首页>
外国专利>
NEED-TO-KNOW INFORMATION ACCESS USING QUANTIFIED RISK
NEED-TO-KNOW INFORMATION ACCESS USING QUANTIFIED RISK
展开▼
机译:使用量化风险需要了解信息访问
展开▼
页面导航
摘要
著录项
相似文献
摘要
Embodiments of the invention related to access control to sensitive data records, and in particular need-to-know information access using quantified risk. In one aspect of the invention access control includes retrieving a list of accesses to data by a plurality of users for a certain purpose during a specified period of time. The access patterns are derived based on said accesses and the derived access patterns are stored. A risk score is computed, for each of the plurality of users based on each of the plurality of users' need to access the data for said certain purpose, and the risk scores are stored. An aggregated total risk score for each of the plurality of users is created based on each respective user's computed risk score in a specified number of recent periods of time. A risk tolerance threshold is determined based on the aggregated total risk score for each of the plurality of users. A warning is issued if the aggregated total risk score for any of the plurality of users exceeds a risk-tolerance threshold.
展开▼