Abstractions and automation for enhanced sharing and collaboration
First Claim
1. A system to facilitate information access control, comprising:
- memory; and
one or more processors coupled to the memory and configured to;
receive an access request for a data item owned by a data item owner, the access request being based at least in part on a request from a requesting user,determine whether the requesting user is a member of a dynamically created group of users based at least in part on an activity of the requesting user,dynamically select an access policy based at least in part on the dynamically created group of users to which the requesting user is determined to belong, the access policy configured to request a reason for the requesting user to access the data item, andselectively provide access to the data item to the requesting user based at least in part on the access policy.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides methods for using abstractions of people, including dynamic and static groups of people, to enhance the efficiency of the specification and automation of policies for sharing information between users with a “need-to-know.” An instance of the present invention can also provide these users information based on a “time-to-know.” By providing access to information based on group affiliation and properties of the content of the information, the present invention maintains optimal information privacy while minimizing encumbrances to sharing data with appropriate users and even at appropriate times. The present invention can be integrated with other communication technologies to facilitate access to information in a time appropriate manner. Other instances of the present invention employ automated and semi-automated, mixed-initiative techniques, to make information-sharing decisions. Additional instances of the present invention include the employment of machine-learning techniques to facilitate construction of access policies from the actions or profile of a single user or a community of users, including the construction of automated sharing agents that work in an automated or mixed-initiative manner to respond to real-time requests for information.
100 Citations
20 Claims
-
1. A system to facilitate information access control, comprising:
-
memory; and one or more processors coupled to the memory and configured to; receive an access request for a data item owned by a data item owner, the access request being based at least in part on a request from a requesting user, determine whether the requesting user is a member of a dynamically created group of users based at least in part on an activity of the requesting user, dynamically select an access policy based at least in part on the dynamically created group of users to which the requesting user is determined to belong, the access policy configured to request a reason for the requesting user to access the data item, and selectively provide access to the data item to the requesting user based at least in part on the access policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of facilitating information access control using at least one processor of a processor-based system, the method comprising:
-
receiving an access request for a data item owned by a data item owner, the access request being based at least in part on a request from a requesting user; determining whether the requesting user is a member of a dynamically created group of users based at least in part on an activity of the requesting user; dynamically selecting an access policy based at least in part on the dynamically created group of users to which the requesting user is determined to belong, the access policy configured to request a reason for the requesting user to access the data item; and selectively providing access to the data item to the requesting user based at least in part on the access policy. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A system to facilitate information access control, comprising:
-
memory; and one or more processors coupled to the memory and configured to; receive an access request for a data item owned by a data item owner, the access request being based at least in part on a request from a requesting user, determine whether the requesting user is a member of a dynamically created group of users based at least in part on an activity of the requesting user, communicate the access request to the data item owner to dynamically select an access policy based at least in part on the dynamically created group of users to which the requesting user is determined to belong, and selectively provide access to the data item to the requesting user based at least in part on the access policy. - View Dependent Claims (18, 19, 20)
-
Specification