ACCESS MANAGEMENT IN AN OFF-PREMISE ENVIRONMENT

US 20080082538A1
Filed: 12/20/2006
Published: 04/03/2008
Est. Priority Date: 09/28/2006
Status: Active Grant

First Claim

Patent Images

1. A system that facilitates data management, comprising:

an interface component that receives a data request from a user; and

a data auditing component that facilitates generation and management of an access control list and and selectively renders data in response to the request as a function of an access control list (ACL).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system that can assist users to manage a personal active directory for all of their information maintained within a cloud-based environment is provided. The identity of a client that accesses data is monitored and recorded in a log. In turn, this information can be made available to the owner of the information in order to develop a desired access control list (ACL). Additionally, the system can employ a heuristic component that can automatically establish the ACL on the owner'"'"'s behalf. As well, the system can track how information is being accessed (or attempted to be accessed) by other people therefore, giving the owner of the information the opportunity to restrict or allow access based upon any number of recorded factors (e.g., identity, context).

269 Citations

20 Claims

1. A system that facilitates data management, comprising:
- an interface component that receives a data request from a user; and
  
  a data auditing component that facilitates generation and management of an access control list and and selectively renders data in response to the request as a function of an access control list (ACL).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, the data auditing component dynamically updates the ACL based upon a preference of an owner of the data.
  - 3. The system of claim 1, the data auditing component dynamically updates the ACL based upon a criterion of the data.
  - 4. The system of claim 3, the criterion is one of a data type, content, context, owner, privacy policy and security classification.
  - 5. The system of claim 1, the ACL is distributed between an on-premise and an off-premise environment.
  - 6. The system of claim 1, the data auditing component and the ACL are co-located remote from the user.
  - 7. The system of claim 1, further comprising an access log that maintains access request data as a function of the ACL.
  - 8. The system of claim 7, the access log maintains successful and unsuccessful attempts to access data as a function of the ACL.
  - 9. The system of claim 8, further comprising an ACL generator component that automatically generates the ACL as a function of at least one of content of the data and a preference of the owner of the data.
  - 10. The system of claim 1, the data auditing component selectively renders the data based at least in part upon the context of the user.
  - 11. The system of claim 10, further comprising an identity analysis component that establishes an identity of the user, the ACL limits access to the data based at least in part upon the established identity.
  - 12. The system of claim 11, the identity analysis component employs a sensor component that facilitates establishment of the identity of the user.
  - 13. The system of claim 12, the sensor component includes at least one of a physiological and an environmental sensor that facilitates establishment of the identity.
  - 14. The system of claim 10, further comprising a monitoring component that tracks at least one of use and access attempts of the data.
  - 15. The system of claim 1, further comprising a machine learning and reasoning component that automatically establishes a policy related to the data, the policy is employed to establish the ACL.

16. A computer-implemented method of managing data, comprising:
- receiving a request for access to a data item;
  
  establishing identity of the requester;
  
  searching an ACL for the data item; and
  
  granting or denying access to the data item based upon the identity in view of the ACL.
- View Dependent Claims (17, 18)
- - 17. The computer-implemented method of claim 16, further comprising automatically generating the access control list in accordance with an owner policy.
  - 18. The computer-implemented method of claim 16, further comprising:
    - tracking access attempts and access denials of the data item; and
      
      reporting the access attempts and access denials to the owner of the data item.

19. A computer-executable system that facilitates managing access to a plurality of data items, comprising:
- means for determining an access preference of an owner of plurality of data items; and
  
  means for generating an ACL that controls access to a subset of the data items as a function of the access preference.
- View Dependent Claims (20)
- - 20. The computer-executable system of claim 19, further comprising:
    - means for monitoring access attempts and denials of the subset of data items; and
      
      means for updating the ACL based at least in part upon one of access attempts and denials.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Cheng, Lili, Meijer, Henricus Johannes Maria, Zaner-Godsey, Melora, Glasser, Daniel S., Snyder, Ira L., Gates, William H.

Granted Patent

US 8,341,405 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/9
CPC Class Codes

G06F 16/27   Replication, distribution o...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2141   Access rights, e.g. capabil...

ACCESS MANAGEMENT IN AN OFF-PREMISE ENVIRONMENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

269 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

ACCESS MANAGEMENT IN AN OFF-PREMISE ENVIRONMENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

269 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others