CLOUD-BASED ACCESS CONTROL LIST

US 20080104393A1
Filed: 09/28/2006
Published: 05/01/2008
Est. Priority Date: 09/28/2006
Status: Abandoned Application

First Claim

Patent Images

1. A system that facilitates data management, comprising:

an interface component that receives a data request from a user; and

a cloud-based data auditing system that analyzes the request and selectively renders data in response to the request as a function of an access control list (ACL).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system that can assist users to manage a personal active directory for all of their information maintained within a cloud-based environment is provided. The identity of a client that accesses data is monitored and recorded in a log. In turn, this information can be made available to the owner of the information in order to develop a desired access control list (ACL). Additionally, the system can employ a heuristic component that can automatically establish the ACL on the owner'"'"'s behalf. As well, the system can track how information is being accessed (or attempted to be accessed) by other people therefore, giving the owner of the information the opportunity to restrict or allow access based upon any number of recorded factors (e.g., identity, context).

Citations

20 Claims

1. A system that facilitates data management, comprising:
- an interface component that receives a data request from a user; and
  
  a cloud-based data auditing system that analyzes the request and selectively renders data in response to the request as a function of an access control list (ACL).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, the data auditing system and the ACL are co-located remote from the user.
  - 3. The system of claim 1, further comprising an off-premise user data log that maintains data associated to the user.
  - 4. The system of claim 1, further comprising an ACL generator component that automatically generates the ACL as a function of at least one of the data and the user.
  - 5. The system of claim 4, the ACL generator component that generates the ACL is based at least in part upon content of the data.
  - 6. The system of claim 4, the ACL generator component generates the ACL is based at least in part upon a context of the user.
  - 7. The system of claim 1, further comprising an identity analysis component that establishes an identity of the user, the ACL limits access to the data based at least in part upon the identity.
  - 8. The system of claim 7, the identity analysis component includes a sensor component that facilitates establishment of the identity of the user.
  - 9. The system of claim 8, the sensor component includes at least one of a physiological and an environmental sensor, the sensor component gathers at least one of biometric information, user role information, organization affiliation information, user context information, device context information, and policy information.
  - 10. The system of claim 7, the identity analysis component employs cryptographic information to establish the identity.
  - 11. The system of claim 1, further comprising a monitoring component that tracks at least one of use and access attempts of the data.
  - 12. The system of claim 11, the monitoring component includes a data log update component that updates a data log with at least one of use and access attempts of the data.
  - 13. The system of claim 1, further comprising a machine learning and reasoning component that automatically establishes a policy related to the data, the policy is employed to establish the ACL.

14. A computer-implemented method of managing data, comprising:
- analyzing a data item;
  
  establishing an identity of an owner of the data; and
  
  automatically generating an access control list (ACL) that corresponds to the owner based at least in part upon the analyzed data item.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer-implemented method of claim 14, further comprising reviewing content of the data item, the content is employed in automatically generating the ACL.
  - 16. The computer-implemented method of claim 14, further comprising mapping the data item to the identity of the owner.
  - 17. The computer-implemented method of claim 14, further comprising tracking at least one of use and access attempts of the data item.
  - 18. The computer-implemented method of claim 17, further comprising updating a data log with respect to at least one of use and access attempts of the data item.

19. A computer-executable system that facilitates controlling access to data, comprising:
- computer-implemented means for analyzing a data item;
  
  computer-implemented means for establishing an identity of an owner of the data item; and
  
  computer-implemented means for automatically establishing an access control list (ACL) based at least in part upon the analysis of the data item.
- View Dependent Claims (20)
- - 20. The computer-executable system of claim 19, further comprising:
    - means for monitoring an action that includes at least one of use and access requests to the data item;
      
      means for updating a log with the monitored action; and
      
      means for rendering the log to the owner of the data item.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Cheng, Lili, Meijer, Henricus Johannes Maria, Zaner-Godsey, Melora, Glasser, Daniel S., Snyder, Ira L., Gates, William H.

Application Number

US11/536,457
Publication Number

US 20080104393A1
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 16/27   Replication, distribution o...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2141   Access rights, e.g. capabil...

CLOUD-BASED ACCESS CONTROL LIST

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CLOUD-BASED ACCESS CONTROL LIST

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links