| CPC H04L 63/205 (2013.01) [H04L 63/08 (2013.01); H04L 63/102 (2013.01); H04L 63/107 (2013.01); H04L 63/1433 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for enhancing access control for a computerized resource, the method comprising:
using one or more hardware processors:
retrieving, from a storage device, a set of one or more previously configured access control policy descriptor data structures of an organization, the set of one or more previously configured access control policy descriptor data structures describing access control policies applicable to granting access to the computerized resource, each particular previously configured access control policy descriptor data structure defining access controls and access control criteria including values for a corresponding applicable set of one or more access control signals;
identifying a set of one or more legal values for a plurality of access control signals;
determining an access control vulnerability based upon identifying gaps between the set of previously configured access control policy descriptor data structures and the set of legal values for the access control signals, the gaps including at least one legal value missing from the values of the corresponding applicable set of one or more access control signals for at least one of the set of one or more previously configured access control policy descriptor data structures; and
causing presentation of information describing the access control vulnerability within a graphical user interface.
|