We will be performing system updates on Sunday, July 21st, from 9-noon ET. You may experience brief service interruptions during that time.
Browse Prior Art Database

User Behavior Profiling Using Policy Decisions

IP.com Disclosure Number: IPCOM000253746D
Publication Date: 2018-Apr-30
Document File: 3 page(s) / 498K

Publishing Venue

The IP.com Prior Art Database

Related People

Kelley, James Slik, David Shah, Peter


Disclosed is a method to detect when malicious users attempt to disrupt a system. The method uses the normal audit logs produced by the policy decision point (PDP) in a XACML architecture to produce a uniform, system-independent log of user data accesses to build a model of typical user behavior. When a model of typical behavior is in place, organizations can more readily detect aberrant behavior.