US 12,107,900 B2
Revision of access control system triggered by policies based on risks and/or countermeasures thereof
Gianluca Gargaro, Rome (IT); Raffaele Giulio Sperandeo, Marcianise (IT); Luigi Lombardi, Naples (IT); and Davide Fazzone, Baiano (IT)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by INTERNATIONAL BUSINESS MACHINES CORPORATION, Armonk, NY (US)
Filed on Mar. 16, 2021, as Appl. No. 17/202,442.
Prior Publication US 2022/0303313 A1, Sep. 22, 2022
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/205 (2013.01) [H04L 63/101 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for facilitating a maintenance of an access control system for controlling access to one or more resources of an information technology system by one or more subjects according to corresponding access control information, wherein the method comprises:
retrieving, by the control computing system, one or more trigger policies each based on one or more policy parameters, the one or more policy parameters of the one or more trigger policies comprising one or more state parameters relating to a current state of the access control system and one or more security parameters relating to one or more risks of the access control system and one or more countermeasures for mitigating the risks;
wherein each of the one or more risks of the access control system comprises an entry identifying an asset and an entry identifying a specific risk,
wherein each entry identifying the asset comprises an asset value defined by an estimated number of employee hours required to recover from an occurrence of the specific risk and an estimated processing power required to recover from the occurrence of the specific risk,
wherein each entry identifying the specific risk comprises a role causing the specific risk and a list of one or more assets damaged by the occurrence of the specific risk;
wherein the one or more countermeasures for mitigating the specific risk comprises actions taken to reduce a probability and threat of the one or more risks and an associated cost,
wherein the one or more countermeasures for mitigating the specific risk comprises audits, procedures for handling exceptions and transfers of risks to third parties;
retrieving, by the control computing system, the one or more policy parameters;
evaluating, by the control computing system, the one or more trigger policies according to the corresponding retrieved one or more policy parameters;
determining, by the control computing system, a trigger indicator according to a result of the evaluated one or more trigger policies;
storing, by the control computing system, the historical information comprising an indication of one or more affected control items contributing to define the access control information being affected by the revision;
determining, by the control computing system, corresponding impact indicators of the affected control items, wherein the impact indicator of each of the affected control items is based on a number of risks caused by the affected control item, a qualitative level of the impact of each of the number of risks caused by the impacted control item ranging from 0 to 1, an exposure factor of each of number of the risks caused by the impacted control item, a value of each asset impacted by each of the number of risks caused by the impacted control item, and a total value of all assets of the access control system; and
outputting, by the control computing system, an indication of the trigger indicator to trigger a revision of the access control system in response thereto, the revision comprising a mining activity for mapping the subjects to the resources and a possible update of the access control information based on a result of the mining activity.