Patents by Inventor Ronald James Kuhlmeier

Ronald James Kuhlmeier has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10824754
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Grant
    Filed: January 30, 2020
    Date of Patent: November 3, 2020
    Assignee: BANK OF AMERICA CORPORATION
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Publication number: 20200167495
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Application
    Filed: January 30, 2020
    Publication date: May 28, 2020
    Applicant: Bank of America Corporation
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Patent number: 10659469
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Grant
    Filed: February 13, 2018
    Date of Patent: May 19, 2020
    Assignee: Bank of America Corporation
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Patent number: 10607022
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Grant
    Filed: February 13, 2018
    Date of Patent: March 31, 2020
    Assignee: Bank of America Corporation
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Publication number: 20190251276
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Application
    Filed: February 13, 2018
    Publication date: August 15, 2019
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Publication number: 20190253427
    Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.
    Type: Application
    Filed: February 13, 2018
    Publication date: August 15, 2019
    Inventors: John Howard Kling, Brandon Sloane, Regina Yee Cadavid, Rachel Yun Kim Bierner, Ronald James Kuhlmeier
  • Patent number: 10339309
    Abstract: A system for identifying anomalies in an information system is typically configured for: collecting information regarding a hierarchy of capabilities, a hierarchy of resources, capability instances, and resource instances of the information system; storing, in a graph database, nodes corresponding to the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting information regarding relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; defining, in the graph database, edges corresponding to the relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting event and/or state data for the information system; comparing the event and/or state data to the graph database and determining that an event and/or state is anomalous; and, in response to determining that the event and/or state is anomalous, taking an information security a
    Type: Grant
    Filed: June 9, 2017
    Date of Patent: July 2, 2019
    Assignee: Bank of America Corporation
    Inventors: John Howard Kling, Mark Earl Brubaker, Ronald James Kuhlmeier, Brian D. Diederich, Brandon Matthew Sloane, Rachel Yun Kim Bierner, Cora Yan Quon
  • Publication number: 20190114369
    Abstract: The invention provides a multidimensional graph database with property and relationship subclasses. In comparison to current graph database technology, which only allows for the creation of nodes, relationships, and properties for the nodes and relationships, the new multidimensional graph database treats properties as a separate object class. In this way, each property may in turn have one or more of its own properties and/or relationships to other nodes, relationships, or properties. The system is able to add as many layers of properties and relationships as needed to precisely represent the data as well as the relationships between and/or amongst the data. By extending the graph database schema beyond the conventional bounds, the multidimensional graph database increases the efficiency of database queries while simultaneously increasing the depth and quality of the data produced by the search queries.
    Type: Application
    Filed: October 17, 2017
    Publication date: April 18, 2019
    Inventors: Brandon Sloane, John Howard Kling, Ronald James Kuhlmeier
  • Patent number: 10003598
    Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.
    Type: Grant
    Filed: April 15, 2016
    Date of Patent: June 19, 2018
    Assignee: Bank of America Corporation
    Inventors: John Howard Kling, Mark Earl Brubaker, Cora Yan Quon, Rachel Yun Kim Bierner, Armen Moloian, Ronald James Kuhlmeier
  • Publication number: 20170302668
    Abstract: Systems, computer program products, and methods are described herein for a model framework and system for cyber security services. The present invention is configured to determine one or more access paths to the internal computing device from an external computing device; determine one or more controls associated with each access path; determine one or more types of access that may be made via one or more of the access paths by the external computing device to access the internal computing device; determine whether the one or more controls associated with the at least one of the one or more access paths is capable of detecting the access; determine one or more tools configured to regulate the one or more controls; and incorporate the one or more tools within the network to regulate the one or more controls to detect and monitor the access.
    Type: Application
    Filed: April 15, 2016
    Publication date: October 19, 2017
    Inventors: John Howard Kling, Mark Earl Brubaker, Cora Yan Quon, Rachel Yun Kim Bierner, Armen Moloian, Ronald James Kuhlmeier