公开(公告)号：US08478708B1

公开(公告)日：2013-07-02

申请号：US12512970

申请日：2009-07-30

Applicant: Brenda Larcom

Inventor： Brenda Larcom

IPC: G06F9/44

CPC classification number: G06Q10/06 ,  G06Q10/10

Abstract: A system and method for determining the risk posed by a web user. The web user can be an individual, a department, a location, or an organization. The method includes the steps of capturing user generated web actions, and classifying the web actions under zero or more risk criteria. The risk criteria include one or more risk calculating and weighting factors. The method further includes the steps of calculating risk scores for the classified risk criteria, combining the calculated risk scores to obtain a total risk score, assigning a qualitative value to the total risk score, and reporting the total risk score. The reported total risk score can be used to enforce security policies based on the value of the risk scores.

Abstract translation: 用于确定网络用户构成的风险的系统和方法。 Web用户可以是个人，部门，位置或组织。 该方法包括以下步骤：捕获用户生成的web动作，并在零个或多个风险标准下对web动作进行分类。 风险标准包括一个或多个风险计算和加权因素。 该方法还包括计算分类风险准则的风险分数的步骤，将计算出的风险评分结合起来获得总风险评分，为总风险评分指定定性价值，并报告总风险评分。 报告的总风险评分可用于根据风险分数的值来实施安全策略。