公开(公告)号：GB2474093A

公开(公告)日：2011-04-06

申请号：GB201012250

申请日：2010-07-21

Applicant: BANK OF AMERICA

Inventor： RICHARDS PHILLIP L ,  ANDERSEN DAVID M ,  RENFRO CHADWICK R ,  HIGGINS CHRISTOPHER P

IPC: G06F21/00 ,  G06Q10/00

Abstract: Embodiments of the invention are directed to apparatus and a method configured to calculate 1530 an indicator of the likelihood that an entitlement exists in a first community relative to a second community. This calculation involves calculating a ratio 1536 of entitlement entities with an entitlement or entity type in the first community to entitlement entities with an entitlement or entity type in a second community. The calculated indicator is then used to determine 1550 the appropriateness of entitlements within the first community after a transfer of a person from the first community to the second.

公开(公告)号：HK1139769A1

公开(公告)日：2010-09-24

申请号：HK10105478

申请日：2010-06-03

Applicant: BANK OF AMERICA

Inventor： RENFRO CHADWICK R ,  HIGGINS CHRISTOPHER P

IPC: G06F20060101 ,  G06Q20060101

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for monitoring and/or controlling access to entitlements. For example, in one embodiment a computer program product is configured to periodically examine the members of a particular community in an organization and automatically identify members in the community that have access to software applications, datasets, or other organizational resources that are uncommon in the community, which may indicate that the member should not have access to the such resources. The computer program product of embodiments of the invention is also configured to automatically and periodically determine the resources that members of the same community should all probably have access to. As such, embodiments of the present invention allow an organization to more efficiently monitor and control access to its resources and other entitlements.

公开(公告)号：GB2460951A

公开(公告)日：2009-12-23

申请号：GB0910441

申请日：2009-06-17

Applicant: BANK OF AMERICA

Inventor： RENFRO CHADWICK R

IPC: G06F21/00 ,  G06F9/455

Abstract: A secure computer for secure transactions includes an operating system (212), a processor (206), an identity security module (211), and a loss protection device (210). The operating system has built-in security features. The processor is manufactured with security features and configured to execute software (213) in a virtualized state outside of the operating system. The computer may include at least one software module such as web browser configured to run in a virtualised state. The computer may further include monitoring and/or tracking applications configured to run in a virtualised environment for detecting suspicious behaviour during execution of programs on the computer and tracking security related events. The identity module may be biometric and the loss protection may comprise a hard disk lock. In a specific embodiment the computer may be used in an online banking (203) or e-commerce (204) transaction.

公开(公告)号：GB2461160B

公开(公告)日：2013-01-02

申请号：GB0910444

申请日：2009-06-17

Applicant: BANK OF AMERICA

Inventor： RENFRO CHADWICK R ,  HIGGINS CHRISTOPHER P

IPC: G06F21/60 ,  G06Q10/06

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for monitoring and/or controlling access to entitlements. For example, in one embodiment a computer program product is configured to periodically examine the members of a particular community in an organization and automatically identify members in the community that have access to software applications, datasets, or other organizational resources that are uncommon in the community, which may indicate that the member should not have access to the such resources. The computer program product of embodiments of the invention is also configured to automatically and periodically determine the resources that members of the same community should all probably have access to. As such, embodiments of the present invention allow an organization to more efficiently monitor and control access to its resources and other entitlements.

公开(公告)号：GB2461160A

公开(公告)日：2009-12-30

申请号：GB0910444

申请日：2009-06-17

Applicant: BANK OF AMERICA

Inventor： RENFRO CHADWICK R ,  HIGGINS CHRISTOPHER P

IPC: G06Q10/00 ,  G06F21/00

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for managing a community's access to entitlements. In one embodiment a computer program is configured to periodically examine the members of a particular community in an organization and identify members in the community that have access to software applications, datasets, or other organizational resources that are uncommon or taboo in the community, which may indicate that the member should not have access to the such resources. The computer program is also configured to automatically and periodically determine the resources that members of the same community should all probably have access to, i.e. that are normal or common to the community. Thresholds are used to determine whether entitlements are normal and/or taboo.

公开(公告)号：GB2474091A

公开(公告)日：2011-04-06

申请号：GB201012234

申请日：2010-07-21

Applicant: BANK OF AMERICA

Inventor： RICHARDS PHILLIP L ,  ANDERSEN DAVID M ,  RENFRO CHADWICK R ,  HIGGINS CHRISTOPHER P

IPC: G06F21/00 ,  G06Q10/06 ,  G06Q10/10

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products configured to determine communities within an organization dynamically based on the distribution of entitlements within the organization. The procedure for determining entitlement eligible entities into communities may include a review of the one or more entitlements that each entitlement-eligible entity has in common with the other of the plurality of entitlement-eligible entities currently associated with each entity and may include computing a correlation matrix. The system is configured to examine the members of a particular community in an organisation and identify members in the community that have access to software applications, datasets or other organisational resources that are uncommon or taboo in the community, which may indicate that the member should not have access to the such resources. Thresholds may be used to determine whether entitlements are normal and/or taboo. In another embodiment the system may be configured to identify a portion of the plurality of entities based on a review of the one or more entitlements that each entity of the plurality of entities has in common with a pseudo-entity.

公开(公告)号：GB2464363A

公开(公告)日：2010-04-21

申请号：GB0910443

申请日：2009-06-17

Applicant: BANK OF AMERICA

Inventor： RENFRO CHADWICK R ,  LITTLE DOUGLAS RAY JR ,  TREADWELL WILLIAM S

IPC: G06F21/00

Abstract: A personal computer which is specifically designed to provide increased security for financial transactions handled over the Internet. The computer comprises a processor, a memory and a network communication interface configured to communicate with the Internet. The computer may be configured to search and identify sensitive information 501 in the memory and prompt the user 504 whether this information should be deleted 506. This searching may be based upon rules. The computer may further be configured to determine the computer's location when it is used to access the internet, determine whether this location is a known/permitted location, and send an electronic communication in the event that it is not.

公开(公告)号：WO2009018142A3

公开(公告)日：2009-04-16

申请号：PCT/US2008071174

申请日：2008-07-25

Applicant: BANK OF AMERICA ,  BARVE AJAY M ,  SANKARAN ARUN ,  RENFRO CHADWICK R ,  YOMINE DANIEL F ,  VAUGHAN ROBERT KEITH ,  GILLESPIE COREY S ,  SLOAN GREGG C

Inventor： BARVE AJAY M ,  SANKARAN ARUN ,  RENFRO CHADWICK R ,  YOMINE DANIEL F ,  VAUGHAN ROBERT KEITH ,  GILLESPIE COREY S ,  SLOAN GREGG C

IPC: G06F11/00

CPC classification number: G06Q40/02 ,  G06Q10/04 ,  G06Q10/06312 ,  G06Q10/06313 ,  G06Q10/0635

Abstract: A system and method for determining residual business risks by correlating threats, controls, business continuity factors, and other general risk considerations is described. Requirements of an initiative of a project are mapped to a taxonomy, and the mapped requirements are rated with respect to its importance to the project. Projected changes in the mapped requirements are forecasted over a specified period of time, such as an eighteen month period. A threat to the project is mapped to the taxonomy, and the mapped threat is rated with respect to its impact on the project. Projected changes in the effectiveness of the control are forecasted based upon historical data, a maturity rating, and the rated effectiveness of the control. Residual risk associated with the project is then determined, and adjustments to one or more resources associated with the project may be made to reduce the determined residual risk.

Abstract translation: 描述了通过关联威胁，控制，业务连续性因素和其他一般风险考虑来确定剩余业务风险的系统和方法。 将项目计划的要求映射到分类法，并根据其对项目的重要性评估映射要求。 在特定时间段内预测映射要求的预计变化，如十八个月。 对项目的威胁映射到分类法，并且对其对项目的影响的映射威胁进行了评级。 根据历史数据，成熟度评级和控制的评级有效性预测控制有效性的预测变化。 然后确定与项目相关的剩余风险，并且可以对与项目相关的一个或多个资源进行调整，以减少确定的剩余风险。