Search

US-12619466-B2 - System and method for generating consolidated resource access control data in an electronic network

US12619466B2US 12619466 B2US12619466 B2US 12619466B2US-12619466-B2

Abstract

Embodiments of the present invention provide a system for generating consolidated resource access control data in an electronic network. The system is configured for identifying one or more entity resources associated with an entity, gathering access characteristics associated with the one or more entity resources from one or more third party entity systems, consolidating the access characteristics gathered from the one or more third party entity systems, parsing the consolidated access characteristics, via a data parsing application, to generate parsed data, auto-populating a matrix in a storage system based on the parsed data, and generating resource access control data associated with the one or more entity resources and the one or more third party entity systems based on auto-populated data from the matrix.

Inventors

  • Trina Perraut
  • Jason Lee Harris
  • Kara M. Schlageter
  • Sudhinder Baru
  • David Dee Middleton, JR.
  • Nathaniel Clark

Assignees

  • BANK OF AMERICA CORPORATION

Dates

Publication Date
20260505
Application Date
20230127

Claims (17)

  1. 1 . A system for generating consolidated resource access control data in an electronic network, the system comprising: at least one network communication interface; at least one non-transitory storage device; and at least one processing device coupled to the at least one non-transitory storage device and the at least one network communication interface, wherein the at least one processing device is configured to: identify one or more entity resources associated with an entity, wherein the one or more entity resources comprise software applications, frameworks, databases, and cloud platforms; gather access characteristics associated with the one or more entity resources from one or more third party entity systems, wherein the access characteristics comprise information associated with access and usage of the one or more entity resources by users associated with the one or more third party entity systems; consolidate the access characteristics gathered from the one or more third party entity systems; parse the consolidated access characteristics, via a data parsing application, to generate parsed data; auto-populate a matrix in a storage system based on the parsed data; and generate resource access control data associated with the one or more entity resources and the one or more third party entity systems based on auto-populated data from the matrix, wherein the resource access control data comprises type of access, classification of the access existence of privilege, and provisioning information.
  2. 2 . The system of claim 1 , wherein the at least one processing device is configured to receive the access characteristics from the one or more third party systems in a JSON format.
  3. 3 . The system of claim 2 , wherein parsing the consolidated access characteristics comprises converting the consolidated access characteristics from JSON format to a storage format accepted by the storage system.
  4. 4 . The system of claim 1 , wherein the matrix is a database table.
  5. 5 . The system of claim 1 , wherein the at least one processing device is further configured to implement one or more actions based on the resource access control data, wherein the one or more actions comprise at least one of: revoking pre-authorized access to the one or more entity resources; granting access to the one or more entity resources; and revising existing access to the one or more entity resources.
  6. 6 . The system of claim 1 , wherein the at least one processing device is further configured to automatically transmit the resource access control data to one or more entity systems associated with the entity.
  7. 7 . A computer program product for generating consolidated resource access control data in an electronic network, the computer program product comprising a non-transitory computer-readable storage medium having computer executable instructions for causing a computer processor to perform the steps of: identifying one or more entity resources associated with an entity, wherein the one or more entity resources comprise software applications, frameworks, databases, and cloud platforms; gathering access characteristics associated with the one or more entity resources from one or more third party entity systems, wherein the access characteristics comprise information associated with access and usage of the one or more entity resources by users associated with the one or more third party entity systems; consolidating the access characteristics gathered from the one or more third party entity systems; parsing the consolidated access characteristics, via a data parsing application, to generate parsed data; auto-populating a matrix in a storage system based on the parsed data; and generating resource access control data associated with the one or more entity resources and the one or more third party entity systems based on auto-populated data from the matrix, wherein the resource access control data comprises type of access, classification of the access existence of privilege, and provisioning information.
  8. 8 . The computer program product of claim 7 , wherein the computer executable instructions cause the computer processor to perform the step of receiving the access characteristics from the one or more third party systems in a JSON format.
  9. 9 . The computer program product of claim 8 , wherein parsing the consolidated access characteristics comprises converting the consolidated access characteristics from JSON format to a storage format accepted by the storage system.
  10. 10 . The computer program product of claim 7 , wherein the matrix is a database table.
  11. 11 . The computer program product of claim 7 , wherein the computer executable instructions cause the computer processor to perform the step of implementing one or more actions based on the resource access control data, wherein the one or more actions comprise at least one of: revoking pre-authorized access to the one or more entity resources; granting access to the one or more entity resources; and revising existing access to the one or more entity resources.
  12. 12 . The computer program product of claim 7 , wherein the computer executable instructions cause the computer processor to perform the step of automatically transmitting the resource access control data to one or more entity systems associated with the entity.
  13. 13 . A computer implemented method for generating consolidated resource access control data in an electronic network, wherein the method comprises: identifying one or more entity resources associated with an entity, wherein the one or more entity resources comprise software applications, frameworks, databases, and cloud platforms; gathering access characteristics associated with the one or more entity resources from one or more third party entity systems, wherein the access characteristics comprise information associated with access and usage of the one or more entity resources by users associated with the one or more third party entity systems; consolidating the access characteristics gathered from the one or more third party entity systems; parsing the consolidated access characteristics, via a data parsing application, to generate parsed data; auto-populating a matrix in a storage system based on the parsed data; and generating resource access control data associated with the one or more entity resources and the one or more third party entity systems based on auto-populated data from the matrix, wherein the resource access control data comprises type of access, classification of the access existence of privilege, and provisioning information.
  14. 14 . The computer implemented method of claim 13 , wherein the method comprises receiving the access characteristics from the one or more third party systems in a JSON format.
  15. 15 . The computer implemented method of claim 14 , wherein parsing the consolidated access characteristics comprises converting the consolidated access characteristics from JSON format to a storage format accepted by the storage system.
  16. 16 . The computer implemented method of claim 13 , wherein the matrix is a database table.
  17. 17 . The computer implemented method of claim 13 , wherein the method comprises implementing one or more actions based on the resource access control data, wherein the one or more actions comprise at least one of: revoking pre-authorized access to the one or more entity resources; granting access to the one or more entity resources; and revising existing access to the one or more entity resources.

Description

BACKGROUND There exists a need for a system that generates consolidated resource access control data in an electronic network. BRIEF SUMMARY The following presents a summary of certain embodiments of the invention. This summary is not intended to identify key or critical elements of all embodiments nor delineate the scope of any or all embodiments. Its sole purpose is to present certain concepts and elements of one or more embodiments in a summary form as a prelude to the more detailed description that follows. Embodiments of the present invention address the above needs and/or achieve other advantages by providing apparatuses (e.g., a system, computer program product and/or other devices) and methods for generating consolidated resource access control data in an electronic network. The system embodiments may comprise one or more memory devices having computer readable program code stored thereon, a communication device, and one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer readable program code to carry out the invention. In computer program product embodiments of the invention, the computer program product comprises at least one non-transitory computer readable medium comprising computer readable instructions for carrying out the invention. Computer implemented method embodiments of the invention may comprise providing a computing system comprising a computer processing device and a non-transitory computer readable medium, where the computer readable medium comprises configured computer program instruction code, such that when said instruction code is operated by said computer processing device, said computer processing device performs certain operations to carry out the invention. In some embodiments, the present invention identifies one or more entity resources associated with an entity, gathers access characteristics associated with the one or more entity resources from one or more third party entity systems, consolidates the access characteristics gathered from the one or more third party entity systems, parsing the consolidated access characteristics, via a data parsing application, to generate parsed data, auto-populates a matrix in a storage system based on the parsed data, and generates resource access control data associated with the one or more entity resources and the one or more third party entity systems based on auto-populated data from the matrix. In some embodiments, the present invention receives the access characteristics from the one or more third party systems in a JSON format. In some embodiments, parsing the consolidated access characteristics comprises converting the consolidated access characteristics from JSON format to a storage format accepted by the storage system. In some embodiments, the matrix is a database table. In some embodiments, the present invention generates the resource access control data, wherein the resource access control data comprises at least one of type of access, classification of the access existence of privilege, and provisioning information. In some embodiments, the present invention implements one or more actions based on the resource access control data, wherein the one or more actions comprise at least one of revoking pre-authorized access to the one or more entity resources, granting access to the one or more entity resources, and revising existing access to the one or more entity resources. In some embodiments, the present invention automatically transmits the resource access control data to one or more entity systems associated with the entity. The features, functions, and advantages that have been discussed may be achieved independently in various embodiments of the present invention or may be combined with yet other embodiments, further details of which can be seen with reference to the following description and drawings. BRIEF DESCRIPTION OF THE DRAWINGS Having thus described embodiments of the invention in general terms, reference will now be made the accompanying drawings, wherein: FIG. 1 provides a block diagram illustrating a system environment for generating consolidated resource access control data in an electronic network, in accordance with an embodiment of the invention; FIG. 2 provides a block diagram illustrating the entity system 200 of FIG. 1, in accordance with an embodiment of the invention; FIG. 3 provides a block diagram illustrating an access control data generation system 300 of FIG. 1, in accordance with an embodiment of the invention; FIG. 4 provides a block diagram illustrating the computing device system 400 of FIG. 1, in accordance with an embodiment of the invention; and FIG. 5 provides a process flow for generating consolidated resource access control data in an electronic network, in accordance with an embodiment of the invention. DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION Embodiments of the p