公开(公告)号：US11645384B2

公开(公告)日：2023-05-09

申请号：US17190760

申请日：2021-03-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  John Howard Kling

IPC: G06F21/54 ,  G06F21/31 ,  G06F21/60

CPC classification number: G06F21/54 ,  G06F21/31 ,  G06F21/604

Abstract: A system is provided for electronic data obfuscation and protection using independent destructible data objects. The system may split a set of data into a data portion and a key portion, where the data portion may be stored in a database separately from the key portion. The data portion may further comprise a set of executable code for a time or iteration based destructible data object, where the data object may incrementally decrease a countdown value based on the passage of time and/or iterations. If the countdown value reaches a threshold value without being refreshed, the data object may automatically execute one or more processes to protect the set of data. In this way, the system provides a secure way to prevent unauthorized access to sensitive data.

公开(公告)号：US20220284125A1

公开(公告)日：2022-09-08

申请号：US17190760

申请日：2021-03-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  John Howard Kling

IPC: G06F21/62 ,  G06F21/31 ,  G06F21/54 ,  G06F1/14

Abstract: A system is provided for electronic data obfuscation and protection using independent destructible data objects. The system may split a set of data into a data portion and a key portion, where the data portion may be stored in a database separately from the key portion. The data portion may further comprise a set of executable code for a time or iteration based destructible data object, where the data object may incrementally decrease a countdown value based on the passage of time and/or iterations. If the countdown value reaches a threshold value without being refreshed, the data object may automatically execute one or more processes to protect the set of data. In this way, the system provides a secure way to prevent unauthorized access to sensitive data.

公开(公告)号：US10986097B2

公开(公告)日：2021-04-20

申请号：US15966982

申请日：2018-04-30

Applicant: Bank of America Corporation

Inventor： Brandon Sloane ,  Brian Diederich ,  John Howard Kling

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  H04L9/32 ,  H04L9/06 ,  G06F16/23

Abstract: An access control system may include one or more computer processors; a memory, wherein the memory comprises an entitlement database of a resource access manager; a network communication device; and an access control module stored in the memory, executable by the one or more computer processors. The access control module may be configured to: perform the steps of: receiving a request to add one or more entitlement data records to a distributed electronic ledger; validating the one or more entitlement data records; appending the one or more entitlement data records to the distributed electronic ledger; and verifying a first entitlement data record stored in the entitlement database by comparing the first entitlement data record with a first corresponding entitlement data record stored in the distributed electronic ledger, wherein the first entitlement data record and first corresponding entitlement data record are both associated with a first user.

公开(公告)号：US20250112941A1

公开(公告)日：2025-04-03

申请号：US18376130

申请日：2023-10-03

Applicant: BANK OF AMERICA CORPORATION

Inventor： John Howard Kling ,  Charles Edward Dudley ,  Jason T. Yeung

IPC: H04L9/40

Abstract: Systems, methods, and computer program products are provided herein for data security model modification and anomaly detection. An example method includes receiving a model input associated with one or more data entries of a data security model and accessing the data security model. The data security model includes a plurality of data objects including one or more data entries where each data object defines an associated model level indicative of the hierarchical position of the data object within the data security model and one or more links between the data objects that define data object interdependency parameters. The example method further includes determining one or more data objects of the data security model implicated by the model input and modifying one or more data entries of the one or more implicated data objects of the data security model in response to the model input.

公开(公告)号：US20230259613A1

公开(公告)日：2023-08-17

申请号：US18125420

申请日：2023-03-23

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  John Howard Kling

IPC: G06F21/54 ,  G06F21/31 ,  G06F21/60

CPC classification number: G06F21/54 ,  G06F21/31 ,  G06F21/604

Abstract: A system is provided for electronic data obfuscation and protection using independent destructible data objects. The system may split a set of data into a data portion and a key portion, where the data portion may be stored in a database separately from the key portion. The data portion may further comprise a set of executable code for a time or iteration based destructible data object, where the data object may incrementally decrease a countdown value based on the passage of time and/or iterations. If the countdown value reaches a threshold value without being refreshed, the data object may automatically execute one or more processes to protect the set of data. In this way, the system provides a secure way to prevent unauthorized access to sensitive data.

公开(公告)号：US20220358148A1

公开(公告)日：2022-11-10

申请号：US17315583

申请日：2021-05-10

Applicant: BANK OF AMERICA CORPORATION

Inventor： Brandon Sloane ,  John Howard Kling

IPC: G06F16/28 ,  G06F16/23

Abstract: Embodiments of the present invention provide a system for analyzing and correlating layered electronic data logs for monitored events on a network. The system is configured for identifying one or more entity resources associated with an entity, continuously monitoring the one or more entity resources, identifying at least a first event and a second event associated with at least one entity resource of the one or more entity resources, and performing a correlation analysis at the entity resource prior to transferring the data to a centralized data lake. In this way, the system streamlines the process for correlative analysis by performing resource heavy analysis at the edge of the network and later consolidating such data for further review.

公开(公告)号：US20200322133A1

公开(公告)日：2020-10-08

申请号：US16376314

申请日：2019-04-05

Applicant: Bank of America Corporation

Inventor： John Howard Kling ,  Paul E. Foshee

IPC: H04L9/06 ,  H04L9/08

Abstract: Embodiments of the present disclosure provide a system for data characterization and tracking via cohesive information units. In particular, the system may be structured to define a cohesive information unit (“CIU”) which may serve as the fundamental functional unit that serves as the basis for data electronically stored, transferred, modified, and/or copied within computing systems. Each CIU may be electronically associated with metadata which serves to identify the CIU as the CIU is stored and/or in motion. Rather than allowing applications and/or users to change the data within the CIU directly, the system may write subsequent CIU's to reflect proposed changes by the applications and/or users. In this way, the system provides a secure and reliable way to maintain authenticity of data within the entity system.

公开(公告)号：US20190253427A1

公开(公告)日：2019-08-15

申请号：US15895763

申请日：2018-02-13

Applicant: Bank of America Corporation

Inventor： John Howard Kling ,  Brandon Sloane ,  Regina Yee Cadavid ,  Rachel Yun Kim Bierner ,  Ronald James Kuhlmeier

IPC: H04L29/06 ,  G06F21/60 ,  G06F3/06

CPC classification number: H04L63/102 ,  G06F3/0622 ,  G06F21/604 ,  H04L63/101 ,  H04L63/104

Abstract: A vertically integrated access control system may store in a database data records corresponding to the interfaces, access control rules, and computing resources of an information system, as well as data records for entity capabilities. Data records for related interfaces, access control rules, computing resources, and entity capabilities may be linked. Using the database, the system may determine the entity capabilities that can be performed based on an existing user entitlement. If the entity capabilities include a flagged combination of entity capabilities, the system may perform an information security action to remediate the flagged combination. The system may use the database to form vertically integrated access units. The vertically integrated access units may be used to form user entitlements. The system may continuously monitor whether any proposed configurations would create a flagged combination of entity capabilities, and if so take an action to prevent such flagged combination.

公开(公告)号：US20190114369A1

公开(公告)日：2019-04-18

申请号：US15786153

申请日：2017-10-17

Applicant: Bank of America Corporation

Inventor： Brandon Sloane ,  John Howard Kling ,  Ronald James Kuhlmeier

IPC: G06F17/30 ,  G06F21/62 ,  G06F21/31

Abstract: The invention provides a multidimensional graph database with property and relationship subclasses. In comparison to current graph database technology, which only allows for the creation of nodes, relationships, and properties for the nodes and relationships, the new multidimensional graph database treats properties as a separate object class. In this way, each property may in turn have one or more of its own properties and/or relationships to other nodes, relationships, or properties. The system is able to add as many layers of properties and relationships as needed to precisely represent the data as well as the relationships between and/or amongst the data. By extending the graph database schema beyond the conventional bounds, the multidimensional graph database increases the efficiency of database queries while simultaneously increasing the depth and quality of the data produced by the search queries.

公开(公告)号：US11973776B2

公开(公告)日：2024-04-30

申请号：US17238774

申请日：2021-04-23

Applicant: BANK OF AMERICA CORPORATION

Inventor： John Howard Kling ,  Charles Edward Dudley

IPC: G06F21/00 ,  G06N20/00 ,  H04L9/40

CPC classification number: H04L63/1425 ,  G06N20/00

Abstract: An enterprise-wise means for determining monitoring requirements for technology resources, such as, software, hardware, firmware, network or the like and implementing the monitoring. Artificial Intelligence (AI) is implemented to determine monitoring requirements based on characteristics of the technology resource that is to be monitored. In this regard, the characteristics of the technology resource serve to define the problem(s), such as cyber threats and/or performance issues that the technology resource currently faces or will face in the future. By determining the monitoring requirements based on the technology resource's characteristics, including the technological environment, the invention serves to describe what needs to be monitored in terms of the problems that the technology resource currently faces or will face.