System, method and computer program product for determining a risk score for an entity

US 9,619,652 B2
Filed: 11/01/2010
Issued: 04/11/2017
Est. Priority Date: 03/31/2010
Status: Active Grant

First Claim

Patent Images

1. A computer program product, comprising a non-transitory computer usable medium having a computer readable program code embodied therein, the computer readable program code being executable by a computer to perform operations, the operations comprising:

identifying by a system a plurality of parameters associated with an entity'"'"'s access to system data, where the plurality of parameters includes a data sharing rule assigned to the entity that enables the entity to create and grant specific system data access to another entity, the specific system data access including access to one or more elements of the system data;

determining by the system a selection of one of a plurality of algorithms, where each of the plurality of algorithms is used to determine a risk score for the entity in accordance with a plurality of predetermined categories of risk, wherein the plurality of predetermined categories of risk includes one or more of;

data loss by the system in association with the entity, data theft by the entity, or insider trading by the entity;

determining by the system a predetermined number of points assigned to each of the plurality of parameters according to the selected algorithm,determining by the system a plurality of weighted numbers respectively corresponding to the plurality of parameters, wherein determining a given one of the weighted numbers respectively corresponding to a given one of the parameters includes multiplying the predetermined number of points assigned to the given parameter by a weight associated with the given parameter by the selected algorithm,determining by the system the risk score for the entity by summing the weighted numbers respectively corresponding to the plurality of parameters;

identifying by the system that the entity is attempting to perform one or more actions within the system; and

preventing by the system the performance of the one or more actions when the system determines that the risk score for the entity is higher than a predetermined threshold.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with embodiments, there are provided mechanisms and methods for determining a risk score for an entity. These mechanisms and methods for determining a risk score for an entity can enable more effective monitoring of a system, can create more relevant data associated with the entity, etc.

Citations

17 Claims

1. A computer program product, comprising a non-transitory computer usable medium having a computer readable program code embodied therein, the computer readable program code being executable by a computer to perform operations, the operations comprising:
- identifying by a system a plurality of parameters associated with an entity'"'"'s access to system data, where the plurality of parameters includes a data sharing rule assigned to the entity that enables the entity to create and grant specific system data access to another entity, the specific system data access including access to one or more elements of the system data;
  
  determining by the system a selection of one of a plurality of algorithms, where each of the plurality of algorithms is used to determine a risk score for the entity in accordance with a plurality of predetermined categories of risk, wherein the plurality of predetermined categories of risk includes one or more of;
  
  data loss by the system in association with the entity, data theft by the entity, or insider trading by the entity;
  
  determining by the system a predetermined number of points assigned to each of the plurality of parameters according to the selected algorithm,determining by the system a plurality of weighted numbers respectively corresponding to the plurality of parameters, wherein determining a given one of the weighted numbers respectively corresponding to a given one of the parameters includes multiplying the predetermined number of points assigned to the given parameter by a weight associated with the given parameter by the selected algorithm,determining by the system the risk score for the entity by summing the weighted numbers respectively corresponding to the plurality of parameters;
  
  identifying by the system that the entity is attempting to perform one or more actions within the system; and
  
  preventing by the system the performance of the one or more actions when the system determines that the risk score for the entity is higher than a predetermined threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computer program product of claim 1, wherein the plurality of parameters include a location of the entity.
  - 3. The computer program product of claim 1, wherein the plurality of parameters include a history of actions taken by the entity within the system.
  - 4. The computer program product of claim 1, wherein the plurality of parameters include a login history of the entity.
  - 5. The computer program product of claim 1, wherein the plurality of parameters include a data access history of the entity.
  - 6. The computer program product of claim 1, wherein the computer program product is operable to further determine the risk score for the entity by comparing the plurality of parameters against one or more predetermined rules.
  - 7. The computer program product of claim 1, wherein the risk score for the entity indicates a risk that the entity will perform an action determined to be undesirable with respect to one or more elements of the system data.
  - 8. The computer program product of claim 1, wherein the computer program product is operable to provide the risk score for the entity to a client.
  - 9. The computer program product of claim 1, wherein the computer program product is operable to compare the risk score for the entity against another a different threshold than the predetermined threshold, and if the risk score of the entity is higher than the different threshold, the entity is monitored.
  - 10. The computer program product of claim 1, wherein the computer program product is operable to determine the risk score for the entity during multiple instances over a period of time, and to generate a report that illustrates changes in the risk score over the time period.
  - 11. The computer program product of claim 1, the operations further comprising determining the weight associated with the given parameter based at least in part upon whether the given parameter is determined to be associated with one or more undesirable actions.
  - 12. The computer program product of claim 1, wherein the plurality of predetermined categories of risk includes data theft and insider trading.
  - 13. The computer program product of claim 11, wherein the one or more undesirable actions are selected by a user.
  - 14. The computer program product of claim 1, wherein the system data includes an indication of one or more types of files within the system that the entity is allowed to access.
  - 15. The computer program product of claim 1, wherein the plurality of parameters include one or more permissions granted to the entity that expire after a predetermined amount of time or after a predetermined amount of access has been performed.

16. A method, comprising:
- identifying by a system a plurality of parameters associated with an entity'"'"'s access to system data, where the plurality of parameters includes a data sharing rule assigned to the entity that enables the entity to create and grant specific system data access to another entity, the specific system data access including access to one or more elements of the system data;
  
  determining by the system a selection of one of a plurality of algorithms, where each of the plurality of algorithms is used to determine a risk score for the entity in accordance with a plurality of predetermined categories of risk, wherein the plurality of predetermined categories of risk includes one or more of;
  
  data loss by the system in association with the entity, data theft by the entity, or insider trading by the entity;
  
  determining by the system a predetermined number of points assigned to each of the plurality of parameters according to the selected algorithm,determining by the system a plurality of weighted numbers respectively corresponding to the plurality of parameters, wherein determining a given one of the weight numbers respectively corresponding to a given one of the parameters includes multiplying the predetermined number of points assigned to the given parameter by a weight associated with the given parameter by the selected algorithm,determining by the system the risk score for the entity by summing the weighted numbers respectively corresponding to the plurality of parameters;
  
  identifying by the system that the entity is attempting to perform one or more actions within the system; and
  
  preventing by the system the performance of the one or more actions when the system determines that the risk score for the entity is higher than a predetermined threshold.

17. A system, comprising:
- a hardware processor; and
  
  a memory that stores instructions, wherein the instructions are executable by the hardware processor to perform operations comprising;
  
  identifying by the system a plurality of parameters associated with an entity'"'"'s access to system data, where the plurality of parameters includes a data sharing rule assigned to the entity that enables the entity to create and grant specific system data access to another entity, the specific system data access including access to one or more elements of the system data;
  
  determining by the system a selection of one of a plurality of algorithms, where each of the plurality of algorithms is used to determine a risk score for the entity in accordance with a plurality of predetermined categories of risk, wherein the plurality of predetermined categories of risk includes one or more of;
  
  data loss by the system in association with the entity, data theft by the entity, or insider trading by the entity;
  
  determining by the system a predetermined number of points assigned to each of the plurality of parameters according to the selected algorithm,determining by the system a plurality of weighted numbers respectively corresponding to the plurality of parameters, wherein determining a given one of the weighted numbers respectively corresponding to a given one of the parameters includes multiplying the predetermined number of points assigned to the given parameter by a weight associated with the given parameter by the selected algorithm,determining by the system the risk score for the entity by summing the weighted numbers respectively corresponding to the plurality of parameters;
  
  identifying by the system that the entity is attempting to perform one or more actions within the system; and
  
  preventing by the system the performance of the one or more actions when the system determines that the risk score for the entity is higher than a predetermined threshold.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Slater, Steve
Primary Examiner(s)
Joo, Joshua
Assistant Examiner(s)
Naji, Younes

Application Number

US12/917,400
Publication Number

US 20110247069A1
Time in Patent Office

2,353 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 21/62   Protecting access to data v...

G06Q 10/0635   Risk analysis of enterprise...

System, method and computer program product for determining a risk score for an entity

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for determining a risk score for an entity

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links