the source device of the current access attempt, and a time of day at which the current access attempt is made.
  - 10. The method of claim 1, further comprising:
    - generating, based on the at least one characteristic associated with the access data of the first user, a corresponding risk rating for the first user; and
      
      causing presentation, via a user account registered to the first user, the corresponding risk rating.
  - 11. The method of claim 10, further comprising:
    - causing presentation of at least one recommendation for altering access of the first user to one of the plurality of available computing assets to reduce the risk rating.
  - 12. The method of claim 11, wherein the altering of the access of the first user to the one of the plurality of available computing assets comprises lowering a privilege level of access of the first user to the one of the plurality of available computing assets.
  - 13. The method of claim 1, further comprising:
    - generating an alert signal based on the comparing of the at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user indicating that the current access attempt is not originated by the first user; and
      
      transmitting the alert signal to a user account registered to the first user.
  - 14. The method of claim 1, further comprising:
    - receiving a request from a user device of the first user to temporarily increase a privilege level of access for the first user to one of the plurality of available computing assets; and
      
      granting the request based on the at least one characteristic associated with the access data of the first user.
  - 15. The method of claim 1, further comprising:
    - receiving a request from the first user for information regarding an inoperative computing asset;
      
      determining an identity of the inoperative computing asset based on the at least one characteristic associated with the access data of the first user;
      
      retrieving operational status information of the inoperative computing asset; and
      
      providing a response to the request based on the retrieved operational status information.
  - 16. The method of claim 15, wherein the analyzing of the access data of each user comprises identifying similarities between the access data of the first user and the access data of a second user of the plurality of users to generate the at least one characteristic associated with the access data of the first user, and wherein the method further comprises:
    - determining whether to provide a notification of the operational status information to the second user based on the identified similarities between the access data of the first user and the access data of the second user; and
      
      transmitting the notification of the operational status information to a user account registered to the second user based on a determination that the notification is to be provided to the second user.
  - 17. The method of claim 1, further comprising:
    - receiving an adverse operational status of one of the plurality of available computing assets;
      
      determining whether to provide a notification of the adverse operational status to the first user based on the at least one characteristic associated with the access data of the first user; and
      
      transmitting the notification of the adverse operational status to a user account registered to the first user based on a determination that the notification is to be provided to the first user.

18. A system comprising:
- one or more hardware processors; and
  
  a memory storing instructions that, when executed by at least one of the one or more hardware processors, cause the system to perform operations comprising;
  
  accessing access data for each user of a plurality of users, the access data for a respective user indicating an access history by the respective user to one or more of a plurality of available computing assets;
  
  analyzing, by a machine learning algorithm, the access data of each user to generate at least one characteristic associated with the access data of each user;
  
  receiving an indication of a current access attempt of one of the available computing assets using an identity of a first user of the plurality of users;
  
  comparing at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user; and
  
  selecting one of a plurality of authentication processes for presentation to the first user for the current access attempt based on the comparing of the at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user.
- View Dependent Claims (19)
- - 19. The system of claim 18, wherein the analyzing of the access data of each user comprises identifying similarities between the access data of the first user and the access data of a second user of the plurality of users to generate the at least one characteristic associated with the access data of the first user.

20. A non-transitory computer-readable storage medium storing instructions that, when executed by at least one hardware processor of a machine, cause the machine to perform operations comprising:
- accessing access data for each user of a plurality of users, the access data for a respective user indicating an access history by the respective user to one or more of a plurality of available computing assets;
  
  analyzing, by a machine learning algorithm, the access data of each user to generate at least one characteristic associated with the access data of each user;
  
  receiving an indication of a current access attempt of one of the available computing assets using an identity of a first user of the plurality of users;
  
  comparing at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user; and
  
  selecting one of a plurality of authentication processes for presentation to the first user for the current access attempt based on the comparing of the at least one characteristic associated with the current access attempt to the at least one characteristic associated with the access data of the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
eBay Inc.
Original Assignee
eBay Inc.
Inventors
Tuli, Vikram, Morales, Daniel

Granted Patent

US 10,606,990 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2141   Access rights, e.g. capabil...

G06N 3/02   Neural networks

G06N 3/08   Learning methods

G06N 5/022   Knowledge engineering; Know...

MACHINE LEARNING SYSTEM FOR COMPUTING ASSET ACCESS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MACHINE LEARNING SYSTEM FOR COMPUTING ASSET ACCESS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links