| 发明名称 |
DYNAMIC ENTERPRISE SECURITY CONTROL BASED ON USER RISK FACTORS |
| 摘要 |
Aspects dynamically set enterprise-level security rules. Risk values representing likelihoods of loss of enterprise secure data are determined for different attributes of a user, and added together to generate a user risk factor. If the risk factor does not meet one or more off-site access threshold value(s), additional security enhancements applicable to the user and not enabled within currently applied security are iteratively selected and used to revise the security settings, and the risk factor is revised by a risk abrogation value of each of the selected security enhancements, until either the revised risk factor meets the off-site access threshold value(s) (wherein access is granted to the secure data from the off-site location pursuant to the revised security settings), or until no additional applicable security enhancements are available (wherein user access to the secure data from the off-site location is denied). |
| 申请公布号 |
US2016315947(A1) |
申请公布日期 |
2016.10.27 |
| 申请号 |
US201615203935 |
申请日期 |
2016.07.07 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
BOSS GREGORY J.;JONES ANDREW R.;LINGAFELT CHARLES S.;MCCONNELL KEVIN C.;MOORE, JR. JOHN E. |
| 分类号 |
H04L29/06;H04W12/08 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method for dynamically setting enterprise-level security rules, the method comprising executing on a computer processor the steps of:
in response to determining that a risk factor for a user does not meet an off-site access threshold value, determining whether an additional security enhancement of a plurality of additional security enhancements that are applicable to the user is not enabled within security settings associated with the user; and in response to determining that the additional security enhancement is applicable to the user and is not enabled within the security settings associated with the user, iteratively selecting a one of the additional security enhancements that is not currently enabled within the security settings, revising the security settings by enabling the selected one of the additional security enhancements within the security settings, and revising the risk factor by a risk abrogation value of the selected one of the additional security enhancements, until: granting access to the user, pursuant to the revised security settings, to enterprise secure data from an off-site location, in response to determining that the revised risk factor meets the off-site access threshold value; or denying access to the user to the enterprise secure data from the off-site location, in response to determining that there is no one of the additional security enhancements that is not enabled within the security settings or within the revised security settings. |
| 地址 |
Armonk NY US |
