Risk-based access to computing environment secrets

Risk-based access to computing environment secrets

Technology for risk-based access to secrets utilizes risk metadata tailored to secrets. Secrets include passwords, security tokens, digital certificates, and other items used for identity authentication, authorization, signing, validation, and other cybersecurity processes. A secret's risk meta...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Lounsberry, Brian
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Technology for risk-based access to secrets utilizes risk metadata tailored to secrets. Secrets include passwords, security tokens, digital certificates, and other items used for identity authentication, authorization, signing, validation, and other cybersecurity processes. A secret's risk metadata may indicate which controls protect the secret, the deployment scope of the secret or the asset it secures, known exposures of the secret, whether the secret secures other secrets, the impact if the secret is misused, the secret's strength, characteristics of the asset the secret secures, the secret's risk history, and other characteristics of secrets that set them apart. Unlike secrets, typical user-generated digital assets like web pages, documents, image files, and so on have value on their own. An enhanced system distinguishes between secrets and non-secrets when modulating access, making it possible to automatically provide consistent, efficient, and effective risk-based control over access to secrets.