Profile inferencing through automated access control list analysis heuristics
First Claim
1. A method for generating a profile of a system user comprising the steps of:
- (a) searching an access control list for objects that the user has permission to access;
(b) determining a user affinity for objects based on series of plurality of rules, the rules comprising the permissions assigned to the user for each of the user accessible objects, wherein the affinity is determined regardless of whether the user has actually ever accessed the objects; and
(c) generating a user profile based on the user affinity.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer readable medium for generating a profile of a network user based on a user'"'"'s access privileges stored in an access control list (ACL). The system may include an accessible objects determining object for determining objects that are accessible by a particular user. An access privilege determining object may be used to determine a user'"'"'s access privileges for each accessible object. The system may also include an object topic determining object for determining the subject matter of the object. The subject matter of the object may be used to generate a profile indicating a user'"'"'s affinity (e.g., experience, knowledge, interest, etc.). A user affinity object may be used to determine a user'"'"'s affinity based on, for example, the accessible objects, the user'"'"'s access privileges, and the subject matter of the accessible objects. The system may also include a profile compiling/updating object that generates a user profile based on the user'"'"'s affinity determined by the user affinity object. Preferably, the system includes editing and updating objects. An editing object may permit a user to edit the profile generated and an updating permits the system to update the profile (e.g., periodically or as desired).
98 Citations
29 Claims
-
1. A method for generating a profile of a system user comprising the steps of:
-
(a) searching an access control list for objects that the user has permission to access;
(b) determining a user affinity for objects based on series of plurality of rules, the rules comprising the permissions assigned to the user for each of the user accessible objects, wherein the affinity is determined regardless of whether the user has actually ever accessed the objects; and
(c) generating a user profile based on the user affinity. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for generating a profile of a system user comprising:
-
storing means for storing an access control list;
accessing means for accessing the list;
accessible object determining means for determining the objects in the list that the user has permission to access;
affinity determining means, responsive to the accessible object determining means, for determining a user affinity for the objects based on series of plurality of rules, the rules comprising the permissions assigned to the user for each of the user accessible objects, wherein the affinity is determined regardless of whether the user has actually ever accessed the objects; and
profile generating means, responsive to the affinity determining means, for generating a user profile. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for generating a profile of a system user comprising:
-
an accessing object that accesses an access control list that stores a list of objects;
an access determining object that determines the objects in the list that the user has permission to access;
an affinity determining object that determines a user affinity for the objects based on series of plurality of rules, the rules comprising the permissions assigned to the user for each of the user accessible objects, wherein the affinity is determined regardless of whether the user has actually ever accessed the objects; and
a generating object, responsive to the affinity determining object, that generates a user profile. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A computer usable medium having computer readable program code embodied therein for generating a user profile, the computer readable program code comprising:
-
computer readable program code that causes a computer to search an access control list for objects that the user has permission to access;
computer readable program code that causes a computer to determine a user affinity for the objects based on series of plurality of rules, the rules comprising the permissions assigned to the user for each of the user accessible objects, wherein the affinity is determined regardless of whether the user has actually ever accessed the objects; and
computer readable program code, responsive to the computer readable code for determining a user affinity, that causes a computer to generate a user profile. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification