Patent application number | Description | Published |
20100174780 | INTEGRATING PARTICIPANT PROFILE INFORMATION INTO REAL-TIME COLLABORATIONS - An online collaboration system can access data in one or more skills repositories to search for participants with indicated skills and automatically display participants' skill information during online collaborations. Searching for participants by skill allows individuals most likely to add value to a discussion to be identified and invited to an online collaboration. Displaying skill information can facilitate focused interaction leading to a more productive online collaboration. | 07-08-2010 |
20100175115 | MANAGEMENT OF CREDENTIALS USED BY SOFTWARE APPLICATIONS - An identity management (“IdM”) system can change the credentials at certain intervals. If credentials change, there is no way for an application that uses the credentials to know that the credentials have changed because the application dependency relationships are unknown. When service account credentials change, credentials are typically manually updated for each dependent application. Some embodiments of the inventive subject matter allow IdM systems to track application dependencies for service accounts. The IdM systems can detect when service account credentials change and automatically notify dependent applications of the new service account credentials. | 07-08-2010 |
20100175129 | METHOD FOR NOTIFICATION UPON EXPOSURE TO OFFENSIVE BEHAVIOURAL PATTERNS IN COLLABORATION - A system and method for protecting a user from offensive behavior in communications and notifying the user and/or an enforcement entity of the offensive behavior. The offensive content analysis system monitors communications between users for offensive behavior. The offensive content analysis system may measure the level of current offense in the communication and determine a historical offensive behavior pattern for the user. The offensive content analysis system may then determine if the offensive behavior, both current and historical, rises to a threshold behavior level. The offensive content analysis system may take notification action if the offensive behavior meets the threshold level. | 07-08-2010 |
20140109168 | Automated role and entitlements mining using network observations - A role and entitlements mining system uses network intelligence to facilitate role definition. The system records traffic on a network. The traffic is analyzed to identify the user and application involved. The matched data is then provided to an analytics engine, which analyzes that data to attempt to derive an initial set of one or more roles and the application entitlements for each role. Each role derived by the analytics engine identifies one or more users who are identified as belonging to the role, as well as one or more application entitlements. Preferably, one or more directory services are then interrogated for known group and user relationships to detect whether the roles identified by the analytics engine can be modified or enriched. Evaluation of the known group and user relationships provides a way to identify a more granular set of role definitions. A role-based access control policy is then generated. | 04-17-2014 |
20140380475 | USER CENTRIC FRAUD DETECTION - A computer detects fraudulent access to user accounts of a network application. The computer receives user account usage profile information for a plurality of user accounts. Rules are determined, based in part on the user account profile information, that define account usage patterns across two or more user accounts that identify fraudulent user account usage. The computer receives user account usage event information for a plurality of user accounts. Based on the determined rules, the computer identifies fraudulent user account usage patterns in the user account usage event information and transmits a security alert to the user accounts associated with the identified fraudulent user account usage pattern. | 12-25-2014 |
20140380478 | USER CENTRIC FRAUD DETECTION - A computer detects fraudulent access to user accounts of a network application. The computer receives user account usage profile information for a plurality of user accounts. Rules are determined, based in part on the user account profile information, that define account usage patterns across two or more user accounts that identify fraudulent user account usage. The computer receives user account usage event information for a plurality of user accounts. Based on the determined rules, the computer identifies fraudulent user account usage patterns in the user account usage event information and transmits a security alert to the user accounts associated with the identified fraudulent user account usage pattern. | 12-25-2014 |
20150373031 | DETERMINING EMAIL AUTHENTICITY - Monitoring across multiple-channels, used by multiple devices, to determine which email messages being sent to a user are solicited by the user. A broad spectrum of network and telephony access records are analyzed to determine whether an email message is likely being sent as a result of legitimate services access by the user. | 12-24-2015 |
20160080354 | RECOVERY FROM ROLLING SECURITY TOKEN LOSS - An aspect of recovery from rolling security token loss includes storing, in a memory device accessible by a server computer, a token pair (B) transmitted to a client device. The token pair (B) includes an access token (a | 03-17-2016 |
20160080383 | RECOVERY FROM ROLLING SECURITY TOKEN LOSS - An aspect of recovery from rolling security token loss includes storing, in a memory device accessible by a server computer, a token pair (B) transmitted to a client device. The token pair (B) includes an access token (a2) and a refresh token (r2) and is generated as part of a refresh operation. An aspect also includes storing, in the memory device, a refresh token (r1) that was generated by the server computer before generation of the token pair B. The refresh token (r1) and the refresh token (r2) are each tagged as a valid refresh token. An aspect further includes receiving, at the server computer, a request to access a network resource that includes the access token (a2), invalidating the refresh token (r1), and providing the client device with access to the network resource. | 03-17-2016 |