Reconciliation of access rights in a computing system
First Claim
Patent Images
1. A system for reconciling access rights of a computing system comprising:
- at least one processor; and
memory storing instructions that, when executed by the at least one processor, cause the system toobtain access right information respectively corresponding to one or more access rights of the computing system;
perform one or more reconciliation tasks using the access right information; and
generate a reconciliation report during performance of one of the one or more reconciliation tasks;
wherein the reconciliation report indicates that one or more of the one or more access rights should either be provisioned or revoked at the computing system; and
wherein the one or more reconciliation tasks include a first reconciliation task associated with instructions stored at the memory that, when executed by the at least one processor, cause the system to;
obtain a first access rights history that identifies a set of historical access rights associated with a user,obtain an access right revocation list that identifies a set of fulfilled access revocation requests associated with the user, andgenerate the reconciliation report based on a comparison between at least one of the historical access rights of the set of historical access rights and at least one of the fulfilled access revocation requests of the set of fulfilled access revocation requests.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provide for reconciling access rights of a computing system are described. Access right information that respectively corresponds to access rights of a computing system may be obtained and evaluated. Reconciliation tasks may be performed using the access right information, and a reconciliation report may be generated during performance of at least one of the reconciliation tasks. The reconciliation report may indicate that one or more of the access rights should either be provisioned or revoked at the computing system.
-
Citations
18 Claims
-
1. A system for reconciling access rights of a computing system comprising:
-
at least one processor; and memory storing instructions that, when executed by the at least one processor, cause the system to obtain access right information respectively corresponding to one or more access rights of the computing system; perform one or more reconciliation tasks using the access right information; and generate a reconciliation report during performance of one of the one or more reconciliation tasks; wherein the reconciliation report indicates that one or more of the one or more access rights should either be provisioned or revoked at the computing system; and wherein the one or more reconciliation tasks include a first reconciliation task associated with instructions stored at the memory that, when executed by the at least one processor, cause the system to; obtain a first access rights history that identifies a set of historical access rights associated with a user, obtain an access right revocation list that identifies a set of fulfilled access revocation requests associated with the user, and generate the reconciliation report based on a comparison between at least one of the historical access rights of the set of historical access rights and at least one of the fulfilled access revocation requests of the set of fulfilled access revocation requests. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method of reconciling access rights of a computing system comprising:
-
obtaining, by a computing device, access right information respectively corresponding to one or more access rights of a computing system; performing, by the computing device, one or more reconciliation tasks using the access right information; and generating, by the computing device, a reconciliation report during performance of one of the one or more reconciliation tasks wherein the reconciliation report indicates that one or more of the one or more access rights should either be provisioned or revoked at the computing system; wherein the one or more reconciliation tasks include a first reconciliation task that comprises; obtaining, by the computing device, a first access rights history that identifies a set of historical access rights associated with a user; obtaining, by the computing device, an access right revocation list that identifies a set of fulfilled access revocation requests associated with the user; comparing, by the computing device, at least one of the historical access rights of the set of historical access rights to at least one of the fulfilled access revocation requests of the set of fulfilled access revocation requests; and identifying, by the computing device, one of the historical access rights of the set of historical access rights as either a successfully revoked access right or an unsuccessfully revoked access right in the reconciliation report based on whether that historical access right corresponds to one of the fulfilled access revocation requests of the set of fulfilled access revocation requests. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. Non-transitory computer-readable media having instructions, that when executed by a processor of a computing device, cause the computing device to:
-
obtain access right information respectively corresponding to one or more access rights of a computing system; perform one or more reconciliation tasks using the access right information; and generate a reconciliation report during performance of one of the one or more reconciliation tasks wherein the reconciliation report indicates that one or more of the one or more access rights should either be provisioned or revoked at the computing system; wherein the one or more reconciliation tasks include a first reconciliation task that comprises; obtaining a first access rights history that identifies a set of historical access rights associated with a user, obtaining an access right revocation list that identifies a set of fulfilled access revocation requests associated with the user, and generating the reconciliation report based on a comparison between at least one of the historical access rights of the set of historical access rights and at least one of the fulfilled access revocation requests of the set of fulfilled access revocation requests. - View Dependent Claims (17, 18)
-
Specification