Cobalt Iron Receives Patent

Cobalt Iron has received a patent on its technology for dynamic authorisation control based on Information Technology (IT) security and operational events.

U.S. patent No. 11902285, describes dynamic, multidimensional authorisation control techniques that respond to changes or events in the environment and that improve over time based on machine learning. The company will implement these techniques in Cobalt Iron Compass®, an enterprise SaaS backup platform.

Today's IT and data environments are rapidly changing. So, too, are the security requirements, such as the constantly changing need to respond to ever more sophisticated cyber attacks. The industry lacks authorisation controls that respond to cyber threats, events, or other changes in the IT environment.

Authorisation controls are the processes by which individuals or entities are validated to have proper security authentication (i.e., identity verification) and access control (permissions and privileges) to execute some action (e.g., access, view, move, write, delete, configure, etc.) against some resource (e.g., a building, bank account, applications, data, IT resources, operation centres, etc.). Existing techniques are typically two-dimensional in nature, providing control over functional permissions and the domain, or scope, of those permissions.

It is common for IT administrators to have many roles and to move frequently between different teams, some of which are transient, and some of which could partially or completely overlap or even conflict. In addition, roles may change in different operational environments (e.g., in different clouds, data centres, projects, stages of a project, etc.). For example, a systems administrator could also be assigned to a data centre migration team, a disaster recovery test team, an audit team, or other project roles. The required authentication controls will likely be different for each of those various roles. Existing approaches are typically static and simply maintain the same authorisation for the administrator no matter what role or project team they might be working on. This practice could result in inappropriate access, thereby increasing business risk.

Furthermore, in most current environments, authentication roles and associated permissions are often left in place for long periods of time, sometimes years, without further validation or adjustment. As job responsibilities, projects, applications, architectures, and business needs change, these stale roles and permission assignments often lead to security exposures.

This patent introduces approaches that provide more dynamic control of authentication privileges based on changing user roles, current security conditions, and historical analysis of past operational outcomes of authentication levels. The technology qualifies for a patent because it uses analytics and machine learning to make these dynamic adjustments. When fully implemented, the patented techniques will make it possible for Compass to:

Inform analytics with historical data on security events, authentication levels for members of various teams, operational outcomes of those member authentication levels, evolving team member roles, and other data.

Apply machine learning analytics to determine optimal adjustments to team and member authentication levels during security events.

Monitor for various conditions and events, including a change in team member roles, a change in the locality of data or other resources, or indications of a cyber security event.
Dynamically modify user authorisation control, level, or duration based on the condition or event and the machine learning analysis.

Leverage a cloud security profile in the determination of any user authorisation modifications.
For example, if a user is acting in a different role on a different team, Compass may automatically adjust authorisation control to the IT resources associated with the new role and team. In another example, analysis of operational outcomes of authentication controls during previous cyber security events might indicate a need to adjust authentication levels automatically during future security events to optimise business processes and reduce risk.

www.cobaltiron.com