Access control governance using mapped vector spaces

Assignee

• FMR LLC · US

Inventors

• Sean Xiaolu Wang · Wilmington, US
• Paulina Li · Dalian, CN
• Han Zhou · Tangxia, CN
• Chad Renfro · Collinsville, US
• Daniel P. Shnowske · Waxahachie, US
• Sean Catlett · Dallas, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0236
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Methods and apparatuses are described for enterprise access control governance in a computerized information technology (IT) architecture. A server generates a first vector space, each node in the first space representing a user of resources in the IT architecture and including attributes of the user. The server generates a second vector space, each node in the second space representing an entitlement to access resources in the IT architecture and including attributes of the entitlement. The server creates an entitlement utility matrix by mapping nodes in the first space to nodes in the second space. The server determines a set of recommended entitlements for a plurality of users based upon the utility matrix. The server determines a discrepancy between the set of recommended entitlements for a first user and a set of existing entitlements for the first user and adjusts the set of existing entitlements based upon the discrepancy.