BOOTSTRAPPING ACCESS MODELS IN THE ABSENCE OF TRAINING DATA
First Claim
1. A system comprising:
- one or more of a computer processor and a computer storage device configured to;
store a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS;
store attributes for the individual or group of individuals;
receive attributes of an individual not associated with an access model;
compare the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models;
use the plurality of access models to create new access models to be used for the individual not associated with the access model; and
use the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.
1 Assignment
0 Petitions
Accused Products
Abstract
A plurality of access models comprise patterns of accesses to resources protected by an Access Control System (ACS). The access models are used to classify the accesses to the resources as either normal or anomalous. The system stores attributes for the individuals for whom the access models are available, receives attributes of an individual not associated with an access model, and compares the attributes of the individual not associated with an access model to the attributes of the individuals for whom access models are available. The system further selects an access model for the individual not associated with an access model based on the comparison, and uses the selected access model for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.
11 Citations
20 Claims
-
1. A system comprising:
one or more of a computer processor and a computer storage device configured to; store a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS; store attributes for the individual or group of individuals; receive attributes of an individual not associated with an access model; compare the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models; use the plurality of access models to create new access models to be used for the individual not associated with the access model; and use the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
14. A method comprising:
-
storing a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS; storing attributes for the individual or group of individuals; receiving attributes of an individual not associated with an access model; comparing the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models; using the plurality of access models to create new access models to be used for the individual not associated with the access model; and using the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A computer readable storage device comprises instructions that when executed by a processor execute a process comprising:
-
storing a plurality of access models used by an access control system (ACS), wherein the access models comprise patterns of access by an individual or a group of individuals to one or more resources protected by the ACS; storing attributes for the individual or group of individuals; receiving attributes of an individual not associated with an access model; comparing the attributes of the individual not associated with an access model to the attributes of the individual or group of individuals who are associated with one or more of the plurality of access models; using the plurality of access models to create new access models to be used for the individual not associated with the access model; and using the created access models for the individual not associated with an access model to classify access to the one or more resources protected by the ACS by the individual not associated with an access model as either normal or anomalous.
-
Specification