公开(公告)号：US20130232582A1

公开(公告)日：2013-09-05

申请号：US13593331

申请日：2012-08-23

申请人： Hongxia JIN ,  Qihua WANG

发明人： Hongxia JIN ,  Qihua WANG

IPC分类号： G06F21/62

CPC分类号： G06F21/62 ,  G06F21/6245

摘要： Access control can include retrieving a list of accesses to data by a plurality of users for a certain purpose during a specified period of time. The access patterns are derived based on said accesses and the derived access patterns are stored. A risk score is computed, for each of the plurality of users based on each of the plurality of users' need to access the data for said certain purpose, and the risk scores are stored. An aggregated total risk score for each of the plurality of users is created based on each respective user's computed risk score in a specified number of recent periods of time. A risk tolerance threshold is determined based on the aggregated total risk score for each of the plurality of users.

摘要翻译： 访问控制可以包括在特定时间段内为特定目的检索由多个用户访问数据的列表。 基于所述访问导出访问模式，并且存储导出的访问模式。 基于多个用户中的每一个需要访问用于该特定目的的数据，计算出每个用户的风险分数，并存储风险分数。 基于每个相应用户在指定数量的最近一段时间内的计算的风险评分来创建多个用户中的每一个的总计总风险分数。 基于多个用户中的每一个的总计总风险评分来确定风险容忍阈值。

公开(公告)号：US20130018921A1

公开(公告)日：2013-01-17

申请号：US13182317

申请日：2011-07-13

申请人： Hongxia JIN ,  Qihua WANG

发明人： Hongxia JIN ,  Qihua WANG

IPC分类号： G06F7/00 ,  G06F17/00

CPC分类号： G06F21/62 ,  G06F21/6245

摘要： Embodiments of the invention related to access control to sensitive data records, and in particular need-to-know information access using quantified risk. In one aspect of the invention access control includes retrieving a list of accesses to data by a plurality of users for a certain purpose during a specified period of time. The access patterns are derived based on said accesses and the derived access patterns are stored. A risk score is computed, for each of the plurality of users based on each of the plurality of users' need to access the data for said certain purpose, and the risk scores are stored. An aggregated total risk score for each of the plurality of users is created based on each respective user's computed risk score in a specified number of recent periods of time. A risk tolerance threshold is determined based on the aggregated total risk score for each of the plurality of users. A warning is issued if the aggregated total risk score for any of the plurality of users exceeds a risk-tolerance threshold.

摘要翻译： 本发明的实施例涉及对敏感数据记录的访问控制，特别是使用量化风险的需要知道的信息访问。 在本发明的一个方面中，访问控制包括在指定的时间段内为特定目的检索由多个用户访问数据的列表。 基于所述访问导出访问模式，并且存储导出的访问模式。 基于多个用户中的每一个需要访问用于该特定目的的数据，计算出每个用户的风险分数，并存储风险分数。 基于每个相应用户在指定数量的最近一段时间内的计算的风险评分来创建多个用户中的每一个的总计总风险分数。 基于多个用户中的每一个的总计总风险评分来确定风险容忍阈值。 如果多个用户中的任一个的总计总风险分数超过风险容忍阈值，则发出警告。

公开(公告)号：US20120016875A1

公开(公告)日：2012-01-19

申请号：US12838082

申请日：2010-07-16

申请人： Hongxia JIN ,  Qihua Wang

发明人： Hongxia JIN ,  Qihua Wang

IPC分类号： G06F17/30

CPC分类号： G06F17/30867

摘要： Embodiments relate personalized data searches utilizing social activities. In one embodiment, a search query is received from a user. A set of search results that satisfy the search query is received from a search engine. A user interest profile associated with the user is identified. The user interest profile includes information associated with a set of activities performed by the user on one or more social systems. A ranking score is assigned to each result in at least a subset of search results in the set of search results based at least on the user interest profile. The subset of search results are sorted based on the score that has assigned to each result in the subset of results. The subset of search results that has been sorted is sent to the user.

摘要翻译： 实施例涉及使用社会活动的个性化数据搜索。 在一个实施例中，从用户接收到搜索查询。 从搜索引擎收到满足搜索查询的一组搜索结果。 识别与用户相关联的用户兴趣简档。 用户兴趣简档包括与一个或多个社会系统上的用户执行的一组活动相关联的信息。 至少基于用户兴趣简档，在搜索结果集中的搜索结果的至少一个子集中为每个结果分配排名得分。 搜索结果的子集根据分配给结果子集中每个结果的分数进行排序。 已排序的搜索结果的子集发送给用户。