SEMANTIC CONTROLS ON DATA STORAGE AND ACCESS
First Claim
1. In a computing system environment, a method for controlling access to digital data available on one or more computing devices, comprising:
- identifying one or more semantic attributes of at least one first digital data set;
using said identified one or more semantic attributes, accessing a policy dictating access to the at least one first digital data set;
receiving a user request to access the at least one second digital data set;
identifying one or more semantic attributes of at least one second digital data set;
comparing the semantic attributes of the first digital data set and the at least one second digital data set; and
based on the policy, allowing or not allowing the user to access the at least one second digital data set.
12 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus teach defining an access policy to digital data available on one or more computing devices, including identifying one or more semantic attributes of at least one first digital data set and using the identified attributes to define policy dictating user access privileges. On receipt of a user request to access at least one second digital data set, semantic attributes are compared to the at least one first digital data set and access is allowed or not allowed based on the policy. Semantic attributes are selected from at least one of a closeness attribute, a relatedness attribute, and a semantic vector attribute. Also is taught configuring a policy enforcement agent on the one or more computing devices to undertake the comparing and to allow or not allow access. In turn, computer program products and computing systems for accomplishing the foregoing are provided.
-
Citations
20 Claims
-
1. In a computing system environment, a method for controlling access to digital data available on one or more computing devices, comprising:
-
identifying one or more semantic attributes of at least one first digital data set; using said identified one or more semantic attributes, accessing a policy dictating access to the at least one first digital data set; receiving a user request to access the at least one second digital data set; identifying one or more semantic attributes of at least one second digital data set; comparing the semantic attributes of the first digital data set and the at least one second digital data set; and based on the policy, allowing or not allowing the user to access the at least one second digital data set. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
- 8. A computer program product available on a computer readable medium for loading on a computing device in a computing system environment, the computer program product configured for controlling access privileges to digital data available on a same or different said computing device, comprising executable instructions for configuring a policy enforcement agent to operate on a processor of the computing device to compare at least one semantic attribute of at least one original digital data set to a corresponding semantic attribute of at least one current digital data set on the same or a different computing device, and to allow or not allow a user request for access to the at least one current digital data set based on the comparing.
-
15. In a computing system environment, a method of controlling access to digital data available on one or more computing devices, comprising:
-
configuring a policy enforcement agent on the one or more computing devices; providing a semantic template by selecting at least one original file of digital data stored on the one or more computing devices according to at least one semantic attribute of the original files; receiving a user request to access at least one current file of digital data; by the policy enforcement agent, comparing the at least one current file against the at least one original file according to the at least one semantic attribute; and based on the comparing, allowing or not allowing the user to access the at least one current file. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification