首页> 外国专利> NEED-TO-KNOW INFORMATION ACCESS USING QUANTIFIED RISK

NEED-TO-KNOW INFORMATION ACCESS USING QUANTIFIED RISK

机译：使用量化风险需要了解信息访问

页面导航

摘要
著录项
相似文献

摘要

Embodiments of the invention related to access control to sensitive data records, and in particular need-to-know information access using quantified risk. In one aspect of the invention access control includes retrieving a list of accesses to data by a plurality of users for a certain purpose during a specified period of time. The access patterns are derived based on said accesses and the derived access patterns are stored. A risk score is computed, for each of the plurality of users based on each of the plurality of users' need to access the data for said certain purpose, and the risk scores are stored. An aggregated total risk score for each of the plurality of users is created based on each respective user's computed risk score in a specified number of recent periods of time. A risk tolerance threshold is determined based on the aggregated total risk score for each of the plurality of users. A warning is issued if the aggregated total risk score for any of the plurality of users exceeds a risk-tolerance threshold.

机译：本发明的实施例涉及对敏感数据记录的访问控制，尤其涉及使用量化风险的需要知道的信息访问。在本发明的一个方面，访问控制包括在指定的时间段内为特定目的检索多个用户对数据的访问的列表。基于所述访问导出访问模式，并且存储导出的访问模式。基于多个用户中的每一个出于所述特定目的访问数据的需要，为多个用户中的每一个计算风险分数，并且存储风险分数。基于每个相应用户在指定数量的最近时间段内计算出的风险评分，为多个用户中的每个用户创建汇总的总风险评分。基于多个用户中的每个用户的合计总风险评分来确定风险承受度阈值。如果多个用户中任何一个的总风险总分超过风险容忍阈值，则发出警告。

著录项

公开/公告号US2013018921A1

专利类型
公开/公告日2013-01-17

原文格式PDF
申请/专利权人 HONGXIA JIN;QIHUA WANG;
展开▼

申请/专利号US201113182317
发明设计人 QIHUA WANG;HONGXIA JIN;
展开▼

申请日2011-07-13
分类号G06F7/00;G06F17/00;
国家 US
入库时间 2022-08-21 16:48:42

相似文献

专利
外文文献
中文文献