Unlock instant, AI-driven research and patent intelligence for your innovation.

Automated access control policy generation for computer resources

A computer resource and access control technology, applied in computer components, computer security devices, computing, etc., can solve problems such as lack of resources, and achieve the effects of avoiding inefficiency, high availability and efficiency

Pending Publication Date: 2021-03-26
MICROSOFT TECH LICENSING LLC
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In other cases, they don't have the resources because the task can take a lot of time due to the large size of the data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automated access control policy generation for computer resources
  • Automated access control policy generation for computer resources
  • Automated access control policy generation for computer resources

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The following detailed description is directed to an automatic access control policy generation system for defining and applying access rules to control access to computer resources. As discussed briefly above, the large number of users and devices that have access to computer resources create an attack surface that is managed in the disclosed technology. Security of computer resources can be improved by the disclosed method of automatically generating access control rules for computer resources based on historical access data to reduce the attack surface of computer resources. The improved computer resource security of the disclosed method can bring significant benefits to administrators of computer resources, such as administrators of local as well as remote computer systems, in terms of protection of resources and data, which improves resource utilization, availability, and overall performance.

[0028] Although the subject matter described herein is presented in th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Methods, systems, and media are shown for generating access control rules for computer resources involving collecting historical access data for user accesses to a computer resource and separating thehistorical access data into a training data set and a validation data set. An access control rule is generated for the computer resource based on the properties of the user accesses to the computer resource in the training data set. The rule is validated against the validation data set to determine whether the rule produces a denial rate level is below a threshold when the rule is applied to thevalidation data set. If the rule is valid, then it is provided to an administrative interface so that an administrator can select the rule for application to incoming user requests.

Description

Background technique [0001] In network security, using legitimate (vulnerable) files for malicious use or accessing files with sensitive information, malicious actors or attackers frequently attempt to infiltrate computer systems in order to access or damage files with sensitive information Or drop malicious files on the machine's file system. For example, financial or personal information may be obtained and sold or used to steal funds. Vital information of public and private entities can be stolen, corrupted or destroyed. [0002] To reduce the vulnerability (eg, attack surface) of computer resources, an organization's security officer or administrator can restrict access to a machine's computer resources, such as their file systems and services. However, existing solutions typically require manual configuration by an administrator for each computer resource and user pair. As a result, operators of large numbers of machines typically need to (1) understand what machines n...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60G06F21/62H04L29/06
CPCG06F21/604G06F21/6218G06F2221/2111G06F2221/2137H04L63/10H04L63/107H04L63/108G06F21/50G06N20/00H04L63/20H04L63/102G06F18/214G06F18/217G06F18/24155
Inventor B·克利格尔Y·利弗尼R·H·普利斯金R·莱文M·A·M·舍曼M·伊斯雷尔M·Z·巴格利
Owner MICROSOFT TECH LICENSING LLC