Cobalt Iron has been awarded a patent for its machine-learning-driven authentication control. Technology based on the patent (US Patent 11310237) is exposed through new capabilities in Cobalt Iron Compass, an enterprise SaaS backup platform.
Richard Spurlock, CEO and founder of Cobalt Iron, said, “Today’s authentication control practices can’t keep up with continually changing business environments, and that can easily lead to security risks.
“The novel techniques in this patent use extensive data collection, analytics, and machine learning to adjust user authentication and access to IT resources dynamically based on environmental events and operational outcomes. Not only does this mean that IT infrastructures and business security controls become more intelligent over time, but they automatically adjust themselves to continue meeting business security and safety needs.”
What makes this patent interesting?
One of the big challenges for organisations is managing authentication controls. Users acquire access to systems over time but rarely lose that access. Monitoring access is based on the false assumption that just because a user has authenticated access to a resource, they are entitled to that access.
It is not only users that have excessive and unmanaged access. Software, servers, services, IoT devices, OT technology, printers, etc, all have authentication rights to work. Historically, IT simply raised the level of rights for those objects when there was an access problem. Once they worked, those rights were not revoked ostensibly to keep them working.
The problem for IT is that there is no automated system for revoking unused or unwanted rights. Instead, it is left to manual processes that, in many companies, are severely broken. The result is a system that is a major security risk.
What Cobalt Iron has done is bring the ability of machine learning to authentication management. The ML solution monitors the use of authentication controls over time. It will learn from what has happened with past controls. But will this add to the problem, given how those past controls have worked?
Iron Cobalt says no. It says that the technology will “automatically adjust authorization controls based on conditions, events, project status, access activities, etc. This eliminates the pervasive security exposures of obsolete, and unresponsive authorization controls and makes the entire IT infrastructure more secure and more intelligent.”
What techniques are being used?
According to the Cobalt Iron press release, several key techniques are detailed in the patent. They include:
- Collect training data, including environmental event data, permission access patterns of users, access control duration data, security events and alerts, project data, cyber event information, security event logs, data protection operational results, and such.
- Analyze training data to determine the effectiveness of authentication controls during previous conditions and events.
- Generate ML rules to potentially adjust authentication controls during future conditions and events.
- Monitor for various conditions and events, including environmental events.
- Dynamically adjust user authentication privileges based on generated ML rules.
- Modify durations of user authentication privilege adjustments responsive to generated ML rules.
Enterprise Times: What does this mean?
For decades, the IT industry has talked about the risk of elevated permissions and poor authentication controls. Yet the problem persists despite the money spent on tools. The question here is, can this really solve the authentication problem?
How will the ML determine if an object – user, devices, software – has excessive authentication permissions? That is not clear from the patent, or the information Cobalt Iron has provided so far.
From what Cobalt Iron has published, the initial impact will be seen in authentication rights granted to solve a temporary incident. The ML will be able to see the pre-incident rights, those granted during the incident, and when it determines conditions are back to normal, it can reduce those rights. This alone is a major step forward because it should limit authentication creep.
It will be interesting to see how it widens the capabilities of the ML to determine excess authentication rights on a wider scale. Could it learn from a user’s behaviour what they access and what they don’t over time? Could it then use that to start cleaning up permissions and privileges? If so, it will have solved one of the seemingly intractable problems of system administration and improved security.