Vertically integrated access control system for identifying and remediating flagged combinations of capabilities resulting from user entitlements to computing resources

Assignee

• Bank of America Corporation · US

Inventors

• John Howard Kling · Bellevue, US
• Brandon Sloane · Town and Country, US
• Regina Yee Cadavid · San Gabriel, US
• Rachel Yun Kim Bierner · Los Angeles, US
• Ronald James Kuhlmeier · Simi Valley, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2141
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.