US2011289569A1PendingUtilityA1

Method and system for implementing and managing an enterprise identity management for distributed security

57
Assignee: BARRETT MICHAEL RICHARDPriority: Dec 31, 2002Filed: Aug 3, 2011Published: Nov 24, 2011
Est. expiryDec 31, 2022(expired)· nominal 20-yr term from priority
G06Q 40/00G06F 21/34Y10S707/99931
57
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

An Enterprise Identity Management system includes a registration component, an ownership component, and an audit component. The registration component is configured to associate a user ID with specific accounts that are accessible via a computer system. The ownership component is configured to verify the ownership of the accounts. The audit component is configured to perform periodic checks to ensure the validity of the association between the user ID and the ownership of the accounts.

Claims

exact text as granted — not AI-modified
1 . An audit system comprising:
 a processor for auditing;   a memory;   a network interface communicating with said memory;   said memory communicating with said processor; and   said processor, when executing a computer program, performs operations comprising:   aggregating, by said processor, positive weights and negative weights to determine a usage history of said user, wherein said positive weights relate to successful transactions and said negative weights relate to unsuccessful transactions;   removing, by said processor, a relationship between an identity and an account in response to said aggregation failing to meet a predetermined criteria;   issuing, by said processor, said identity to said user in response to at least a portion of said authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account; and   monitoring, by said processor, changes in a relationship between said user and said identity of an account over a period of time to periodically perform an automatic adjustment of said authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user.   
     
     
         2 . The audit system of  claim 1 , further comprising confirming ownership of said account. 
     
     
         3 . The audit system of  claim 1 , further comprising confirming ownership of said account by analyzing ownership data and generating said authentication questions to be asked of said user to verify said identity actually belongs to said user. 
     
     
         4 . The audit system of  claim 1 , further comprising determining said authentication rules associated with said account. 
     
     
         5 . The audit system of  claim 1 , wherein said successful transaction is based on security requirements of said account and risk factors relating to various transaction types associated with said account. 
     
     
         6 . The audit system of  claim 1 , wherein said positive weight is for a similar transaction by said user, wherein said similar transaction is based on comparing said current transaction to previous transactions performed by said user. 
     
     
         7 . The audit system of  claim 1 , further comprising issuing said identity to said user in response to at least a portion of said authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account. 
     
     
         8 . The audit system of  claim 1 , further comprising monitoring, by said processor, aggregated behaviors, wherein said aggregated behaviors are used to weight transactions to further verify ownership of said account. 
     
     
         9 . The audit system of  claim 1 , further comprising determining authentication rules associated with said account, wherein authentication questions to be asked of a user are based upon said authentication rules. 
     
     
         10 . The audit system of  claim 1 , further comprising receiving a request for an identity associated with said account. 
     
     
         11 . A method comprising:
 aggregating, by a computer-based system for auditing, positive weights and negative weights to determine a usage history of said user, wherein said positive weights relate to successful transactions and said negative weights relate to unsuccessful transactions;   removing, by said computer-based system, a relationship between an identity and an account in response to said aggregation failing to meet a predetermined criteria;   issuing, by said computer-based system, said identity to said user in response to at least a portion of said authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account; and   monitoring, by said computer-based system, changes in a relationship between said user and said identity of an account over a period of time to periodically perform an automatic adjustment of said authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user.   
     
     
         12 . The method of  claim 11 , further comprising confirming ownership of said account. 
     
     
         13 . The method of  claim 11 , further comprising confirming ownership of said account by analyzing ownership data and generating said authentication questions to be asked of said user to verify said identity actually belongs to said user. 
     
     
         14 . The method of  claim 11 , wherein said successful transaction is based on security requirements of said account and risk factors relating to various transaction types associated with said account. 
     
     
         15 . The method of  claim 11 , wherein said positive weight is for a similar transaction by said user, wherein said similar transaction is based on comparing said current transaction to previous transactions performed by said user. 
     
     
         16 . The method of  claim 11 , further comprising issuing said identity to said user in response to at least a portion of said authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account. 
     
     
         17 . The method of  claim 11 , further comprising monitoring, by said processor, aggregated behaviors, wherein said aggregated behaviors are used to weight transactions to further verify ownership of said account. 
     
     
         18 . The method of  claim 11 , further comprising determining authentication rules associated with said account, wherein authentication questions to be asked of a user are based upon said authentication rules. 
     
     
         19 . The method of  claim 11 , further comprising receiving a request for an identity associated with said account. 
     
     
         20 . An article of manufacture including a non-transitory, tangible computer readable medium having instructions stored thereon that, in response to execution by a computer-based system for auditing, cause said computer-based system to perform operations comprising:
 aggregating, by said computer-based system, positive weights and negative weights to determine a usage history of said user, wherein said positive weights relate to successful transactions and said negative weights relate to unsuccessful transactions;   removing, by said computer-based system, a relationship between an identity and an account in response to said aggregation failing to meet a predetermined criteria;   issuing, by said computer-based system, said identity to said user in response to at least a portion of said authentication questions being correctly answered, wherein said authentication questions to be asked are based upon said authentication rules associated with said account; and   monitoring, by said computer-based system, changes in a relationship between said user and said identity of an account over a period of time to periodically perform an automatic adjustment of said authentication questions in response to a deterioration of said relationship, wherein said deterioration of said relationship is based upon activity of said user.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.