Method and apparatus for policy adaption based on application policy compliance analysis

US 10,331,898 B2
Filed: 06/08/2016
Issued: 06/25/2019
Est. Priority Date: 03/30/2012
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

determining one or more contexts under which at least one application is currently operating, wherein the one or more contexts include online social interactions of one user with one or more other users via the at least one application;

associating one or more privacy policy compliance profiles with the one or more contexts;

processing the online social interactions and user application use information against an association of the one or more privacy policy compliance profiles with the one or more contexts to determine one or more adaptations to one or more privacy policies associated with the at least one application, wherein the association includes social network relationships between the user and the one or more other users;

processing one or more predetermined thresholds with respect to one or more violations satisfying a contextual parameter of the online social interactions, to determine that the one or more predetermined thresholds have been reached, wherein the contextual parameter of the social interactions include frequencies of the online social interactions;

when the one or more predetermined thresholds has been reached, generating a report, including entries indicating the one or more violations of the contextual parameter, as an alert to signify non-compliance with the one or more privacy policies;

presenting the report and the one or more adaptations on a user interface;

in response to a user approval of the one or more adaptations, automatically adapting the one or more privacy policies into one or more adapted privacy policies; and

applying the one or more adapted privacy policies by restricting data access by or via the at least one application, blocking access to the at least one application, or a combination thereof.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for policy adaption based on application policy compliance analysis. The compliance platform processes and/or facilitates a processing of one or more policy compliance logs associated with at least one application to determine one or more policy compliance profiles associated with the at least one application. The compliance platform determines one or more contexts under which the at least one application operates. The compliance platform causes, at least in part, an association of the one or more policy compliance profiles with the one or more contexts. The compliance platform then processes and/or facilitates a processing of user contextual information, user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more adaptions to one or more policies associated with the at least one application.

Citations

16 Claims

1. A computer implemented method comprising:
- determining one or more contexts under which at least one application is currently operating, wherein the one or more contexts include online social interactions of one user with one or more other users via the at least one application;
  
  associating one or more privacy policy compliance profiles with the one or more contexts;
  
  processing the online social interactions and user application use information against an association of the one or more privacy policy compliance profiles with the one or more contexts to determine one or more adaptations to one or more privacy policies associated with the at least one application, wherein the association includes social network relationships between the user and the one or more other users;
  
  processing one or more predetermined thresholds with respect to one or more violations satisfying a contextual parameter of the online social interactions, to determine that the one or more predetermined thresholds have been reached, wherein the contextual parameter of the social interactions include frequencies of the online social interactions;
  
  when the one or more predetermined thresholds has been reached, generating a report, including entries indicating the one or more violations of the contextual parameter, as an alert to signify non-compliance with the one or more privacy policies;
  
  presenting the report and the one or more adaptations on a user interface;
  
  in response to a user approval of the one or more adaptations, automatically adapting the one or more privacy policies into one or more adapted privacy policies; and
  
  applying the one or more adapted privacy policies by restricting data access by or via the at least one application, blocking access to the at least one application, or a combination thereof.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method of claim 1, further comprising:
    - determining a specification of the one or more privacy policies as one or more restrictive privacy policies; and
      
      determining the one or more adaptations for causing, at least in part, a relaxing of the one or more restrictive privacy policies.
  - 3. A method of claim 1, further comprising:
    - determining a specification of the one or more privacy policies as one or more relaxed privacy policies; and
      
      determining the one or more adaptations for causing, at least in part, a restricting of the one or more relaxed privacy policies.
  - 4. A method of claim 1, further comprising:
    - determining the user contextual information, the user application use information, or a combination thereof in real-time or substantially real-time.
  - 5. A method of claim 1, wherein the one or more adaptations are, at least in part, suggestions to adjust the one or more privacy policies based, at least in part, on the policy compliance profiles, the user profile, the user contextual information, or a combination thereof.
  - 6. A method of claim 1, further comprising:
    - determining one or more context features, one or more user profiles, or a combination thereof from the user contextual information, the user application use information, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more context features, the one or more user profile, or a combination thereof.
  - 7. A method of claim 1, further comprising:
    - processing the user contextual information, the user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more anomalies, one or more exceptions, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more anomalies, the one or more exceptions, or a combination thereof, andwherein the one or more policy compliance profiles include, at least in part, one or more access frequencies, one or more access time intervals, one or more access data object levels, one or more access data context categories, or a combination thereof.
  - 8. A method of claim 1, wherein the online social interactions include game playing, weight-watching, personal training, travel planning, social networking, dating, or a combination thereof between the user and the one or more other users via the at least one application.

9. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following;
  
  determine one or more contexts under which at least one application is currently operating, wherein the one or more contexts include online social interactions of one user with one or more other users via the at least one application;
  
  associate one or more privacy policy compliance profiles with the one or more contexts;
  
  process the online social interactions and user application use information against an association of the one or more privacy policy compliance profiles with the one or more contexts to determine one or more adaptations to one or more privacy policies associated with the at least one application, wherein the association includes social network relationships between the user and the one or more other users;
  
  process one or more predetermined thresholds with respect to one or more violations satisfying a contextual parameter of the online social interactions, to determine that the one or more predetermined thresholds have been reached, wherein the contextual parameter of the social interactions include frequencies of the online social interactions;
  
  when the one or more predetermined thresholds has been reached, generate a report, including entries indicating the one or more violations of the contextual parameter, as an alert to signify non-compliance with the one or more privacy policies;
  
  present the report and the one or more adaptations on a user interface;
  
  in response to a user approval of the one or more adaptations, automatically adapt the one or more privacy policies into one or more adapted privacy policies; and
  
  apply the one or more adapted privacy policies by restricting data access by or via the at least one application, blocking access to the at least one application, or a combination thereof.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. An apparatus of claim 9, wherein the apparatus is further caused to:
    - determine a specification of the one or more privacy policies as one or more restrictive privacy policies; and
      
      determine the one or more adaptations for causing, at least in part, a relaxing of the one or more restrictive privacy policies.
  - 11. An apparatus of claim 9, wherein the apparatus is further caused to:
    - determine a specification of the one or more privacy policies as one or more relaxed privacy policies; and
      
      determine the one or more adaptations for causing, at least in part, a restricting of the one or more relaxed privacy policies.
  - 12. An apparatus of claim 9, wherein the apparatus is further caused to:
    - determine the user contextual information, the user application use information, or a combination thereof in real-time or substantially real-time.
  - 13. An apparatus of claim 9, wherein the one or more adaptations are, at least in part, suggestions to adjust the one or more privacy policies based, at least in part, on the policy compliance profiles, the user profile, the user contextual information, or a combination thereof.
  - 14. An apparatus of claim 9, wherein the apparatus is further caused to:
    - determine one or more context features, one or more user profiles, or a combination thereof from the user contextual information, the user application use information, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more context features, the one or more user profile, or a combination thereof.
  - 15. An apparatus of claim 9, wherein the apparatus is further caused to:
    - process the user contextual information, the user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more anomalies, one or more exceptions, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more anomalies, the one or more exceptions, or a combination thereof, andwherein the one or more policy compliance profiles include, at least in part, one or more access frequencies, one or more access time intervals, one or more access data object levels, one or more access data context categories, or a combination thereof.
  - 16. An apparatus of claim 9, wherein the online social interactions include game playing, weight-watching, personal training, travel planning, social networking, dating, or a combination thereof between the user and the one or more other users via the at least one application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
Nefedov, Nikolai, Biswas, Debmalya
Primary Examiner(s)
Abedin, Shanto
Assistant Examiner(s)
Stoica, Adrian

Application Number

US15/176,811
Publication Number

US 20160292434A1
Time in Patent Office

1,112 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

Method and apparatus for policy adaption based on application policy compliance analysis

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for policy adaption based on application policy compliance analysis

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links