Access permissions entitlement review
First Claim
Patent Images
1. A system for operating an enterprise computer network including multiple network objects, said system comprising:
- at least one monitoring and collection module for obtaining continuously updated information regarding at least one of access permissions and actual usage of said network objects;
background data characterization functionality operable for characterizing network objects of interest at least by at least one content characteristic thereof;
near real time data matching functionality operable for selecting the data of interest by considering only data elements which have said at least one content characteristic thereof from among said multiple network objects; and
at least one entitlement review by owner module operative;
to present to at least one of at least one owner and at least one authorizer of at least one said selected network object a visually sensible indication of authorization status, said visually sensible indication of authorization status including at least a list of users and user groups having access permissions to said at least one said selected network object, said at least one authorizer being delegated responsibility with respect to said at least one said selected network object by said at least one owner;
to require said at least one of said at least one owner and said at least one authorizer to review said authorization status;
responsive to said review, to allow said at least one of said at least one owner and said at least one authorizer to modify said authorization status;
responsive to said at least one of said at least one owner and said at least one authorizer not modifying said authorization status, to require said at least one of said at least one owner and said at least one authorizer to confirm said authorization status; and
responsive to said at least one of said at least one owner and said at least one authorizer modifying said authorization status, to require said at least one of said at least one owner and said at least one authorizer to confirm said modified authorization status.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for operating an enterprise computer network including multiple network objects, said system comprising monitoring and collection functionality for obtaining continuously updated information regarding at least one of access permissions and actual usage of said network objects, and entitlement review by owner functionality operative to present to at least one owner of at least one network object a visually sensible indication of authorization status including a specific indication of users which were not yet authorized by said at least one owner of said at least one network object.
64 Citations
10 Claims
-
1. A system for operating an enterprise computer network including multiple network objects, said system comprising:
-
at least one monitoring and collection module for obtaining continuously updated information regarding at least one of access permissions and actual usage of said network objects; background data characterization functionality operable for characterizing network objects of interest at least by at least one content characteristic thereof; near real time data matching functionality operable for selecting the data of interest by considering only data elements which have said at least one content characteristic thereof from among said multiple network objects; and at least one entitlement review by owner module operative; to present to at least one of at least one owner and at least one authorizer of at least one said selected network object a visually sensible indication of authorization status, said visually sensible indication of authorization status including at least a list of users and user groups having access permissions to said at least one said selected network object, said at least one authorizer being delegated responsibility with respect to said at least one said selected network object by said at least one owner; to require said at least one of said at least one owner and said at least one authorizer to review said authorization status; responsive to said review, to allow said at least one of said at least one owner and said at least one authorizer to modify said authorization status; responsive to said at least one of said at least one owner and said at least one authorizer not modifying said authorization status, to require said at least one of said at least one owner and said at least one authorizer to confirm said authorization status; and responsive to said at least one of said at least one owner and said at least one authorizer modifying said authorization status, to require said at least one of said at least one owner and said at least one authorizer to confirm said modified authorization status. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeVaronis Systems, Inc.
-
Original AssigneeVaronis Systems, Inc.
-
InventorsFaitelson, Yakov, Korkus, Ohad, Kretzer-Katzir, Ophir, Bass, David
-
Primary Examiner(s)Zand, Kambiz
-
Assistant Examiner(s)WYSZYNSKI, AUBREY H
-
Application NumberUS15/486,782Publication NumberTime in Patent Office327 DaysField of Search726 4US Class CurrentCPC Class CodesG06F 21/604 Tools and structures for ma...G06F 2221/2141 Access rights, e.g. capabil...G06Q 10/10 Office automation; Time man...H04L 63/101 Access control lists [ACL]H04L 63/104 Grouping of entitiesH04L 63/105 Multiple levels of securityH04L 63/20 for managing network securi...
