Abstractions and automation for enhanced sharing and collaboration
First Claim
1. A system that facilitates information access control, comprising:
- at least one processor coupled to memory, the at least one processor executes;
a component that receives an access request for a data item from a requesting user;
an access control component that;
assigns one or more members to a dynamically created group of users, each member being assigned to the dynamically created group of users based on;
a characteristic for the dynamically created group of users, the characteristic comprising at least one activity performed by the one or more members of the dynamically created group of users, a location of the one or more members, and availability of the one or more members; and
the member'"'"'s association with the at least one activity, the location and the availability, wherein the member'"'"'s association with the at least one activity is determined based on a current activity of the member, and wherein the member'"'"'s association with the location is determined based on accessibility to the member, at a current location of the member, of at least one communication means to communicate with members of the dynamically created group of users; and
processes the data item access request via utilization of at least one access policy stored on the memory based, at least in part, on membership of the requesting user in the dynamically created group of users and at least one content property associated with the data item that indicates access rights for the members of the dynamically created group; and
an access policy agent component that constructs the at least one access policy utilizing, at least in part, at least one selected from the group consisting of multiple dimensions of trust, machine learning techniques, and cost-benefit analysis;
whereinthe access policy agent component further employs at least one selected from the group consisting of a logical clustering of users and a statistical clustering of users, the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides methods for using abstractions of people, including dynamic and static groups of people, to enhance the efficiency of the specification and automation of policies for sharing information between users with a “need-to-know.” An instance of the present invention can also provide these users information based on a “time-to-know.” By providing access to information based on group affiliation and properties of the content of the information, the present invention maintains optimal information privacy while minimizing encumbrances to sharing data with appropriate users and even at appropriate times. The present invention can be integrated with other communication technologies to facilitate access to information in a time appropriate manner. Other instances of the present invention employ automated and semi-automated, mixed-initiative techniques, to make information-sharing decisions. Additional instances of the present invention include the employment of machine-learning techniques to facilitate construction of access policies from the actions or profile of a single user or a community of users, including the construction of automated sharing agents that work in an automated or mixed-initiative manner to respond to real-time requests for information.
-
Citations
41 Claims
-
1. A system that facilitates information access control, comprising:
-
at least one processor coupled to memory, the at least one processor executes; a component that receives an access request for a data item from a requesting user; an access control component that; assigns one or more members to a dynamically created group of users, each member being assigned to the dynamically created group of users based on; a characteristic for the dynamically created group of users, the characteristic comprising at least one activity performed by the one or more members of the dynamically created group of users, a location of the one or more members, and availability of the one or more members; and the member'"'"'s association with the at least one activity, the location and the availability, wherein the member'"'"'s association with the at least one activity is determined based on a current activity of the member, and wherein the member'"'"'s association with the location is determined based on accessibility to the member, at a current location of the member, of at least one communication means to communicate with members of the dynamically created group of users; and processes the data item access request via utilization of at least one access policy stored on the memory based, at least in part, on membership of the requesting user in the dynamically created group of users and at least one content property associated with the data item that indicates access rights for the members of the dynamically created group; and an access policy agent component that constructs the at least one access policy utilizing, at least in part, at least one selected from the group consisting of multiple dimensions of trust, machine learning techniques, and cost-benefit analysis;
whereinthe access policy agent component further employs at least one selected from the group consisting of a logical clustering of users and a statistical clustering of users, the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method facilitating information access control, comprising:
with at least one processor executing components, from memory configured for; receiving an access request for a data item from a requesting user; creating a dynamically created group of users by assigning users to the dynamically created group of users based on at least one of at least one activity to be performed by one or more members of the dynamically created group of users, at least one location of the one or more members, and availability of the one or more members, users being assigned to the dynamically created group of users based on participation in the at least one activity, association with the at least one location or the availability; and processing the data item access request via utilization of at least one access policy based, at least in part, on membership of the requesting user in the dynamically created group of users and at least one content property associated with the data item that indicates access rights for members of the dynamically created group to the data item, wherein the at least one access policy further employs at least one selected from the group consisting of a logical clustering of users and a statistical clustering of users, the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
36. A system that facilitates information access control, comprising:
-
at least one processor; memory coupled to the at least one processor; and information access control component executed by the at least one processor comprising; means for receiving an access request for a data item; means for processing the data item access request via utilization of at least one access policy stored on the memory selected from at least one;
an optimistic policy, a pessimistic policy, or a mixed-initiative policy, the access policy based, at least in part, on at least one collaborative group of users and at least one content property associated with the data item, the collaborative group of users comprising a group created via at least one selected from the group consisting of a statically created group and a dynamically created group, and the dynamically created group comprising a group created based on, at least in part, at least one selected from the group consisting of an activity associated with a user, a location associated with a user, and availability of a user, andmeans for constructing the access policy utilizing, at least in part, at least one selected from a group consisting of multiple dimensions of trust, cost-benefit analyses, and machine learning techniques, wherein the means for constructing the access policy access policy employs at least one selected from a group consisting of a logical clustering of users and a statistical clustering of users;
the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users.
-
-
37. A computer implemented system that facilitates information access control performed by at least one processor, comprising:
-
an interface adapted to communicate data access parameters to a requesting user; and at least one input associated with the interface to provide information related to accessing data via an access policy, the access policy is based, at least in part, on membership of the requesting user in a dynamically created group of users and at least one content property associated with the data item that indicates access rights for members of the dynamically created group, the at least one input identifying one or more members of the dynamically created group of users, wherein the dynamically created group of users is created by assigning each identified member to the dynamically created group of users based on; a characteristic for the dynamically created group, the characteristic comprising at least one activity to be performed by the one or more members, a location of the one or more members, and availability of the one or more members; and the identified member'"'"'s association with the at least one activity, the location and the availability, wherein the identified member'"'"'s association with the at least one activity is determined based on a current activity of the identified member, and wherein the member'"'"'s association with the location is determined based on accessibility to the identified member, at a current location of the identified member, of at least one communication means to communicate with the members of the dynamically created group of users;
whereinwhen the one or more members comprise the requesting user, the interface provides at least one output related to at least one parameter associated with the access policy that is used to convey information relating to accessing the data by the requesting user, and the access policy further employs at least one selected from the group consisting of a logical clustering of users and a statistical clustering of users, the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users. - View Dependent Claims (38, 39, 40)
-
-
41. In a computer comprising a processor and memory, a computer implemented method to facilitate information access control comprising:
executing, by the processor, computer-executable instructions stored in the memory, that, when executed, perform a method comprising; transmitting a data packet that facilitates information access control between two or more computer components, the data packet comprising, at least in part, information relating to an information access control system that utilizes, at least in part, an access control process that facilitates access requests for a data item from a requesting user via utilization of at least one access policy selected from at least one of an optimistic policy, a pessimistic policy, or a mixed-initiative policy, the access policy further based, at least in part, on membership of the requesting user in a dynamically created group of users and at least one content property associated with the data item that indicates access rights for members of the dynamically created group, the information access control system identifying one or more members of the dynamically created group of users, wherein the dynamically created group of users is created by assigning each identified member to the dynamically created group of users based on; a characteristic for the dynamically created group, the characteristic comprising at least one activity which the one or more members of the dynamically created group of users will perform in a predetermined period of time and a location of the one or more members that determines availability of the one or more members to perform the at least one activity; and the identified member'"'"'s association with the at least one activity and the location, wherein the identified member'"'"'s association with the at least one activity is determined based on a current activity of the identified member, and wherein the member'"'"'s association with the location is determined based on accessibility to the identified member, at a current location of the identified member, of at least one communication means to communicate with the members of the dynamically created group of users; wherein the at least one access policy further employs at least one selected from the group consisting of a logical clustering of users and a statistical clustering of users;
the clustering based, at least in part, on at least one information sharing profile employed by the users, the information sharing profile comprising a profile of settings disseminated among the users for at least one selected from the group consisting of utilization by the users and modification by the users.
Specification