公开(公告)号：US11489839B2

公开(公告)日：2022-11-01

申请号：US16264624

申请日：2019-01-31

Applicant: salesforce.com, inc.

Inventor： Sneha Krishna Sankavaram ,  Hui Fung Herman Kwong

IPC: H04L9/40 ,  G06F16/955 ,  G06K9/62 ,  G06N20/00

Abstract: Clustering-based machine learning is utilized to generate and update permissions data in a computing system. The computing system logs permissions-related user activity for users of the system over time. Feature vectors are generated for the users based on the logs, where each feature corresponds to a specific permission or permission-related operation of the system. A clustering-based learning algorithm analyzes the feature vectors and generates clusters of similar users based on their feature vectors. The permissions of the users may be updated to reflect attributes of the clusters to which they were assigned. For example, the clusters may be utilized to seed and/or update access control groups or other permissions-related user groups in the system. Or, some or all permissions not used by any users within a cluster over a recent period of time may be automatically removed from any user in the cluster.

公开(公告)号：US20200252405A1

公开(公告)日：2020-08-06

申请号：US16264624

申请日：2019-01-31

Applicant: salesforce.com, inc.

Inventor： Sneha Krishna Sankavaram ,  Hui Fung Herman Kwong

IPC: H04L29/06 ,  G06N20/00 ,  G06K9/62 ,  G06F16/955

Abstract: Clustering-based machine learning is utilized to generate and update permissions data in a computing system. The computing system logs permissions-related user activity for users of the system over time. Feature vectors are generated for the users based on the logs, where each feature corresponds to a specific permission or permission-related operation of the system. A clustering-based learning algorithm analyzes the feature vectors and generates clusters of similar users based on their feature vectors. The permissions of the users may be updated to reflect attributes of the clusters to which they were assigned. For example, the clusters may be utilized to seed and/or update access control groups or other permissions-related user groups in the system. Or, some or all permissions not used by any users within a cluster over a recent period of time may be automatically removed from any user in the cluster.