BOOTSTRAPPING ACCESS MODELS IN THE ABSENCE OF TRAINING DATA

US 20130207775A1
Filed: 02/15/2012
Published: 08/15/2013
Est. Priority Date: 02/15/2012
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

one or more of a computer processor and a computer storage device configured to;

store a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS;

store attributes for the individual or group of individuals;

receive attributes of an individual not associated with an access model;

compare the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models;

use the plurality of access models to create new access models to be used for the individual not associated with the access model; and

use the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A plurality of access models comprise patterns of accesses to resources protected by an Access Control System (ACS). The access models are used to classify the accesses to the resources as either normal or anomalous. The system stores attributes for the individuals for whom the access models are available, receives attributes of an individual not associated with an access model, and compares the attributes of the individual not associated with an access model to the attributes of the individuals for whom access models are available. The system further selects an access model for the individual not associated with an access model based on the comparison, and uses the selected access model for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.

11 Citations

View as Search Results

20 Claims

1. A system comprising:
- one or more of a computer processor and a computer storage device configured to;
  
  store a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS;
  
  store attributes for the individual or group of individuals;
  
  receive attributes of an individual not associated with an access model;
  
  compare the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models;
  
  use the plurality of access models to create new access models to be used for the individual not associated with the access model; and
  
  use the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, wherein the new access models to be used for the individual not associated with an access model are created by selection from the plurality of access models used by the ACS.
  - 3. The system of claim 2, wherein the selection from the plurality of access models used by the ACS for the individual not associated with an access model is a function of a similarity of the attributes of the individual not associated with an access model to the attributes of one or more of the individual or group of individuals who are associated with one or more of the plurality of access models used by the ACS.
  - 4. The system of claim 3, wherein the attributes include one or more of a job function, a work location, an assignment to a group of users, and information contained in a personnel file.
  - 5. The system of claim 2, wherein the creation from the plurality of access models used by the ACS for the individual not associated with an access model is performed such that the selected models from the plurality of access models used by the ACS are associated with individuals that represent a cohesive group.
  - 6. The system of claim 1, wherein the new access models to be used for the individual not associated with an access model are created by building the new access models form records of past access data of the individuals who represent a cohesive group of individuals.
  - 7. The system of claim 1, wherein the new access models to be used for the individual not associated with an access model are created by one or more of aggregation of access models of individuals who represent a cohesive group of individuals, and a determination of representative access models from among the access models of the individuals who represent a cohesive group of individuals.
  - 8. The system of claim 1, wherein the new access models to be used for the individual not associated with an access model are created by one or more of aggregation of selected subsets of access models of individuals who represent a cohesive group of individuals and a determination of representative subsets of access models from among the access models of the individuals who represent a cohesive group of individuals.
  - 9. The system of claim 1, wherein the created access models for the individual not associated with an access model are used to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous in such a way that the classification comprises a voting scheme or an aggregation of partial classification results of each access model component of the created access models.
  - 10. The system of claim 1, wherein the resources protected by the ACS comprise one or more of a physical resource, a cyber resource, and an intellectual property resource.
  - 11. The system of claim 1, wherein the person not associated with an access model is a new user of the resources protected by the ACS who does not have a history of access to the one or more resources protected by the ACS.
  - 12. The system of claim 1, wherein the computer processor is configured to receive data over a time period relating to accessing the resources protected by the ACS by the individual not associated with an access model, and to update the access model selected for the individual not associated with an access model using the data.
  - 13. The system of claim 1, wherein the access models comprise values relating to one or more of a location, a time of an access event, a duration of stay in an accessed area, a day of the access event, a time of a first access event associated with a location, and a frequency of access events associated with a location.

14. A method comprising:
- storing a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS;
  
  storing attributes for the individual or group of individuals;
  
  receiving attributes of an individual not associated with an access model;
  
  comparing the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models;
  
  using the plurality of access models to create new access models to be used for the individual not associated with the access model; and
  
  using the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14, wherein the new access models to be used for the individual not associated with an access model are created by selection from the plurality of access models used by the ACS;
    - and wherein the selection from the plurality of access models used by the ACS for the individual not associated with an access model is a function of a similarity of the attributes of the individual not associated with an access model to the attributes of one or more of the individual or group of individuals who are associated with one or more of the plurality of access models used by the ACS.
  - 16. The method of claim 15, wherein the creation from the plurality of access models used by the ACS for the individual not associated with an access model is performed such that the selected models from the plurality of access models used by the ACS are associated with individuals that represent a cohesive group.
  - 17. The method of claim 14, wherein the new access models to be used for the individual not associated with an access model are created by one or more of aggregation of access models of individuals who represent a cohesive group of individuals, and a determination of representative access models from among the access models of the individuals who represent a cohesive group of individuals.
  - 18. The method of claim 14, wherein the new access models to be used for the individual not associated with an access model are created by one or more of aggregation of selected subsets of access models of individuals who represent a cohesive group of individuals and a determination of representative subsets of access models from among the access models of the individuals who represent a cohesive group of individuals.
  - 19. The method of claim 14, wherein the person not associated with an access model is a new user of the resources protected by the ACS who does not have a history of access to the one or more resources protected by the ACS.

20. A computer readable storage device comprises instructions that when executed by a processor execute a process comprising:
- storing a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS;
  
  storing attributes for the individual or group of individuals;
  
  receiving attributes of an individual not associated with an access model;
  
  comparing the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models;
  
  using the plurality of access models to create new access models to be used for the individual not associated with the access model; and
  
  using the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Guralnik, Valerie, Libal, Vit

Granted Patent

US 8,947,198 B2
Time in Patent Office

Days
Field of Search
US Class Current

340/5.21
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/552   involving long-term monitor...

G07C 9/00   Individual registration on ...

H04L 63/102   Entity profiles

H04L 63/1441   Countermeasures against mal...

BOOTSTRAPPING ACCESS MODELS IN THE ABSENCE OF TRAINING DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

11 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

BOOTSTRAPPING ACCESS MODELS IN THE ABSENCE OF TRAINING DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others