Browse Prior Art Database

Identity Governance Using Big Data Analytics

IP.com Disclosure Number: IPCOM000246420D
Publication Date: 2016-Jun-06
Document File: 2 page(s) / 146K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method to use machine learning to classify access patterns to different resources and assets within an organization. For each resource or asset, the approach uses both supervised and unsupervised learning techniques to classify both normal and anomalous behavior.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 2

Identity Governance Using Big Data Analytics

Identity and access governance solutions are available; however, none of the current solutions have feedback loops from big data analytics, including email analytics, to these identity and access governance solutions.

One example problem scenario is the use of big data analytics to identify high-risk users. High-risk users identified using big data analytics can include users who have been identified, based on email analytics, to have risky behavior (e.g., attempting to connect to uniform resource locators (URLs) in spam mail at a relatively high frequency). These users require approvers to perform additional manual checks or grant access for a limited amount of time and trigger recertification for these users at the end of the duration for which access was granted.

A method is needed to use big data analytics to improve the information provided to

decide whether to grant access requests, improve certification, segregate duties enforcement, and automate these tasks where possible. For example, employees are getting access to resources because managers are automatically granting requests for access. This is because there is no easy way for a manager to determine whether the employee should be granted access. Comparing the authorized employees to other employees in the department may be of limited value if managers automatically grant t access all users.

The novel solution uses machine learning to classify access patterns to different resources and assets within an organization. For each resource or asset, the approach uses both supervised and unsupervised learning techniques to classify both normal and anomalous behavior. The approach also uses this data to prioritize the quality and then rank the granted entitlements.

The next step is to input this information into identity and governance sol...