Germany | Bayern

Zurück zur Suche

Internationale Partnersuche

Innovation & Technologie Anfrage

Seeking AI and cyber-security researchers and business end-users to test/validate a new runtime authorisation tool for fine-tuning access control

Country of Origin: United Kingdom
Reference Number: TRUK20210308001
Publication Date: 8 March 2021

Summary

A UK company has developed a software tool that provides flexible authorisation using machine learning (ML) powered suggestions. The technology addresses identity & access management issues using artificial intelligence-driven runtime/dynamic authorization to quicken the granting/denial of access to sensitive information. They are seeking academics or companies working on AI/ML applications to define the specifications and/or end users to test the prototype via technical cooperation agreements.

Description

Knowing if the right people have the right access to the right things, under the right conditions, is very tricky. 

The well-established products in the area of Runtime Authorization to support modelling policies follow a model and language that are very complex and difficult to use, resulting in policies that are chaotic and complex, thus hard to write, manage and analyse.

A UK company has developed a solution - a novel Runtime Authorization (sometimes called Dynamic Authorization) software tool, that centralises and models fine-grained access control (aka authorisation) policies, defining “who” has access to “what” sensitive resources in an organisation and under “which” conditions that access applies, taking into account time, location, and other session/context-relevant runtime information. (The tool sits in a niche area of the Identity & Access Management domain, itself a branch of cybersecurity.)

The UK company's product uses a new access control model that is category-based to simplify the administration and analysis of access policies from the ground-up. It also uses ML-powered suggestions to automatically generate and suggest improvements to access policies, thus efficiently optimising organisational security.

The product provides the simplest and most efficient method for writing and managing fine-grained access policies, which tend to be complex and chaotic. Specifying and understanding that the right people have access to the right things under the right conditions is simplified beyond all existing products.

They are seeking both researchers and end-users to help define the technical requirements and test the prototype respectively, via technical cooperation agreements. The researchers may be in industry or academia and be working with AI (artificial intelligence)/ML techniques or applications, and the end-user companies could be in a range of sectors but should have fine-grained access policies needing a runtime authorization tool.

Expertise sought

There are two strands of innovation in the company's product that require definition and testing. Firstly, the company have created a new access control model, Category-Based Access Control, designed with university researchers. It is a simplified model for writing complex policies, that maps directly to a graph structure. It allows for users and resources to be placed into categories, a more open concept than the limited one of a role (as in the well-known Role-Based Access Control model), whilst using attributes to specify complex fine-grained conditions under which these placements apply. 

The second innovation strand is the usage of ML in the area of Runtime Authorization with fine-grained access policies. The company believe it will be the first product to provide ML-powered suggestions to improve fine-grained access control policies, automatically detecting missing or erroneous access, and the conditions under which they apply, thus optimising organisational security.

Stage Of Development

Under development/lab tested

Requested partner

Type: 1. Researchers (industry or academia)
2. Industry

Activity:
1. Research into AI/ML (preferably with experience in cyber-security)
2. End users i.e., organisations with fine-grained access policies needing a runtime authorization tool

Specific role of partner/s sought:
1. Define the technical specification of the ML-powered suggestions of the product.
2. Test the prototype versions of the product and help shape the outcome

Cooperation offer ist closed for requests