Patents by Inventor Chad Renfro
Chad Renfro has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10963575Abstract: Methods and apparatuses are described for enterprise access control governance in a computerized information technology (IT) architecture. A server generates a first vector space, each node in the first space representing a user of resources in the IT architecture and including attributes of the user. The server generates a second vector space, each node in the second space representing an entitlement to access resources in the IT architecture and including attributes of the entitlement. The server creates an entitlement utility matrix by mapping nodes in the first space to nodes in the second space. The server determines a set of recommended entitlements for a plurality of users based upon the utility matrix. The server determines a discrepancy between the set of recommended entitlements for a first user and a set of existing entitlements for the first user and adjusts the set of existing entitlements based upon the discrepancy.Type: GrantFiled: September 13, 2018Date of Patent: March 30, 2021Assignee: FMR LLCInventors: Sean Wang, Paulina Li, Han Zhou, Chad Renfro, Daniel Shnowske, Sean Catlett
-
Publication number: 20190251274Abstract: Methods and apparatuses are described for enterprise access control governance in a computerized information technology (IT) architecture. A server generates a first vector space, each node in the first space representing a user of resources in the IT architecture and including attributes of the user. The server generates a second vector space, each node in the second space representing an entitlement to access resources in the IT architecture and including attributes of the entitlement. The server creates an entitlement utility matrix by mapping nodes in the first space to nodes in the second space. The server determines a set of recommended entitlements for a plurality of users based upon the utility matrix. The server determines a discrepancy between the set of recommended entitlements for a first user and a set of existing entitlements for the first user and adjusts the set of existing entitlements based upon the discrepancy.Type: ApplicationFiled: September 13, 2018Publication date: August 15, 2019Inventors: Sean Wang, Paulina (Pu) Li, Han Zhou, Chad Renfro, Daniel Shnowske, Sean Catlett
-
Patent number: 10089480Abstract: Methods and apparatuses are described for enterprise access control governance in a computerized information technology (IT) architecture. A server generates a first vector space, each node in the first space representing a user of resources in the IT architecture and including attributes of the user. The server generates a second vector space, each node in the second space representing an entitlement to access resources in the IT architecture and including attributes of the entitlement. The server creates an entitlement utility matrix by mapping nodes in the first space to nodes in the second space. The server determines a set of recommended entitlements for a plurality of users based upon the utility matrix. The server determines a discrepancy between the set of recommended entitlements for a first user and a set of existing entitlements for the first user and adjusts the set of existing entitlements based upon the discrepancy.Type: GrantFiled: August 9, 2017Date of Patent: October 2, 2018Assignee: FMR LLCInventors: Sean Wang, Paulina (Pu) Li, Han Zhou, Chad Renfro, Daniel Shnowske, Sean Catlett
-
Patent number: 8763069Abstract: Embodiments of the invention relate to systems, methods, and computer program products for monitoring and/or controlling access to entitlements. For example, in one embodiment a computer program product is configured to periodically examine the members of a particular community in an organization and automatically identify members in the community that have access to software applications, datasets, or other organizational resources that are uncommon in the community, which may indicate that the member should not have access to the such resources. The computer program product of embodiments of the invention is also configured to automatically and periodically determine the resources that members of the same community should all probably have access to. As such, embodiments of the present invention allow an organization to more efficiently monitor and control access to its resources and other entitlements.Type: GrantFiled: June 27, 2008Date of Patent: June 24, 2014Assignee: Bank of America CorporationInventors: Chad Renfro, Christopher P. Higgins
-
Patent number: 8453246Abstract: Apparatus and method for managing risk in an environment where information is received regarding a problem in an environment. A security risk is analyzed associated with the problem. Controls associated with the environment containing the problem are analyzed. A framework is generated defining one or more controls for mitigating the security risk responsive to the analyzed security risk and controls.Type: GrantFiled: December 20, 2007Date of Patent: May 28, 2013Assignee: Bank of America CorporationInventors: Robert A. Lang, Chad Renfro, Sean Catlett, Matt Hinman, Chris Higgins
-
Patent number: 8256004Abstract: Embodiments of the present invention are directed to methods, systems and computer program products for a control transparency framework which is, in one embodiment, a transparent (i.e. easy to understand) and actionable risk/reward approach for organizational processes, controls, training and development. The control transparency framework method includes identifying threats to an organization, developing a risk score for each of the threats to develop a threat portfolio, developing a maturity portfolio, developing a control portfolio, determining a gap portfolio, and developing a control transparency portfolio to close gaps. A gap exists between a target state maturity level of each identified threat and a current maturity level of each control assigned to handle each identified threat, such that the gap occurs if the target state maturity level is at a level that is lower than the control maturity level.Type: GrantFiled: October 29, 2008Date of Patent: August 28, 2012Assignee: Bank of America CorporationInventors: Marshell L. Hill, Tianay Carroll, Johnna Carter, Chris Higgins, Chad Renfro, Dan Yomine
-
Patent number: 8122510Abstract: A system and method for managing unstructured data that includes identifying at least one unstructured data environment with unstructured data, identifying mitigating controls in each of the unstructured data environments, the mitigating controls reducing a security risk associated with each of the unstructured data environments, and generating at least one process for managing the unstructured data in each of the unstructured data environments, the process including defining mitigating controls for managing the unstructured data in each of the unstructured data environments.Type: GrantFiled: November 14, 2007Date of Patent: February 21, 2012Assignee: Bank of America CorporationInventors: Allan C. Byers, Chad Renfro, Cristi Pendleton, Hayes Rutter, Trish Harris, Eric Mailloux, Scott Plummer, Will Stranathan, Rhonna Clark, Raymond Fontenault
-
Publication number: 20090328132Abstract: Embodiments of the invention relate to systems, methods, and computer program products for monitoring and/or controlling access to entitlements. For example, in one embodiment a computer program product is configured to periodically examine the members of a particular community in an organization and automatically identify members in the community that have access to software applications, datasets, or other organizational resources that are uncommon in the community, which may indicate that the member should not have access to the such resources. The computer program product of embodiments of the invention is also configured to automatically and periodically determine the resources that members of the same community should all probably have access to. As such, embodiments of the present invention allow an organization to more efficiently monitor and control access to its resources and other entitlements.Type: ApplicationFiled: June 27, 2008Publication date: December 31, 2009Applicant: Bank of America CorporationInventors: Chad Renfro, Christopher P. Higgins
-
Publication number: 20090260086Abstract: Apparatus and method for managing risk in an environment where information is received regarding a problem in an environment. A security risk is analyzed associated with the problem. Controls associated with the environment containing the problem are analyzed. A framework is generated defining one or more controls for mitigating the security risk responsive to the analyzed security risk and controls.Type: ApplicationFiled: December 20, 2007Publication date: October 15, 2009Inventors: Robert A. Lang, Chad Renfro, Sean Catlett, Matt Hinman, Chris Higgins
-
Publication number: 20090125973Abstract: A system and method for managing unstructured data that includes identifying at least one unstructured data environment with unstructured data, identifying mitigating controls in each of the unstructured data environments, the mitigating controls reducing a security risk associated with each of the unstructured data environments, and generating at least one process for managing the unstructured data in each of the unstructured data environments, the process including defining mitigating controls for managing the unstructured data in each of the unstructured data environments.Type: ApplicationFiled: November 14, 2007Publication date: May 14, 2009Inventors: Allan C. Byers, Chad Renfro, Cristi Pendleton, Hayes Rutter, Trish Harris, Eric Mailloux, Scott Plummer, Will Stranathan, Rhonna Clark, Raymond Fontenault
-
Patent number: 7496964Abstract: A method for automated risk management may include presenting a rule request graphical user interface (GUI) for a requester to enter information related to a rule request for a rule. The method may also include determining a risk rating score for the rule based on information entered in the rule request GUI. The information may include at least one of source information, destination information, service information and port information.Type: GrantFiled: November 23, 2004Date of Patent: February 24, 2009Assignee: Bank of America CorporationInventors: Chad Renfro, Arun Sankaran, Christina Murray, Ajay Barve
-
Publication number: 20060129587Abstract: A method for automated risk management may include presenting a rule request graphical user interface (GUI) for a requester to enter information related to a rule request for a rule. The method may also include determining a risk rating score for the rule based on information entered in the rule request GUI. The information may include at least one of source information, destination information, service information and port information.Type: ApplicationFiled: November 23, 2004Publication date: June 15, 2006Applicant: BANK OF AMERICA CORPORATIONInventors: Chad Renfro, Arun Sankaran, Christina Murray, Ajay Barve