Access violation mitigation system
First Claim
1. One or more non-transitory computer-readable media storing computer-executable instructions which, when executed by a processor on a computer system, perform a method for enhancing computer security, the method comprising:
- storing in a database a first group of users associated with a first user group and a second group of users associated with a second user group;
storing in the database a first security group, a second security group, a first plurality of permissions associated with the first security group and a second plurality of permissions associated with the second security group, wherein the first plurality of permissions include authorized access to a physical layer of a first server and the second plurality of permissions include authorized access to an application layer of a second server;
storing in the database a first set of data associating the first group of users with the first security group and a second set or data associating the second group of users with the second security group;
storing in the database a first set of traversing rules associated with the first security group and a second set of traversing rules associated with the second security group, each of the sets of traversing rules including a plurality of user commands;
continuously comparing commands executed by each of the users included in the first group of users to the first set of traversing rules, and continuously comparing commands executed by each of the users included in the second group of users to the second set of traversing rules;
generating an electronic notification in response to identifying a command executed by a first user included in the first group of users that is not included in the first set of traversing rules; and
if a response to the notification is not received within a predetermined length of time, automatically suspending the first user'"'"'s access to the physical layer of the first server.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods for enhancing system security are provided. The apparatus may include an article of manufacture comprising a computer usable medium having computer readable program code embodied therein for receiving a request from a user to access a system, the request including user-identifying information. The apparatus may also include computer readable program code for accessing a database and identifying one or more user groups associated with at least a portion of the user-identifying data in the database. The apparatus may further include computer readable program code for identifying one or more security groups associated with each of the one or more user groups. The apparatus may additionally include computer readable program code for retrieving access permissions associated with each of the identified one or more security groups. The apparatus may also include computer readable program code for granting the user access to the system.
-
Citations
9 Claims
-
1. One or more non-transitory computer-readable media storing computer-executable instructions which, when executed by a processor on a computer system, perform a method for enhancing computer security, the method comprising:
-
storing in a database a first group of users associated with a first user group and a second group of users associated with a second user group; storing in the database a first security group, a second security group, a first plurality of permissions associated with the first security group and a second plurality of permissions associated with the second security group, wherein the first plurality of permissions include authorized access to a physical layer of a first server and the second plurality of permissions include authorized access to an application layer of a second server; storing in the database a first set of data associating the first group of users with the first security group and a second set or data associating the second group of users with the second security group; storing in the database a first set of traversing rules associated with the first security group and a second set of traversing rules associated with the second security group, each of the sets of traversing rules including a plurality of user commands; continuously comparing commands executed by each of the users included in the first group of users to the first set of traversing rules, and continuously comparing commands executed by each of the users included in the second group of users to the second set of traversing rules; generating an electronic notification in response to identifying a command executed by a first user included in the first group of users that is not included in the first set of traversing rules; and if a response to the notification is not received within a predetermined length of time, automatically suspending the first user'"'"'s access to the physical layer of the first server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification