System, method and computer program product for detecting policy violations

US 10,528,880 B2
Filed: 10/11/2016
Issued: 01/07/2020
Est. Priority Date: 10/11/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented policy violation detection method, the method comprising:

extracting a policy activity from a policy, the policy activity including an actor in the policy, an object within the policy, an action of the policy, and policy scope metadata, the object being a tangible, physical object;

capturing a transaction by a user including metadata of the transaction;

translating the transaction by the user into an actor in the transaction, an action of the transaction, and an object of the transaction; and

alerting the user of a policy violation by navigating a knowledge graph is-a hierarchy to relate the actor in the transaction to the actor in the policy, the object of the transaction to an object within the policy, and the action of the transaction to an action of the policy activity, thereby to verify that the object is related semantically to the transaction,wherein the alerting alerts the user of the at least one policy violation by running a rule-based inference model to predict if a portion of the policy activity is violated by a future action with the object of the transaction by the user based on an inference rule between the natural language of the transaction and the policy activity, andwherein the rule-based inference model includes;

an inference rule to check the object against the policy if an object is acquired;

an inference rule to check if the action enables a second action that can violate the policy in the future if the user does the action without the object; and

an inference rule based on if the user changes the object or changes a state of the object that can violate the in the future.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A policy violation detection computer-implemented method, system, and computer program product, includes extracting a policy activity from a policy, the policy activity including an actor in the policy, an object of the policy, an action of the policy, and policy scope metadata, capturing a transaction by a user including metadata of the transaction, translating the transaction by the user into an actor in the transaction, an action of the transaction, and an object of the transaction, and alerting the user of a policy violation by navigating a knowledge graph is-a hierarchy to relate the actor in the transaction to the actor in the policy, the object of the transaction to an object of the policy, and the action of the transaction to an action of the policy activity.

Citations

14 Claims

1. A computer-implemented policy violation detection method, the method comprising:
- extracting a policy activity from a policy, the policy activity including an actor in the policy, an object within the policy, an action of the policy, and policy scope metadata, the object being a tangible, physical object;
  
  capturing a transaction by a user including metadata of the transaction;
  
  translating the transaction by the user into an actor in the transaction, an action of the transaction, and an object of the transaction; and
  
  alerting the user of a policy violation by navigating a knowledge graph is-a hierarchy to relate the actor in the transaction to the actor in the policy, the object of the transaction to an object within the policy, and the action of the transaction to an action of the policy activity, thereby to verify that the object is related semantically to the transaction,wherein the alerting alerts the user of the at least one policy violation by running a rule-based inference model to predict if a portion of the policy activity is violated by a future action with the object of the transaction by the user based on an inference rule between the natural language of the transaction and the policy activity, andwherein the rule-based inference model includes;
  
  an inference rule to check the object against the policy if an object is acquired;
  
  an inference rule to check if the action enables a second action that can violate the policy in the future if the user does the action without the object; and
  
  an inference rule based on if the user changes the object or changes a state of the object that can violate the in the future.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1, further comprising filtering and ranking relevant sub-policies in the policy by a criticality level of the policy violation when the alerting alerts the user of a plurality of policy violations.
  - 3. The computer-implemented method of claim 1, wherein the alerting the user of at least one a policy violation alerts at least one of the user, a friend of the user, a party to the transaction, a party to the policy, an owner of the transaction, and an owner of the policy.
  - 4. The computer-implemented method of claim 1, wherein a type of the transaction captured by the capturing is selected from a group consisting of:
    - a sale/purchase transaction;
      
      an invest/divest transaction;
      
      a borrowing transaction;
      
      a construction transaction;
      
      an invitation accept/decline transaction;
      
      an entering/leaving a location transaction;
      
      an entering/leaving a location during a time period transaction; and
      
      a transaction on a computer system or device.
  - 5. The computer-implemented method of claim 1, wherein the alerting communicates the activity causing the policy violation to the user if the knowledge graph indicates that a specific type of the object is of a given type,wherein the given type comprises a known classification of a string of tokens,wherein the given type is in a graph,wherein the graph is selected from a group consisting of:
    - Wordnet;
      
      Freebase; and
      
      Yago.
  - 6. The computer-implemented method of claim 1, wherein an inference rule is applied to the transaction resulting in a potential future action which is then checked for the policy violation by navigating the knowledge graph is-a hierarchy.
  - 7. The computer-implemented method of claim 1, wherein the action, the object, and the actor in the transaction are stated in natural language where the action comprises a verb or a verb phrase of a sentence, the object comprises a noun or a noun phrase object of the same sentence, and the actor comprises a noun or a noun phrase subject of that sentence.
  - 8. The computer-implemented method of claim 1, embodied in a cloud-computing environment.

9. A computer program product for policy violation detection, the computer program product comprising a computer-readable storage medium having program instructions embodied therewith, the program instructions executable by a device to cause the device to perform:
- extracting a policy activity from a policy, the policy activity including an actor in the policy, an object within the policy, an action of the policy, and policy scope metadata, the object being a tangible, physical object;
  
  capturing a transaction by a user including metadata of the transaction;
  
  translating the transaction by the user into an actor in the transaction, an action of the transaction, and an object of the transaction; and
  
  alerting the user of a policy violation by navigating a knowledge graph is a hierarchy to relate the actor in the transaction to the actor in the policy, the object of the transaction to an object within the policy, and the action of the transaction to an action of the policy activity, thereby to verify that the object is related semantically to the transaction,wherein the alerting alerts the user of the at least one policy violation by running a rule-based inference model to predict if a portion of the policy activity is violated by a future action with the object of the transaction by the user based on an inference rule between the natural language of the transaction and the policy activity, andwherein the rule-based inference model includes;
  
  an inference rule to check the object against the policy if all object is acquired;
  
  an inference rule to check if the action enables a second action that can violate the policy in the future if the user does the action without the object; and
  
  an inference rule based on if the user changes the object or changes a state of the object that can violate, the policy in the future.
- View Dependent Claims (10, 11)
- - 10. The computer program product of claim 9, further comprising filtering and ranking relevant sub-policies in the policy by a criticality level of the policy violation when the alerting alerts the user of a plurality of policy violations.
  - 11. The computer program product of claim 9, wherein the alerting the user of at least one a policy violation alerts at least one of the user, a friend of the user, a party to the transaction, a party to the policy, an owner of the transaction, and an owner of the policy.

12. A policy violation detection system, said system comprising:
- a processor; and
  
  a memory, the memory storing instructions to cause the processor to perform;
  
  extracting a policy activity from a policy, the policy activity including an actor in the policy, an object within the policy, an action of the policy, and policy scope metadata, the object being a tangible, physical object;
  
  capturing a transaction by a user including metadata of the transaction;
  
  translating the transaction by the user into natural language indicating an actor in the transaction, a verb phrase for an object of the transaction, and a noun phrase of the transaction; and
  
  alerting the user of a policy violation by navigating a knowledge graph is-hierarchy to relate the natural language of a future action with the object of the transaction to the portion of the policy activity, relate the object of the transaction to the object within the policy, and verify that the object within the policy is related to the future action with the object of the transaction, thereby to verify that the object is related semantically to the transaction,wherein the alerting alerts the user of the at least one policy violation by running a rule-based inference model to predict if a portion of the policy activity is violated by a future action with the object of the transaction by the user based on an inference rule between the natural language of the transaction and the policy activity, andwherein the rule-based inference model includes;
  
  an inference rule to check the object against the policy if an object is acquired;
  
  are inference rule to check if the action enables a second action that can violate the policy in the future if the user does the action without the object; and
  
  an inference rule based on if the user changes the object or changes a state of the object that can violate the policy in the future.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, further comprising filtering and ranking relevant sub-policies in the policy by a criticality level of the policy violation when the alerting alerts the user of a plurality of policy violations.
  - 14. The system of claim 12, embodied in a cloud-computing environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Canim, Mustafa, Farrell, Robert G.
Primary Examiner(s)
Afshar, Kamran
Assistant Examiner(s)
Kassim, Imad

Application Number

US15/290,658
Publication Number

US 20180101779A1
Time in Patent Office

1,183 Days
Field of Search
US Class Current
CPC Class Codes

G06N 5/046 Forward inferencing; Produc...

System, method and computer program product for detecting policy violations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for detecting policy violations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links