Dynamic optimizing scanner for identity and access management (IAM) compliance verification

An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulne...

Full description

Saved in:
Bibliographic Details
Main Authors Harter John Leslie, Palmieri David Walsh, Robke Jeffrey Tobias
Format Patent
LanguageEnglish
Published 10.04.2018
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:An identity and access management (IAM) system is associated with a set of data sources from which data is collected. A set of vulnerabilities that the IAM system should attempt to detect is identified. For each vulnerability to be detected, a prioritized list of strategies used to detect that vulnerability is generated. Preferably, each strategy specifies the type(s) of data required to detect that vulnerability. An algorithm to determine a best strategy to be used for detecting each vulnerability, preferably based on the data available from the data sources, is then identified. The IAM system then collects data in an optimized manner. In particular, during the collection process, the IAM system preferably collects only what is necessary based on the configuration, even if the data source is capable of providing additional data. The collected data is then processed to detect security vulnerabilities associated with the IAM accounts.
Bibliography:Application Number: US201715464746