System and method for controlling access to personal user data
First Claim
Patent Images
1. A method for controlling access of a consumer to personal data of a user, comprising:
- collecting information about the consumer of personal data, wherein the collected information comprises at least one of a plurality of elements including service usage parameters associated with the consumer, statistical data associated with the consumer, and security incidents involving the consumer;
comparing, by a hardware processor, the collected information with one or more templates to determine a risk that is associated with the consumer, wherein each template includes a set of criteria corresponding to at least two of the plurality of elements, each criterion is assigned a numeric value and a weighting factor based on the collected information, and the risk corresponds to a summation of the numeric value and weighting factor of each criterion;
setting, based on the determined risk, by the hardware processor, consumer access parameters for the consumer to access the personal data of the user;
controlling, by the hardware processor, access of the consumer to the personal data of the user based on the consumer access parameters;
automatically modifying the consumer access parameters upon detecting that the summation exceeds a selected range of a defined threshold value; and
notifying the user, without modifying the consumer access parameters, of the risk upon detecting that the summation does not exceed the selected range of the defined threshold value.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are system and methods for controlling access of a consumer to personal data of a user. An example method includes: collecting information about the consumer of personal data; comparing the collected information with one or more templates containing risk criteria to determine whether a risk is associated with the consumer; setting, based on the determined risk, consumer access parameters for access of the consumer to the personal information of the user; and controlling access of the consumer to the personal data of the user based on the set consumer access parameters.
33 Citations
20 Claims
-
1. A method for controlling access of a consumer to personal data of a user, comprising:
-
collecting information about the consumer of personal data, wherein the collected information comprises at least one of a plurality of elements including service usage parameters associated with the consumer, statistical data associated with the consumer, and security incidents involving the consumer; comparing, by a hardware processor, the collected information with one or more templates to determine a risk that is associated with the consumer, wherein each template includes a set of criteria corresponding to at least two of the plurality of elements, each criterion is assigned a numeric value and a weighting factor based on the collected information, and the risk corresponds to a summation of the numeric value and weighting factor of each criterion; setting, based on the determined risk, by the hardware processor, consumer access parameters for the consumer to access the personal data of the user; controlling, by the hardware processor, access of the consumer to the personal data of the user based on the consumer access parameters; automatically modifying the consumer access parameters upon detecting that the summation exceeds a selected range of a defined threshold value; and notifying the user, without modifying the consumer access parameters, of the risk upon detecting that the summation does not exceed the selected range of the defined threshold value. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for controlling access of a consumer to personal data of a user, comprising:
-
a collection module executable on a hardware processor and configured to; collect information about the consumer of personal data, wherein the collected information comprises at least one of a plurality of elements including service usage parameters associated with the consumer, statistical data associated with the consumer, and security incidents involving the consumer; a template storage module configured to; store a plurality of templates containing risk criteria; an analysis module executable on the hardware processor and configured to; compare the collected information with the one or more templates to determine a risk that is associated with the consumer, wherein each template includes a set of criteria corresponding to at least two of the plurality of elements, each criterion is assigned a numeric value and a weighting factor based on the collected information, and the risk corresponds to a summation of the numeric value and weighting factor of each criterion; and an access control module executable on the hardware processor and configured to; set, based on the determined risk, consumer access parameters for the consumer to access the personal data of the user; control access of the consumer to the personal data of the user based on the consumer access parameters; and automatically modify the consumer access parameters upon detecting that the summation exceeds a selected range of a defined threshold value; and notify the user, without modifying the consumer access parameters, of the risk upon detecting that the summation does not exceed the selected range of the defined threshold value. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium storing computer executable instructions for controlling access of a consumer to personal data of a user, including instructions for:
-
collecting information about the consumer of personal data, wherein the collected information comprises at least one of a plurality of elements including service usage parameters associated with the consumer, statistical data associated with the consumer, and security incidents involving the consumer; comparing, by a hardware processor, the collected information with one or more templates to determine a risk that is associated with the consumer, wherein each template includes a set of criteria corresponding to at least two of the plurality of elements, each criterion is assigned a numeric value and a weighting factor based on the collected information, and the risk corresponds to a summation of the numeric value and weighting factor of each criterion; setting, based on the determined risk, by the hardware processor, consumer access parameters for the consumer to access the personal data of the user; controlling, by the hardware processor, access of the consumer to the personal data of the user based on the consumer access parameters; automatically modifying the consumer access parameters upon detecting that the summation exceeds a selected range of a defined threshold value; and notifying the user, without modifying the consumer access parameters, of the risk upon detecting that the summation does not exceed the selected range of the defined threshold value. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification