METHOD AND SYSTEM FOR RESOURCE MANAGEMENT BASED ON ADAPTIVE RISK-BASED ACCESS CONTROLS
First Claim
1. A method for management of resources, comprising:
- accessing profiles of users;
computing first trust scores for the users;
receiving an access request from one of the users for access to a resource;
accessing a sensitivity score of the resource;
computing a confidence score for the requesting user;
computing a need-to-access score for the requesting user;
computing a second trust score for the requesting user; and
selectively granting the requesting user access to the requested resource, based on the second trust score.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and computer program products are provided for adaptively controlling access to resources, such as selectively granting a user'"'"'s request to access a confidential document. In one embodiment, the method may include making real-time access control decisions that respond promptly to changing organizational environments, thus reducing risks of the unauthorized use or access of resources. In addition, the method may include selectively granting a user'"'"'s request to access a resource based on dynamic risk factors including, for example, the user'"'"'s trust level, the sensitivity of the information resource requested, and the overall system status. Furthermore, the method may include adjusting those factors based on a change in conditions or organizational need.
89 Citations
27 Claims
-
1. A method for management of resources, comprising:
-
accessing profiles of users; computing first trust scores for the users; receiving an access request from one of the users for access to a resource; accessing a sensitivity score of the resource; computing a confidence score for the requesting user; computing a need-to-access score for the requesting user; computing a second trust score for the requesting user; and selectively granting the requesting user access to the requested resource, based on the second trust score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable recording medium storing a computer-executable program which, when executed by a processor, performs a method for management of resources, comprising:
-
accessing profiles of users; computing first trust scores for the users; receiving an access request from one of the users for access a resource; accessing a sensitivity score of the resource; computing a confidence score for the requesting user; computing a need-to-access score for the requesting user; computing a second trust score for the requesting user; and selectively granting the requesting user access to the requested resource, based on the second trust score. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for management of resources, comprising:
-
a memory to store data and instructions; and a processor configured to access the memory and when executing the instructions to; access profiles of users; compute first trust scores for the users; receive an access request from one of the users for access to a resource; access a sensitivity score of the resource; compute a confidence score for the requesting user; compute a need-to-access score for the requesting user; compute a second trust score for the requesting user; and selectively grant the requesting user access to the requested resource, based on the second trust score. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification