Freely subscribe to our NEWSLETTER

Today’s IT and data environments are rapidly changing. So, too, are the security requirements, such as the constantly changing need to respond to ever more sophisticated cyber attacks. The industry lacks authorization controls that respond to cyber threats, events, or other changes in the IT environment.

Authorization controls are the processes by which individuals or entities are validated to have proper security authentication (i.e., identity verification) and access control (permissions and privileges) to execute some action (e.g., access, view, move, write, delete, configure, etc.) against some resource (e.g., a building, bank account, applications, data, IT resources, operation centers, etc.). Existing techniques are typically two-dimensional in nature, providing control over functional permissions and the domain, or scope, of those permissions.
It is common for IT administrators to have many roles and to move frequently between different teams, some of which are transient, and some of which could partially or completely overlap or even conflict. In addition, roles may change in different operational environments (e.g., in different clouds, data centers, projects, stages of a project, etc.). For example, a systems administrator could also be assigned to a data center migration team, a disaster recovery test team, an audit team, or other project roles. The required authentication controls will likely be different for each of those various roles. Existing approaches are typically static and simply maintain the same authorization for the administrator no matter what role or project team they might be working on. This practice could result in inappropriate access, thereby increasing business risk.

Furthermore, in most current environments, authentication roles and associated permissions are often left in place for long periods of time, sometimes years, without further validation or adjustment. As job responsibilities, projects, applications, architectures, and business needs change, these stale roles and permission assignments often lead to security exposures.
This patent introduces approaches that provide more dynamic control of authentication privileges based on changing user roles, current security conditions, and historical analysis of past operational outcomes of authentication levels. The technology qualifies for a patent because it uses analytics and machine learning to make these dynamic adjustments. When fully implemented, the patented techniques will make it possible for Compass to:
• Inform analytics with historical data on security events, authentication levels for members of various teams, operational outcomes of those member authentication levels, evolving team member roles, and other data.
• Apply machine learning analytics to determine optimal adjustments to team and member authentication levels during security events.
• Monitor for various conditions and events, including a change in team member roles, a change in the locality of data or other resources, or indications of a cyber security event.
• Dynamically modify user authorization control, level, or duration based on the condition or event and the machine learning analysis.
• Leverage a cloud security profile in the determination of any user authorization modifications.

For example, if a user is acting in a different role on a different team, Compass may automatically adjust authorization control to the IT resources associated with the new role and team. In another example, analysis of operational outcomes of authentication controls during previous cyber security events might indicate a need to adjust authentication levels automatically during future security events to optimize business processes and reduce risk.