Patent application number | Description | Published |
20100083359 | TRUSTED DATABASE AUTHENTICATION THROUGH AN UNTRUSTED INTERMEDIARY - A method, system and computer-usable medium are disclosed for validating user credentials submitted to a data source by an untrusted intermediary. An untrusted intermediary attempts to access a data source on behalf of a user. The untrusted intermediary challenges the user to provide credentials of the type and format required to access the data provided by the data source. The user's trust client connects to an authentication service and identification credentials of the required type and format are generated. The identification credentials are conveyed to the user's trust client, which then provides them to the user's client, which in turn conveys them to the untrusted intermediary. The untrusted intermediary then presents the identification credentials to an authentication plug-in of the data source. The authentication plug-in validates the authenticity of the provided credentials with their associated authentication service. Once the credentials are successfully validated, the requested data is provided to the user's client by the untrusted intermediary. | 04-01-2010 |
20100174780 | INTEGRATING PARTICIPANT PROFILE INFORMATION INTO REAL-TIME COLLABORATIONS - An online collaboration system can access data in one or more skills repositories to search for participants with indicated skills and automatically display participants' skill information during online collaborations. Searching for participants by skill allows individuals most likely to add value to a discussion to be identified and invited to an online collaboration. Displaying skill information can facilitate focused interaction leading to a more productive online collaboration. | 07-08-2010 |
20100175115 | MANAGEMENT OF CREDENTIALS USED BY SOFTWARE APPLICATIONS - An identity management (“IdM”) system can change the credentials at certain intervals. If credentials change, there is no way for an application that uses the credentials to know that the credentials have changed because the application dependency relationships are unknown. When service account credentials change, credentials are typically manually updated for each dependent application. Some embodiments of the inventive subject matter allow IdM systems to track application dependencies for service accounts. The IdM systems can detect when service account credentials change and automatically notify dependent applications of the new service account credentials. | 07-08-2010 |
20100274586 | AUTOMATICALLY ASSESSING DRUG INTERACTIONS WHILE PROTECTING PATIENT PRIVACY - A drug interaction utility can retrieve the patient's current medications from a medication information card on the smart card by interacting with an identity selector on the provider's computer. The identity selector can transmit the current medications to the drug interaction utility without disclosing any information about the current medications to the provider and without disclosing any information identifying tile patient to the drug interaction utility. | 10-28-2010 |
20110276629 | Formation of Special Interest Groups - Special interest subgroups are formed by a group of participants by establishing a profile for each participant. The profile defines contribution attributes dealing with contributions the profiled participant might make to a subgroup and attribution attributes dealing with benefits the profile participant might receive from participating in the subgroup. For each possible pairing of participants in the group, an overall contribution score and an overall benefit score is calculated for each participant. A mutual benefit score is calculated by combining the benefit scores for both participants in the pair. Participants are assigned to subgroups as a function of participant contribution and mutual benefit scores. | 11-10-2011 |
20130046764 | Coordinating Problem Resolution in Complex Systems Using Disparate Information Sources - Mechanisms for correlating reported problem data from a plurality of sources of information are provided. A report of a problem in a computer system is received to thereby generate a reported problem in a problem management system. Data is collected from a plurality of sources of information in accordance with data collection rules. Content classification is performed on the collected data to classify the collected data into pre-determined classes of collected data in accordance with classification rules. Correlation of the classified data into sets of correlated data in accordance with correlation rules is performed. Each set of correlated data corresponds to a different reported problem in the problem management system. A representation of the reported problem in the problem management system is updated based on a set of correlated data corresponding to the reported problem and classifications of data within the set of correlated data. | 02-21-2013 |
20130055342 | Risk-based model for security policy management - A security policy management solution (such as a Data Loss Prevention (DLP) system) is augmented to enable a user to model and visualize how changes in a security policy may impact (positively or negatively) the effectiveness of a policy configuration as well as the risk associated with its deployment. This technique enables a user (e.g., a security policy administrator) to evolve enterprise information technology (IT) security policies and, in particular, to generate and display “what-if” scenarios by which the user can determine trade-offs between, on the one hand, the effectiveness of a proposed change to a policy, and on the other hand, the risk associated with the proposed change. | 02-28-2013 |
20130091068 | Formation of Special Interest Groups - Special interest subgroups are formed by a group of participants by establishing a profile for each participant. The profile defines contribution attributes dealing with contributions the profiled participant might make to a subgroup and attribution attributes dealing with benefits the profile participant might receive from participating in the subgroup. For each possible pairing of participants in the group, an overall contribution score and an overall benefit score is calculated for each participant. A mutual benefit score is calculated by combining the benefit scores for both participants in the pair. Participants are assigned to subgroups as a function of participant contribution and mutual benefit scores. | 04-11-2013 |
20130179938 | Security policy management using incident analysis - A security analytics system receives incident data (from an incident management system) and security policy information (from a security policy management system). The security analytics system evaluates these data sets against one another, preferably using a rules-based analysis engine. As a result, the security analytics system determines whether a particular security policy configuration (as established by the security policy management system) needs to be (or should be) changed, e.g., to reduce the number of incidents caused by a misconfiguration, to increase its effectiveness in some manner, or the like. As a result of the evaluation, the security analytics system may cause a policy to be updated automatically, notify an administrator of the need for the change (and the recommendation), or take some other action to evolve one or more security policies being enforced by the security policy management system. | 07-11-2013 |
20130205365 | Policy and compliance management for user provisioning systems - A user provisioning system is extended to enable account reconciliation to occur in conjunction with a provisioning request. In response to a user provisioning request, a determination is made whether the user provisioning request is to be extended by including a reconciliation request. If so, the reconciliation request is piggy-backed on top of the provisioning request. This approach enables the reconciliation operation to be scoped to just the particular user account that is the subject to the provisioning operation, and it enables reconciliation to be carried out much more frequently as compared to the periodic, batch-oriented approach of prior techniques. | 08-08-2013 |
20140351409 | MONITORING CLIENT INFORMATION IN A SHARED ENVIRONMENT - A method for monitoring client information within a shared environment. The method includes identifying a first physical location of a server computer, the server computer providing computing resources to a client within a shared environment, and collecting information associated with the client, the information including computing resources of the server computer provided to the client. The method includes creating a map showing the first physical location of the server computer and the collected information associated with the client. The method includes identifying a current physical location of the server computer and determining whether the current location is different than the first location. The method then, in response to determining the current location is different than the first location, includes updating the map with the identified current physical location of the server computer. | 11-27-2014 |
20140380484 | Intelligent Risk Level Grouping for Resource Access Recertification - A computing device receives requests for approval of a plurality of access entitlements, which includes respective identity accounts, each associated with security intelligence information. The computing device determines risk factors for each respective identity account and associated security intelligence information, and determines a risk level for each of the plurality of access entitlements based at least in part on the risk factors. The computing device groups the plurality of access entitlements based on the risk level determined for each of the plurality of access entitlements. The computing device determines if the risk level of a group is low-risk based on the risk level of the plurality of access entitlements of the group, and in response to determining the risk level of the group is low risk, the computing device enables approval of the plurality of access entitlements of the group. | 12-25-2014 |
20150067761 | MANAGING SECURITY AND COMPLIANCE OF VOLATILE SYSTEMS - An inventory manager optimizes the security and maintenance of a plurality of virtual machines and their workloads in a cloud environment and has: an inventory database, a workload compliance history of scanning workloads database, and a workload category database including security rules and compliance policies relating to workload category in a repository. The inventory manager identifies changes to characteristics of the workload of the plurality of virtual machines; alters the inventory database stored in the repository and maintained by the inventory manager, based on the identified changes to the characteristics of the workload of the plurality of virtual machines; and initiates security rules and compliance policies of the workload category database based on the identified changes to the characteristics of the workload of the plurality of virtual machines through a security tools program. | 03-05-2015 |