24 patents
Utility
Systems and methods for processing access permission type-specific access permission requests in an enterprise
18 Jul 23
A system including a processor and a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer to process access permission type-specific access permission requests from enterprise users in an enterprise, the system including access permission type-specific access permission request receiving functionality operable for receiving at least one request for at least one access permission type-specific access permission of at least one user to at least one data element in the enterprise, and access permission type-specific access permission request output providing functionality operable for employing information pertaining to ones of the enterprise users having similarities to the at least one user with respect to at least the access permission type-specific access permission to the data elements in order to provide an output indication of perceived appropriateness of grant of the request.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir, David Bass
Filed: 20 Jul 16
Utility
Automatic resource ownership assignment systems and methods
14 Mar 23
An automatic resource ownership assignment system, the system including resource ownership indicators definition functionality operative to allow an operator of the system to define resource ownership indicators, automatic resource ownership recommendation functionality operative to provide, to at least one user of the system, a recommendation to assign ownership of at least one resource to a potential owner, based on the resource ownership indicators, and automatic resource ownership assignment functionality which, responsive to predetermined at least partial approval of the at least one recommendation by the at least one user and approval of said at least one recommendation by the potential owner, is operative to automatically assign ownership of the at least one resource to the potential owner.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
Filed: 11 Aug 14
Utility
In-advance indexing
21 Feb 23
A method for in-advance obtaining properties of objects of a computerized system, the method comprising receiving a request for properties of a first object, and responsively providing the requested properties along with properties of an at least one another object that are similar to the properties of the first object, wherein the properties of the at least one another object are similar to the properties of the first object by having at least one element of properties that are common therebetween, and wherein the method is carried out by an at least one apparatus component of the computerized system, and an apparatus for performing the same.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
Filed: 5 Nov 13
Utility
On-demand indexing
1 Nov 22
A method for indexing objects in a computerized system having an index, comprising identifying in the computerized system an at least one indexed object that meets an at least one criterion related to contents of the at least one indexed object, detecting an at least one non-indexed object having a property similar to an at least one property of the at least one indexed object that was identified, and indexing the at least one non-indexed object in the index, wherein the method is performed by the computerized system, and an apparatus for performing the same.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
Filed: 19 Oct 20
Utility
Audit Log Enhancement
6 Oct 22
A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.
Yakov FAITELSON
Filed: 17 Jun 22
Utility
Method and system for managing personal digital identifiers of a user in a plurality of data elements
12 Jul 22
A method for managing personal digital identifiers of a user in data elements stored in a computerized system may include receiving personal digital identifiers for identifying a user.
Yakov Faitelson, Ophir Kretzer-Katzir, David Bass
Filed: 20 Mar 19
Utility
Systems and methods for preventing excess user authentication token utilization conditions in an enterprise computer environment
12 Jul 22
A system for preventing an excess user authentication token utilization condition in an enterprise computer environment, the system including an excess user authentication token utilization condition predictor operable for calculating a number of additional group memberships of each of the enterprise users that can be expected to result in an excess user authentication token utilization condition, a group membership estimator operable, for each the enterprise user, for estimating a number of additional group memberships of the enterprise user that will be created by an anticipated activity, and an anticipated excess user authentication token utilization condition alerter operable, before initiation of the anticipated activity, for providing an alert if the anticipated activity can be expected to result in an excess user authentication token utilization condition.
Yakov Faitelson, Ophir Kretzer-Katzir
Filed: 3 Oct 18
Utility
Audit log enrichment
19 Apr 22
A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.
Yakov Faitelson
Filed: 28 Oct 20
Utility
Data tagging
5 Oct 21
A method for characterizing data elements in an enterprise including ascertaining at least one of an access metric and a data identifier for each of a plurality of data elements and employing the at least one of an access metric and a data identifier to automatically apply a metatag to ones of the plurality of data elements.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir, David Bass
Filed: 15 Apr 19
Utility
Data classification
22 Jun 21
A method for managing data in an enterprise by identifying data of interest from among a multiplicity of data elements in an enterprise, the method including characterizing data of interest at least by at least one non-content based data identifier thereof and at least one access metric thereof, the at least one access metric being selected from data access permissions and actual data access history and selecting data of interest by considering only data elements from among the multiplicity of data elements which have the at least one non-content based data identifier thereof and the at least one access metric thereof.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir, David Bass
Filed: 3 Jul 18
Utility
Audit log enhancement
8 Jun 21
A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.
Yakov Faitelson
Filed: 1 Jun 17
Utility
On-demand Indexing
4 Feb 21
A method for indexing objects in a computerized system having an index, comprising identifying in the computerized system an at least one indexed object that meets an at least one criterion related to contents of the at least one indexed object, detecting an at least one non-indexed object having a property similar to an at least one property of the at least one indexed object that was identified, and indexing the at least one non-indexed object in the index, wherein the method is performed by the computerized system, and an apparatus for performing the same.
Yakov FAITELSON, Ohad KORKUS, Ophir KRETZER-KATZIR
Filed: 19 Oct 20
Utility
Managing a collaboration of objects via stubs
30 Nov 20
A computerized method for managing a collaboration of objects via stubs may include a computerized apparatus linked to a computerized system and configured to intercept an outgoing communication including an object, to identify an instance of the object in a storage of the computerized system, to generate a stub of the instance of the object specifying a location of the identified instance the object in the storage of the computerized device, to replace the object in the outgoing communication with the stub, and to send the outgoing communication including the stub to a recipient.
Yakov Faitelson, Ophir Kretzer-Katzir, David Bass
Filed: 26 Mar 19
Utility
Audit log enhancement
30 Nov 20
A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.
Yakov Faitelson
Filed: 6 Nov 17
Utility
Access Permissions Management System and Method
21 Oct 20
A system for providing bi-directional visualization of authority of users over SACs in an enterprise-wide network, the system including functionality for providing user-wise visualization of the authority of a given user over at least one SAC in respect of which the user has authority, and functionality for providing SAC-wise visualization for a given SAC of the authority of at least one user over the given SAC.
Yakov FAITELSON, Ohad KORKUS, Ophir KRETZER-KATZIR
Filed: 28 Jun 20
Utility
On-demand indexing
19 Oct 20
A method for indexing objects in a computerized system having an index, comprising identifying in the computerized system an at least one indexed object that meets an at least one criterion related to contents of the at least one indexed object, detecting an at least one non-indexed object having a property similar to an at least one property of the at least one indexed object that was identified, and indexing the at least one non-indexed object in the index, wherein the method is performed by the computerized system, and an apparatus for performing the same.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
Filed: 7 Nov 17
Utility
Managing a Collaboration of Objects Via Stubs
30 Sep 20
A computerized method for managing a collaboration of objects via stubs may include a computerized apparatus linked to a computerized system and configured to intercept an outgoing communication including an object, to identify an instance of the object in a storage of the computerized system, to generate a stub of the instance of the object specifying a location of the identified instance the object in the storage of the computerized device, to replace the object in the outgoing communication with the stub, and to send the outgoing communication including the stub to a recipient.
Yakov FAITELSON, Ophir Kretzer-Katzir, David Bass
Filed: 26 Mar 19
Utility
Method and System for Managing Personal Digital Identifiers of a User In a Plurality of Data Elements
23 Sep 20
A method for managing personal digital identifiers of a user in data elements stored in a computerized system may include receiving personal digital identifiers for identifying a user.
Yakov FAITELSON, Ophir KRETZER-KATZIR, David BASS
Filed: 19 Mar 19
Utility
Access permissions management system and method
20 Jul 20
A system for providing bi-directional visualization of authority of users over SACs in an enterprise-wide network, the system including functionality for providing user-wise visualization of the authority of a given user over at least one SAC in respect of which the user has authority, and functionality for providing SAC-wise visualization for a given SAC of the authority of at least one user over the given SAC.
Yakov Faitelson, Ohad Korkus, Ophir Kretzer-Katzir
Filed: 23 Nov 11
Utility
Method and apparatus for authentication of file read events
4 May 20
A computerized method and apparatus for distinguishing between false positive read events and true positive events of reading a file, comprising determining an amount of date read from the file, in case the amount of data exceeds a threshold generating a true positive read event, otherwise generating a false positive read event in case a decision condition is met, and an apparatus to carry out the same.
Yakov Faitelson, Ohad Korkus, David Bass, Yzhar Kaysar, Doron Goldstein, Oren David
Filed: 25 Mar 17