×

System and method for fuzzy multi-level security

  • US 7,530,110 B2
  • Filed: 05/06/2005
  • Issued: 05/05/2009
  • Est. Priority Date: 05/06/2005
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for making access control decisions comprising the steps of:

  • computing a risk index for a plurality of dimensions which contribute to risk in a computer related device;

    computing a probability of an unauthorized disclosure of information for each dimension for the risk index;

    determining whether the probability falls with a boundary range defined for the probability for each dimension such that probabilities above the range are unacceptable, below the range are acceptable and in the range are acceptable with mitigation measures wherein the boundary range has a hard boundary above which the probability of unauthorized disclosure is unacceptable, and a soft boundary below which the probability of unauthorized disclosure is acceptable;

    determining a residual risk after applying a mitigation measure by mapping effectiveness of performing the mitigation measures to determine the residual risk; and

    selecting a mitigation measure in accordance with the residual probability to reduce a probability of risk.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×