Patent · US Active

Risk adaptive information flow based access control

US8650623B2 · kind B2 · utility

0Cited by

1References

35Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Pau-Chen Cheng · Yorktown Heights, US
Pankaj Rohatgi · Hartsdale, US
Claudia Keser · Shrub Oak, US
Josyula R. Rao · Briarcliff Manor, US

Key dates

Filing date	Jan 17, 2007
Grant date	Feb 11, 2014
Priority date	—
Expiry date	Mar 5, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06Q30/0601
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Systems and methods are provided to manage risk associated with access to information within a given organization. The overall risk tolerance for the organization is determined and allocated among a plurality of subjects within the organization. Allocation is accomplished using either a centralized, request/response or free market mechanism. As requested from subjects within the organization for access to objects, i.e. information and data, are received, the amount of risk or risk level associated with each requested is quantified. Risk quantification can be accomplished using, for example, fuzzy multi-level security. The quantified risk associated with the access request in combination with the identity of the object and the identity of the subject are used to determine whether or not the request should be granted, denied or granted with appropriated mitigation measures.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.