Abstract: Embodiments of the invention relate to systems, methods, and computer program products that provide for an employee security risk score. The security risk score is presented as an extensible composite vector that supports an arbitrary number of risk categories. The risk categories can be aggregated at any level in the business hierarchy or according to any employee parameter. The simplistic, highly normalized approach to employee security risk scoring reduces redundancies and dependencies and provides for real-time updates, As such, the employee security risk scoring system provides for easily identifiable recognition of employees who pose security threats and for a means to track and monitor security risks posed by the employee based on their security risk score.

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.

Abstract: Embodiments of the invention relate to risk assessments and, more particularly to performing access risk assessments based on identified outliers.

Abstract: Embodiments of the invention relate to risk assessments and, more particularly to performing access risk assessments based on identified outliers.

Abstract: Embodiments of the invention relate to risk review assessments and, more particularly to determining risk review candidates by identifying two or more community categories, determining risk scores for each user/employee across risk categories, normalizing the risk scores based on community averages and community standard deviations and determining risk review candidates by comparing the normalized risk scores to predetermined thresholds. In additional embodiments, an outlier reinforcement score for each user/employee by summing all of the positive-valued normalized risk scores across the two or more communities and comparing the outlier reinforcement score to a predetermined threshold.

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.

Abstract: Embodiments of the invention relate to systems, methods, and computer program products that provide for an employee security risk score. The security risk score is presented as an extensible composite vector that supports an arbitrary number of risk categories. The risk categories can be aggregated at any level in the business hierarchy or according to any employee parameter. The simplistic, highly normalized approach to employee security risk scoring reduces redundancies and dependencies and provides for real-time updates, As such, the employee security risk scoring system provides for easily identifiable recognition of employees who pose security threats and for a means to track and monitor security risks posed by the employee based on their security risk score.

Abstract: A system, in which information is the primary asset and in which investments may be made in information, includes multiple data stores for storing different types of a user's information. The safe, secure and properly authorized transfer of information while preserving individual privacy is provided. The system also provides for secure backup and storage, as well as for ubiquitous and nomadic access to information while maintaining the privacy of such information. A first data store includes static identification data about a user. A second data store includes moderately dynamic personal data about the user. A third data store includes dynamic demographic information data about the user. An electronic wallet can be used with the system to download selected portions of the data for use by the user. A method of use of the data includes using the data for billing out forms, providing services to the user and allowing merchants to selectively target users for sales while maintaining user anonymity.

Abstract: A system and method for securely storing data provides for storing, managing, and updating an owner's secret data and for accessing the stored data by a trusted third party upon the occurrence of an event, such as the death of the owner. The system and method makes use of application software, such as a virtual wallet running at least in part on the server of a trusted third party and with a virtual executor function and a virtual archivist function. The virtual executor function automatically escrows a trusted third party's access aspect of the owner's secret device for accessing the stored data. Upon verification of the occurrence of the event, the virtual executor provides access to the stored data using the trusted third party's access aspect. The virtual archivist function automatically updates technologies related to the stored data.

Abstract: The present invention relates to a digital graphic signature system and methods for use in electronic commerce. The system comprises a document portion, including information relating to the document being executed, and a signature portion. The document portion and the signature portion may be encrypted and merged into a single object readily identifiable to an individual. The terminology “digital graphic signature” or “digigraphic signature” is utilized herein to describe the merged object. The digital graphic signature system of the present invention may be advantageously utilized in electronic transactions, including transactions over the internet and network systems. The digital graphic signature system of the present invention may also be advantageously utilized in conjunction with information banking and virtual wallets. Also disclosed is a digital graphic signet for transmitting a private communication.

Abstract: A system and method for controlling the transmission of information known as “cookies” stored on electronic media to Internet websites accessed by PC users utilizes a “cookie jar” in a server-based virtual wallet for the user. When a website server sends a “cookie” to the user's PC, the virtual wallet stores the cookie only after requesting and receiving the user's permission. When the user accesses the website server again, and the server requests return of the cookie, the virtual wallet sends the cookie only after requesting and receiving the user's permission. Alternatively, the user can preconfigure the virtual wallet with predefined parameters for withholding or sending the cookie when requested by the website server.

Abstract: The present invention provides apparatus, methods and systems for information and financial banking. Apparatus of the present invention include virtual wallets which allow for information and financial banking including payment mechanisms; identity authentication mechanisms; personal information; and electronic artifacts. Methods and systems of the present invention include information and financial banking methods utilizing virtual wallets. A preferred virtual wallet comprises a locally residing portion and a server residing portion. An interface is provided for communication between the two portions of the wallet.

Abstract: A system, in which information is the primary asset and in which investments may be made in information, includes multiple data stores for storing different types of a user's information. The safe, secure and properly authorized transfer of information while preserving individual privacy is provided. The system also provides for secure backup and storage, as well as for ubiquitous and nomadic access to information while maintaining the privacy of such information. A first data store includes static identification data about a user. A second data store includes moderately dynamic personal data about the user. A third data store includes dynamic demographic information data about the user. An electronic wallet can be used with the system to download selected portions of the data for use by the user. A method of use of the data includes using the data for billing out forms, providing services to the user and allowing merchants to selectively target users for sales while maintaining user anonymity.

Abstract: The present invention is a computer implemented method and system for translating a program (9) on a source application system in a first representation to a second representation on a target application system. The method includes the steps of generating a cross reference (27) between a first set of data items from the source application system and a second set of data items from the target application system; and translating the program (9) in the first representation on the source application system to the second representation on the target application system in accordance with the cross reference (27).