公开(公告)号：US20220253545A1

公开(公告)日：2022-08-11

申请号：US17173027

申请日：2021-02-10

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Jinyoung Nathan Kim ,  Adriana Tache ,  Charles Edward Dudley

IPC: G06F21/62 ,  G06F21/31

Abstract: Systems, computer program products, and methods are described herein for implementing multi-dimensional data obfuscation. The present invention is configured to electronically receive, from a computing device of a user, a request to implement a multi-dimensional data obfuscation on a first database; initiate a data obfuscation engine on the first database based on at least receiving the request, wherein initiating further comprises: determining one or more data types associated with the one or more data artifacts; determining one or more exposure levels of the one or more data artifacts; retrieving, from a data obfuscation repository, one or more data obfuscation algorithms; and implementing the one or more data obfuscation algorithms on the one or more data artifacts based on at least the one or more data types; and generate an obfuscated first database based on at least initiating the data obfuscation engine on the first database.

公开(公告)号：US20220253464A1

公开(公告)日：2022-08-11

申请号：US17172994

申请日：2021-02-10

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  Jinyoung Nathan Kim ,  Adriana Tache ,  Charles Edward Dudley

IPC: G06F16/28 ,  G06F21/31 ,  G06F21/62 ,  G06F16/22

Abstract: Systems, computer program products, and methods are described herein for identification of obfuscated electronic data through placeholder indicators. The present invention is configured to electronically receive, from a computing device of a user, a request to obfuscate one or more data artifacts stored on a first database; retrieve, from a data obfuscation repository, one or more data obfuscation algorithms; implement the one or more data obfuscation algorithms on the one or more data artifacts; generate one or more placeholder indicators identifying the one or more data obfuscation algorithms implemented on the one or more data artifacts; create one or more data fields corresponding to the one or more masked data artifacts on the first database; store the one or more placeholder indicators in the one or more data fields; and update the first database with the one or more masked data artifacts and the one or more placeholder indicators.

公开(公告)号：US20220229913A1

公开(公告)日：2022-07-21

申请号：US17149878

申请日：2021-01-15

Applicant: BANK OF AMERICA CORPORATION

Inventor： Nia Mack ,  Brandon Sloane

IPC: G06F21/60 ,  G06F16/27 ,  G06F16/2455 ,  G06F16/22 ,  G06F21/62

Abstract: A system is provided for securing electronic data by aggregation of distributed electronic database entries. The system may comprise two or more data repositories that may be logically and/or physically separated from one another. Incoming data may be split into multiple parts that may be stored in a distributed manner across the two or more data repositories. Each of the parts of the incoming data may be associated with an identifier and/or a sequence number such that the system, upon receiving a user query for such data, may aggregate the individual parts of the data in the correct sequence. In some embodiments, the system may further use an obfuscation algorithm to apply randomized values to the identifiers and/or sequence numbers and track the operations performed in an obfuscation log. In this way, the system may provide a way to securely store and retrieve data to prevent unauthorized access.

公开(公告)号：US20220217158A1

公开(公告)日：2022-07-07

申请号：US17143385

申请日：2021-01-07

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane

IPC: H04L29/06

Abstract: A system is provided for detecting and remediating computing system breaches using computing network traffic monitoring. In particular, the system may identify one or more computing systems within a network as well as relationships between such computing systems to determine a network topology. Based on the network topology, the system may use historical network traffic data associated with the computing systems in the network to generate predicted entry points and lateral pathways of a security breach that may take place within particular computing systems. Then, based on the computing systems affected as well as entry points and path traversals of the breach, the system may generate and/or implement one or more remediation steps to address existing and/or future breaches. In this way, the system may provide an intelligent method of augmenting the security of a computing network.

公开(公告)号：US11334662B2

公开(公告)日：2022-05-17

申请号：US16928843

申请日：2020-07-14

Applicant: Bank of America Corporation

Inventor： Vijaya L. Vemireddy ,  Brandon Sloane ,  Harvey Summers ,  Eileen D. Bridges

IPC: G06F21/50 ,  G06F21/32 ,  G06F21/70 ,  G06F21/60 ,  G06F1/14 ,  G06F21/31

Abstract: A method of enhancing travel security features associated with a mobile device is provided. The method may include operating a time clock to store a start device confiscation time in a memory and to store an end device confiscation time in the memory, monitoring the mobile device to detect tampering occurring between the start device confiscation time and the end device confiscation time, and in response to the detecting of tampering, prompting the user for a secure identifier. Upon receipt of the secure identifier, the method may include opening a secure i/o pathway to a re-image file. The secure i/o pathway preferably enables execution of an executable re-image file. The re-image file may be used to re-image a software image of the mobile device. The re-image file may contain a pre-tampered image of the mobile device.

公开(公告)号：US20220116380A1

公开(公告)日：2022-04-14

申请号：US17070457

申请日：2020-10-14

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane

IPC: H04L29/06

Abstract: A system is provided for increasing authentication complexity for access to online systems. In particular, the system may use a hidden or obscured method for creating and enforcing a multi-factor authentication scheme. In this regard, the system may introduce authentication logic to a particular application in the network environment such that one or more “invalid” login credentials are generated by a local agent using a pre-shared key and/or algorithm. A back-end authentication system may be calculate its own set of “invalid” login credentials based on the same pre-shared key and/or algorithm, then subsequently compare the calculated incorrect credentials with the incorrect login credentials received from the local agent. If a match is detected, the system may permit a valid set of authentication credentials to be provided to authorize access to the target application and/or online system.

公开(公告)号：US20220066860A1

公开(公告)日：2022-03-03

申请号：US17007185

申请日：2020-08-31

Applicant: Bank of America Corporation

Inventor： Brandon Sloane ,  Adriana Tache

IPC: G06F11/07 ,  G06F16/2458 ,  G06F16/53 ,  G06F21/55

Abstract: A system is provided for resolution of technical issues using computing system-specific contextual data. In particular, the system may comprise a software-based automated security agent that may run in the memory of a computing system within a network. The security agent may continuously monitor the computing system to capture precise information about the computing system at all points in time. When the computing system encounters a technical issue, the system may then use the data collected by the security agent to execute a search within a resolution database to provide a solution to the technical issue. In some embodiments, the system may further comprise a remediation engine which may cause the security agent to automatically implement the solution. In this way, the system provides an expedient way to resolve technical issues in computing systems within the network environment.

公开(公告)号：US20220005037A1

公开(公告)日：2022-01-06

申请号：US17477660

申请日：2021-09-17

Applicant: Bank of America Corporation

Inventor： Monika Kapur ,  Kevin A. Delson ,  Brandon Sloane ,  Siten Sanghvi ,  Albena N. Fairchild ,  John Ryan Bowling

IPC: G06Q20/40 ,  G06Q20/24 ,  G06Q20/32 ,  G06Q20/20

Abstract: Apparatus and methods are provided for executing a rules-based authentication of an electronic transaction. The method may include receiving first and second payment authorization parameters and second payment authorization parameters. The method may also include receiving from a Point of Sale device a request for payment information and a purchase amount. The method may also include, determining if first or second parameters are satisfied. The first parameters may include a first time range, a pairing of the electronic device to a first apparatus, a first geolocation of the electronic device, and a first maximum transaction value. The second parameters may include a second time range, a pairing of the electronic device to a second apparatus, a second geolocation of the electronic device, and a second maximum transaction value, wherein the second time range does not include the first time range.

公开(公告)号：US11165787B2

公开(公告)日：2021-11-02

申请号：US16550764

申请日：2019-08-26

Applicant: Bank of America Corporation

Inventor： Brandon Sloane ,  Lydia Lambright

IPC: H04L29/06

Abstract: A system provides for authorization of data access and processing functions within a distributed server network using a delegated proof-of-stake consensus mechanism. In particular, the system may use assign authorization levels to each node within the network environment. Certain actions or processes performed within the network (e.g., potentially damaging actions) may require that the node proposing the action meets a threshold authorization level before authorizing the action. The system may further increase or decrease authorization levels for each node depending on the outcomes of the proposed actions. In this way, the system may provide a secure way to authorize certain actions or processes taken within a computing environment.

公开(公告)号：US20210336958A1

公开(公告)日：2021-10-28

申请号：US16856316

申请日：2020-04-23

Applicant: Bank of America Corporation

Inventor： Brandon Sloane ,  Michael Thomas Malarkey

IPC: H04L29/06 ,  G06F16/901 ,  G06N20/00

Abstract: A system for identifying and remediating data exfiltration paths is provided. In particular, the system may generate a map of the network environment which identifies all of the possible pathways and the steps of such pathways through which sensitive data may be exfiltrated. The system may then evaluate the potential impact associated with each exfiltration pathway and generate a prioritization scheme which may sort the pathways by their potential impacts. Based on the prioritization scheme, the system may, via a machine learning engine, provide one or more remediation processes that may be executed to reduce the chance of data exfiltration through certain potentially high-impact pathways.