Abstract: A system for acquiring time limited data to facilitate integrity verification in real-time applications (RTAs) includes an agent and a collector. The agent is associated with a RTA and is in communication with the collector. The agent defines a plurality of time ordered time frames and during each time frame collects a collection of events from event sources occurring on the RTA. The agent calculates a local integrity check from the collection and a previous integrity check or an initial key, and transmits a global integrity check calculated from local integrity checks to the collector. The collector receives the global integrity check from the agent and stores the received global integrity check in a secure storage. The collector validates the integrity of the global integrity check and the received collections of events.

Abstract: Security can be improved in a business application or system, such as a mission-critical application, by automatically analyzing user access (UA) and segregation of duties (SoD). This analysis may be using a graphical representation of a model with nodes for business application concepts and edges for relationships between nodes. A review of the graphical representation is used for UA and SoD.

Abstract: Systems and methods detect and prevent changes in business applications that modify its state to non-secure and/or non-compliant. A system may include a processor set up to perform: defining a compliant state of a computer software configuration, monitoring a state of the computer software configuration, detecting a change in the state of the computer software configuration, wherein the change causes a changed state, and comparing the compliant state and the changed state, wherein if the changed state conflicts with the compliant state, stopping the change.

Abstract: A method includes extracting from a computer-based system, (e.g., a role-based access control system) information identifying users and information identifying one or more profiles for each of the users, creating one computer-based user bloom filter for each one of the users, creating one computer-based profile bloom filter for each one of the profiles and creating one action bloom filter for each of a plurality of possible end user queries. Each profile corresponds to one or more assigned authorizations, each user bloom filter correlates an associated one of the users to one or more of the assigned profiles, each profile bloom filter correlates an associated one of the profiles to one or more of the assigned authorizations, and each action bloom filter correlates an associated one of the possible end user queries to a set of users that are authorized to perform the action associated with the corresponding end user query.

Abstract: A system for acquiring time limited data to facilitate integrity verification in real-time applications (RTAs) includes an agent and a collector. The agent is associated with a RTA and is in communication with the collector. The agent defines a plurality of time ordered time frames and during each time frame collects a collection of events from event sources occurring on the RTA. The agent calculates a local integrity check from the collection and a previous integrity check or an initial key, and transmits a global integrity check calculated from local integrity checks to the collector. The collector receives the global integrity check from the agent and stores the received global integrity check in a secure storage. The collector validates the integrity of the global integrity check and the received collections of events.

Abstract: A method includes extracting from a computer-based system, (e.g., a role-based access control system) information identifying users and information identifying one or more profiles for each of the users, creating one computer-based user bloom filter for each one of the users, creating one computer-based profile bloom filter for each one of the profiles and creating one action bloom filter for each of a plurality of possible end user queries. Each profile corresponds to one or more assigned authorizations, each user bloom filter correlates an associated one of the users to one or more of the assigned profiles, each profile bloom filter correlates an associated one of the profiles to one or more of the assigned authorizations, and each action bloom filter correlates an associated one of the possible end user queries to a set of users that are authorized to perform the action associated with the corresponding end user query.