World-driven access control
First Claim
Patent Images
1. A method, implemented by one or more computing devices, the method comprising:
- receiving sensed information that represents a plurality of features in an environment;
associating the sensed information with one or more final policies to provide final policy information, the final policy information pertaining to at least one object in the environment and being specified, at least in part, by the environment;
identifying permissions which apply to one or more applications, based at least on the final policy information, to collectively provide permission information; and
governing behavior of said one or more applications based at least on the permission information,wherein said governing comprises;
providing a filtered event, the filtered event expressing information obtained from the environment which has been filtered to reduce a presence of private information; and
sending the filtered event to an individual application, andwherein the filtered event is produced by redacting parts of the information obtained from the environment.
2 Assignments
0 Petitions
Accused Products
Abstract
Functionality is described herein for managing the behavior of one or more applications, such as augmented reality applications and/or other environment-sensing applications. The functionality defines permission information in a world-driven manner, which means that the functionality uses a trusted mechanism to identify cues in the sensed environment, and then maps those cues to permission information. The functionality then uses the permission information to govern the operation of one or more applications.
-
Citations
20 Claims
-
1. A method, implemented by one or more computing devices, the method comprising:
-
receiving sensed information that represents a plurality of features in an environment; associating the sensed information with one or more final policies to provide final policy information, the final policy information pertaining to at least one object in the environment and being specified, at least in part, by the environment; identifying permissions which apply to one or more applications, based at least on the final policy information, to collectively provide permission information; and governing behavior of said one or more applications based at least on the permission information, wherein said governing comprises; providing a filtered event, the filtered event expressing information obtained from the environment which has been filtered to reduce a presence of private information; and sending the filtered event to an individual application, and wherein the filtered event is produced by redacting parts of the information obtained from the environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-implemented system comprising:
-
one or more processing devices; and one or more computer readable storage media storing instructions which, when executed by the one or more processing devices, cause the one or more processing devices to; map sensed information, obtained by sensing an environment, into one or more candidate policies to provide candidate policy information, the candidate policy information applying to recognized objects in the environment, wherein the recognized objects include a first recognized object and a second recognized object that appear concurrently in the sensed environment; determine a first final policy for the first recognized object and a second final policy for the second recognized object based at least on the candidate policy information; identify first permissions which apply to a first application with respect to the first recognized object based at least on the first final policy; identify second permissions which apply to a second application with respect to the second recognized object based at least on the second final policy; and filter the first recognized object to remove first private information based at least on the first permissions and filter the second recognized object to remove second private information based at least on the second permissions. - View Dependent Claims (19)
-
-
20. A computing system comprising:
-
a plurality of applications; one or more environment sensing mechanisms configured to sense an environment and to obtain raw perceptual features that characterize the sensed environment; one or more processing devices; and one or more computer readable storage media storing instructions which, when executed by the one or more processing devices, cause the one or more processing devices to; receive subscription requests from individual applications to receive events characterizing the sensed environment; process the raw perceptual features to identify different recognized objects present in the sensed environment and to obtain the events characterizing the sensed environment; identify different policies associated with the different recognized objects, the different policies having different permissions for different applications; filter the events consistently with the different permissions to remove private information while the one or more environment sensing mechanisms continue to sense the environment; and forward the filtered events to the different applications.
-
Specification