| CPC H04L 63/105 (2013.01) [G06N 20/00 (2019.01)] | 20 Claims |
|
1. A computer device for using a machine learning model to predict necessary user permissions in a network environment, the computer device comprising:
memory comprising a non-transitory computer readable medium storing the machine learning model;
processor circuitry configured to:
receive access permission data including:
multiple roles;
permissions associated with each role, wherein each permission identifies a set of one or more permitted actions and a set of one or more permitted resources of the network environment that the one or more permitted actions may be performed on; and
user data identifying users assigned to each of the multiple roles;
receive activity logs comprising records of user activities over a duration of time, wherein each activity log identifies a particular role of the multiple roles, a particular resource, and a particular action performed by the particular role on the particular resource;
apply the machine learning model to the received access permission data and the received activity logs, such that the machine learning model outputs predictions, wherein:
each prediction identifies an associated role, an associated action, and a score; and
the score specifies a probability that the associated action would be required in the future by a user assigned to the associated role;
create a restriction recommendation by:
identifying as elimination candidates each prediction having a score below a threshold;
for each of the elimination candidates:
when the associated role did not perform the associated action in the received activity logs, include in the restriction recommendation a recommendation to remove the associated action from the associated role;
when the associated role did perform the associated action in the received activity logs, identify the resources that the associated role performed the associated action on and include in the restriction recommendation a recommendation to restrict the associated action for the associated role to being performed on the identified resources;
output the restriction recommendation;
wherein the processor circuitry is configured to apply the machine learning model to the received access permission data and the received activity logs using collaborative filtering by:
generating from the received access permission data and the received activity logs a matrix of cells X having a first dimension representing roles and a second dimension represents actions, such that each cell of the matrix X represents an associated role and an associated action and a value of the cell identifies whether the associated role performed the associated action in the training data;
creating two matrices U and V and iteratively modifying the values in U and V to minimize a loss function measuring a difference between matrix X and a product of matrices U and V (U*V), where each cell in U*V represents a paired role and a paired action and a value of the cell represents a probability that the paired role requires the use of the paired action; and
outputting U*V as the predictions of the machine learning model, wherein the value of each of the cells in U*V represents one of the predictions.
|