Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Cobalt Iron Earns Patent on Analytics-Based Dynamic Authorization Control

April 2024 by Marc Jacob

Cobalt Iron Inc. announced that it has received a patent on its technology for dynamic authorization control based on Information Technology (IT) security and operational events. U.S. patent No. 11902285, issued on Feb. 13, describes dynamic, multidimensional authorization control techniques that respond to changes or events in the environment and that improve over time based on machine learning. The company will implement these techniques in Cobalt Iron Compass®, an enterprise SaaS backup platform.

Today’s IT and data environments are rapidly changing. So, too, are the security requirements, such as the constantly changing need to respond to ever more sophisticated cyber attacks. The industry lacks authorization controls that respond to cyber threats, events, or other changes in the IT environment.

Authorization controls are the processes by which individuals or entities are validated to have proper security authentication (i.e., identity verification) and access control (permissions and privileges) to execute some action (e.g., access, view, move, write, delete, configure, etc.) against some resource (e.g., a building, bank account, applications, data, IT resources, operation centers, etc.). Existing techniques are typically two-dimensional in nature, providing control over functional permissions and the domain, or scope, of those permissions.
It is common for IT administrators to have many roles and to move frequently between different teams, some of which are transient, and some of which could partially or completely overlap or even conflict. In addition, roles may change in different operational environments (e.g., in different clouds, data centers, projects, stages of a project, etc.). For example, a systems administrator could also be assigned to a data center migration team, a disaster recovery test team, an audit team, or other project roles. The required authentication controls will likely be different for each of those various roles. Existing approaches are typically static and simply maintain the same authorization for the administrator no matter what role or project team they might be working on. This practice could result in inappropriate access, thereby increasing business risk.

Furthermore, in most current environments, authentication roles and associated permissions are often left in place for long periods of time, sometimes years, without further validation or adjustment. As job responsibilities, projects, applications, architectures, and business needs change, these stale roles and permission assignments often lead to security exposures.
This patent introduces approaches that provide more dynamic control of authentication privileges based on changing user roles, current security conditions, and historical analysis of past operational outcomes of authentication levels. The technology qualifies for a patent because it uses analytics and machine learning to make these dynamic adjustments. When fully implemented, the patented techniques will make it possible for Compass to:
• Inform analytics with historical data on security events, authentication levels for members of various teams, operational outcomes of those member authentication levels, evolving team member roles, and other data.
• Apply machine learning analytics to determine optimal adjustments to team and member authentication levels during security events.
• Monitor for various conditions and events, including a change in team member roles, a change in the locality of data or other resources, or indications of a cyber security event.
• Dynamically modify user authorization control, level, or duration based on the condition or event and the machine learning analysis.
• Leverage a cloud security profile in the determination of any user authorization modifications.

For example, if a user is acting in a different role on a different team, Compass may automatically adjust authorization control to the IT resources associated with the new role and team. In another example, analysis of operational outcomes of authentication controls during previous cyber security events might indicate a need to adjust authentication levels automatically during future security events to optimize business processes and reduce risk.

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts