Method and system for implementing and managing an enterprise identity management for distributed security in a computer system
First Claim
1. A system comprising:
- a processor for facilitating management of user identities;
a non-transitory memory communicating with the processor,the non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
facilitating monitoring, by the processor, an account and an identity to verify an integrity of a relationship;
determining, by the processor, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account;
assigning, by the processor, a positive weight for a successful transaction by the identity associated with the account;
assigning, by the processor, a negative weight for an unsuccessful transaction by the identity associated with the account;
assigning, by the processor, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account;
aggregating, by the processor, the positive and negative weights to determine usage history of the identity of the user;
determining, by the processor, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive and negative weights to a probability score;
facilitating, by the processor, periodic confirmation of ownership information from the user;
facilitating maintaining and modifying, by the processor and based on the aggregated positive and negative weights, information relating to the identity; and
allowing or denying, by the processor and using the likelihood, along with a hierarchal scheme of registration, access to the user of different systems associated with the account.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and system for facilitating the management of user identities includes an ownership component, a registration component, and a servicing component. When a user first desires to access a system using the present invention, the registration component verifies the user'"'"'s ownership of the underlying account by asking a variety of questions. Thereafter, when a user desires to service his account, the user may be re-queried to determine if he is attempting to access the correct information. An authentication and access component provides the functionality to access a system of the present invention. An audit component can be configured to periodically monitor the various accounts to ensure a continued linking between users and accounts.
40 Citations
22 Claims
-
1. A system comprising:
-
a processor for facilitating management of user identities; a non-transitory memory communicating with the processor, the non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising; facilitating monitoring, by the processor, an account and an identity to verify an integrity of a relationship; determining, by the processor, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account; assigning, by the processor, a positive weight for a successful transaction by the identity associated with the account; assigning, by the processor, a negative weight for an unsuccessful transaction by the identity associated with the account; assigning, by the processor, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account; aggregating, by the processor, the positive and negative weights to determine usage history of the identity of the user; determining, by the processor, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive and negative weights to a probability score; facilitating, by the processor, periodic confirmation of ownership information from the user; facilitating maintaining and modifying, by the processor and based on the aggregated positive and negative weights, information relating to the identity; and allowing or denying, by the processor and using the likelihood, along with a hierarchal scheme of registration, access to the user of different systems associated with the account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for facilitating management of user identities, the method comprising:
-
facilitating monitoring, by a computer-based system for the facilitating management of the user identities, an account and an identity to verify an integrity of a relationship between a user and the identity; determining, by the computer based system, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account; assigning, by the computer-based system, a positive weight for a successful transaction by the identity associated with the account; assigning, by the computer-based system, a negative weight for an unsuccessful transaction by the identity associated with the account; assigning, by the computer-based system, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account; aggregating, by the computer-based system, the positive weights and negative weights to determine usage history of the identity of the user; determining, by the computer-based system, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive weights and negative weights to a probability score; facilitating, by the computer-based system, periodic confirmation of ownership information from the user; maintaining and modifying, by the computer-based system and based on the aggregated positive weights and negative weights, information relating to the identity; and allowing or denying, by the computer-based system and using the likelihood along with a hierarchal scheme of registration, access to the user of different systems associated with the account. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions, when executed by a computer-based system for facilitating management of user identities, perform operations comprising:
-
facilitating monitoring, by the computer-based system, an account and an identity to verify an integrity of a relationship between a user and the identity; determining, by the computer-based system, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account; assigning, by the computer-based system, a positive weight for a successful transaction by the identity associated with the account; assigning, by the computer-based system, a negative weight for an unsuccessful transaction by the identity associated with the account; assigning, by the computer-based system, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account; aggregating, by the computer-based system, the positive weights and negative weights to determine usage history of the identity of the user; determining, by the computer-based system, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive weights and negative weights to a probability score; facilitating, by the computer-based system, periodic confirmation of ownership information from the user; maintaining and modifying, by the computer-based system and based on the aggregated positive weights and negative weights, information relating to the identity; and allowing or denying, by the computer-based system and using the likelihood along with a hierarchal scheme of registration, access to the user of different systems associated with the account.
-
Specification