Method and apparatus for policy adaption based on application policy compliance analysis

US 9,378,390 B2
Filed: 03/30/2012
Issued: 06/28/2016
Est. Priority Date: 03/30/2012
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

processing of data comprising one or more policy compliance logs associated with at least one application to determine one or more policy compliance profiles associated with the at least one application, the one or more policy compliance profiles associated with initial policies controlling access of the at least one application to a user device resource, the one or more policy compliance logs comprising a record of non-compliance with the initial policies;

determining one or more contexts under which the at least one application is currently operating;

causing, at least in part, an associating of the one or more policy compliance profiles with the one or more contexts;

processing of user contextual information, user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more adaptions to one or more initial policies associated with the at least one application;

processing of one or more predetermined thresholds with respect to one or more violations satisfying a particular contextual parameter, to determine that the one or more predetermined thresholds has been reached, wherein when the one or more predetermined thresholds has been reached,generating a report, including entries indicating the one or more violations of the particular contextual parameter, as an alert to signify non-compliance with the initial policies; and

causing, at least in part, an application of the one or more adaptions to the one or more initial policies to create one or more modified policies as the user contextual information and the user application use information are determined, the one or more adaptions caused to be applied only in response to a user input to the user device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for policy adaption based on application policy compliance analysis. The compliance platform processes and/or facilitates a processing of one or more policy compliance logs associated with at least one application to determine one or more policy compliance profiles associated with the at least one application. The compliance platform determines one or more contexts under which the at least one application operates. The compliance platform causes, at least in part, an association of the one or more policy compliance profiles with the one or more contexts. The compliance platform then processes and/or facilitates a processing of user contextual information, user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more adaptions to one or more policies associated with the at least one application.

7 Citations

View as Search Results

18 Claims

1. A computer implemented method comprising:
- processing of data comprising one or more policy compliance logs associated with at least one application to determine one or more policy compliance profiles associated with the at least one application, the one or more policy compliance profiles associated with initial policies controlling access of the at least one application to a user device resource, the one or more policy compliance logs comprising a record of non-compliance with the initial policies;
  
  determining one or more contexts under which the at least one application is currently operating;
  
  causing, at least in part, an associating of the one or more policy compliance profiles with the one or more contexts;
  
  processing of user contextual information, user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more adaptions to one or more initial policies associated with the at least one application;
  
  processing of one or more predetermined thresholds with respect to one or more violations satisfying a particular contextual parameter, to determine that the one or more predetermined thresholds has been reached, wherein when the one or more predetermined thresholds has been reached,generating a report, including entries indicating the one or more violations of the particular contextual parameter, as an alert to signify non-compliance with the initial policies; and
  
  causing, at least in part, an application of the one or more adaptions to the one or more initial policies to create one or more modified policies as the user contextual information and the user application use information are determined, the one or more adaptions caused to be applied only in response to a user input to the user device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method of claim 1, further comprising:
    - causing, at least in part, a specification of the one or more initial policies as one or more restrictive policies; and
      
      determining the one or more adaptations for causing, at least in part, a relaxing of the one or more restrictive policies.
  - 3. A method of claim 1, further comprising:
    - causing, at least in part, a specification of the one or more initial policies as one or more relaxed policies; and
      
      determining the one or more adaptations for causing, at least in part, a restricting of the one or more relaxed policies.
  - 4. A method of claim 1, further comprising:
    - determining the user contextual information, the user application use information, or a combination thereof in real-time.
  - 5. A method of claim 1, further comprising:
    - causing, at least in part, a presentation of the one or more adaptions to the user as one or more recommendations; and
      
      determining the user input for selecting the one or more adaptations based, at least in part, on the presentation,wherein the one or more recommendations are, at least in part, suggestions to adjust the one or more initial policies based, at least in part, on the policy compliance profiles, the user profile, the user contextual information, or a combination thereof.
  - 6. A method of claim 1, further comprising:
    - determining one or more context features, one or more user profiles, or a combination thereof from the user contextual information, the user application use information, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more context features, the one or more user profile, or a combination thereof.
  - 7. A method of claim 1, further comprising:
    - processing and/or facilitating a processing of the user contextual information, the user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more anomalies, one or more exceptions, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more anomalies, the one or more exceptions, or a combination thereof.
  - 8. A method of claim 1, wherein the one or more policy compliance profiles include, at least in part, one or more access frequencies, one or more access time intervals, one or more access data object levels, one or more access data context categories, or a combination thereof.
  - 9. A method of claim 1, wherein the one or more initial policies include, at least in part, one or more privacy policies, one or more security policies, one or more performance policies, or a combination thereof.

10. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following;
  
  process and/or facilitate a processing of one or more policy compliance logs associated with at least one application to determine one or more policy compliance profiles associated with the at least one application, the one or more policy compliance profiles associated with initial policies controlling access of the at least one application to a user device resource, the one or more policy compliance logs comprising a record of non-compliance with the initial policies;
  
  determine one or more contexts under which the at least one application is currently operating;
  
  cause, at least in part, an association of the one or more policy compliance profiles with the one or more contexts;
  
  process and/or facilitate a processing of user contextual information, user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more adaptions to one or more policies associated with the at least one application;
  
  process and/or facilitate a processing of one or more predetermined thresholds with respect to one or more violations satisfying a particular contextual parameter, to determine that the one or more predetermined thresholds has been reached, wherein when the one or more predetermined thresholds has been reached,generate a report, including entries indicating the one or more violations of the particular contextual parameter, as an alert to signify non-compliance with the initial policies; and
  
  cause, at least in part, an application of the one or more adaptions to the one or more initial policies to create one or more modified policies as the user contextual information and the user application use information are determined, the one or more adaptions caused to be applied only in response to a user input to the user device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. An apparatus of claim 10, wherein the apparatus is further caused to:
    - cause, at least in part, a specification of the one or more initial policies as one or more restrictive policies; and
      
      determine the one or more adaptations for causing, at least in part, a relaxing of the one or more restrictive policies.
  - 12. An apparatus of claim 10, wherein the apparatus is further caused to:
    - cause, at least in part, a specification of the one or more initial policies as one or more relaxed policies; and
      
      determine the one or more adaptations for causing, at least in part, a restricting of the one or more relaxed policies.
  - 13. An apparatus of claim 10, wherein the apparatus is further caused to:
    - determine the user contextual information, the user application use information, or a combination thereof in real-time.
  - 14. An apparatus of claim 10, wherein the apparatus is further caused to:
    - cause, at least in part, a presentation of the one or more adaptions to the user as one or more recommendations;
      
      determine the user input for selecting the one or more adaptations based, at least in part, on the presentation; and
      
      cause, at least in part, an application of the one or more adaptations to the one or more policies based, at least in part, on the one or more policies,wherein the one or more recommendations are, at least in part, suggestions to adjust the one or more initial policies based, at least in part, on the policy compliance profiles, the user profile, the user contextual information, or a combination thereof.
  - 15. An apparatus of claim 10, wherein the apparatus is further caused to:
    - determine one or more context features, one or more user profiles, or a combination thereoffrom the user contextual information, the user application use information, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more context features, the one or more user profile, or a combination thereof.
  - 16. An apparatus of claim 10, wherein the apparatus is further caused to:
    - process and/or facilitate a processing of the user contextual information, the user application use information, or a combination thereof against the association, the one or more policy compliance profiles, the one or more contexts, or a combination thereof to determine one or more anomalies, one or more exceptions, or a combination thereof,wherein the determining of the one or more adaptations is based, at least in part, on the one or more anomalies, the one or more exceptions, or a combination thereof.
  - 17. An apparatus of claim 10, wherein the one or more policy compliance profiles include, at least in part, one or more access frequencies, one or more access time intervals, one or more access data object levels, one or more access data context categories, or a combination thereof.
  - 18. An apparatus of claim 10, wherein the one or more initial policies include, at least in part, one or more privacy policies, one or more security policies, one or more performance policies, or a combination thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
Nefedov, Nikolai, Biswas, Debmalya
Primary Examiner(s)
Kim, Jung
Assistant Examiner(s)
Stoica, Adrian

Application Number

US13/435,437
Publication Number

US 20130263206A1
Time in Patent Office

1,551 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

Method and apparatus for policy adaption based on application policy compliance analysis

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for policy adaption based on application policy compliance analysis

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links