Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer-implemented method of creating or modifying a dynamic access control policy (ACP), comprising: dynamically forming by a processor a current ACP for one or more specified resources based on one or more membership rules for specifying users who can access the one or more specified resources based, at least in part, on user information collected for a plurality of users, wherein accessibility of the user information associated with each one of the plurality of users for use in forming the current ACP is configurable by the corresponding one of the plurality of users via a privacy control to indicate which user information and/or type of user information is excluded from being collected for the corresponding one of the plurality of users for use in forming the current ACP; and retaining the current ACP for the one or more specified resources, wherein the current ACP is accessibly usable so as to dynamically allow a set of users, who each have corresponding collected user information which meets the one or more membership rules of the current ACP, to access the one or more specified resources, wherein the set of users is changeable over time as different user information is collected over time.
2. The computer-implemented method of claim 1 , wherein the one or more membership rules each specify one or more of the following: a user type, a user location, or a time, and wherein the one or more membership rules specify at least one conditional operator.
3. The computer-implemented method of claim 2 , wherein the user type is specified by one or more other rules.
4. The computer-implemented method of claim 3 , wherein the user type specifies a category of social relationship with respect to the first user.
5. The computer-implemented method of claim 1 , wherein the specified resources are defined by one or more resources rules for specifying which set of resources is accessible based on the specified one or more membership rules of the current ACP, wherein the set of resources is changeable over time as different resources are created or modified over time.
6. The computer-implemented method of claim 5 , wherein the one or more resource rules each pertain to one or more of the following contexts: creation, publication, annotation, interaction, or consumption, and the one or more resource rules each specify one or more of the following: a resource type, a location, a user, or a time, and wherein the one or more resource rules specify at least one conditional operator.
7. The computer-implemented method of claim 1 , wherein the current ACP for the one or more specified resources is formed automatically based on one or more other ACP's for one or more other resources that have similar characteristics as the one or more specified resources.
8. The computer-implemented method of claim 1 , wherein a portion of the user information that is collected for the plurality of users and is deemed as unreliable is excluded from being used to form the current ACP, wherein the portion of the user information includes locations of at least a portion of the plurality of users.
9. The computer-implemented method of claim 1 , wherein at least a portion of the user information is automatically collected for the plurality of users.
10. The computer-implemented method of claim 1 , further comprising: receiving a configuration, via the privacy control, wherein the configuration indicates which user information for the corresponding one of the plurality of users is excluded from use in forming the current ACL.
11. The computer-implemented method of claim 1 , further comprising: receiving a configuration, via the privacy control, wherein the configuration indicates which type(s) of the user information for the corresponding one of the plurality of users is excluded from use in dynamic ACL formation techniques.
12. The computer-implemented method of claim 11 , wherein the type(s) comprise one or more of a plurality of types of user information, wherein the plurality of types of user information comprise presence information indicating a current location of the corresponding one of the plurality of users.
13. The computer-implemented method of claim 1 , further comprising: receiving a configuration from one of the plurality of users via the privacy control to indicate whether a location of the one of the plurality of users is excluded from being used in forming the current ACP.
14. The computer-implemented method of claim 1 , further comprising: receiving a configuration from one of the plurality of users via the privacy control to indicate whether communication data is excluded from being used in forming the current ACP, the communication data being associated with a communication session between two or more users.
15. An apparatus comprising at least a processor and a memory, wherein the processor and/or memory are configured to perform the following operations: dynamically forming a current access control policy (ACP) for one or more specified resources based on one or more membership rules for specifying users who can access the one or more specified resources based, at least in part, upon on user information collected for a plurality of users, wherein accessibility of the user information associated with each one of the plurality of users for use in forming the current ACP is configurable by the corresponding one of the plurality of users via a privacy control to indicate which user information and/or type of user information is excluded from being collected for the corresponding one of the plurality of users for use in forming the current ACP; and retaining the current ACP for the one or more specified resources, wherein the current ACP is accessibly usable so as to dynamically allow a set of users, who each have corresponding collected user information which meets the one or more membership rules of the current ACP, to access the one or more specified resources, wherein the set of users is changeable over time as different user information is collected over time.
16. The apparatus of claim 15 , wherein the one or more membership rules each specify one or more of the following: a user type, a user location, or a time, and wherein the one or more membership rules specify at least one conditional operator.
17. The apparatus of claim 16 , wherein the user type is specified by one or more other rules.
18. The apparatus of claim 17 , wherein the user type specifies a category of social relationship with respect to the first user.
19. The apparatus of claim 15 , wherein the specified resources are defined by one or more resources rules for specifying which set of resources is accessible based on the specified one or more membership rules of the current ACP, wherein the set of resources is changeable over time as different resources are created or modified over time.
20. The apparatus of claim 19 , wherein the one or more resource rules each pertain to one or more of the following contexts: creation, publication, annotation, interaction, or consumption, and the one or more resource rules each specify one or more of the following: a resource type, a location, a user, or a time, and wherein the one or more resource rules specify at least one conditional operator.
21. The apparatus of claim 15 , wherein the current ACP for the one or more specified resources is formed automatically based on one or more other ACP's for one or more other resources that have similar characteristics as the one or more specified resources.
22. At least one non-transitory computer readable storage medium having computer program instructions stored thereon that are arranged to perform operations, comprising: dynamically forming a current access control policy (ACP) for one or more specified resources based on one or more membership rules for specifying users who can access the one or more specified resources based, at least in part, upon on user information collected for a plurality of users, wherein accessibility of the user information associated with each one of the plurality of users for use in forming the current ACP is configurable by the corresponding one of the plurality of users via a privacy control to indicate which user information and/or type of user information is excluded from being collected for the corresponding one of the plurality of users for use in forming the current ACP; and retaining the current ACP for the one or more specified resources, wherein the current ACP is accessibly usable so as to dynamically allow a set of users, who each have corresponding collected user information which meets the one or more membership rules of the current ACP, to access the one or more specified resources, wherein the set of users is changeable over time as different user information is collected over time.
23. The least one non-transitory computer readable storage medium of claim 22 , wherein the one or more membership rules each specify one or more of the following: a user type, a user location, or a time, and wherein the one or more membership rules specify at least one conditional operator.
24. The least one non-transitory computer readable storage medium of claim 23 , wherein the user type is specified by one or more other rules.
25. The least one non-transitory computer readable storage medium of claim 24 , wherein the user type specifies a category of social relationship with respect to the first user.
26. The least one non-transitory computer readable storage medium of claim 22 , wherein the specified resources are defined by one or more resources rules for specifying which set of resources is accessible based on the specified one or more membership rules of the current ACP, wherein the set of resources is changeable over time as different resources are created or modified over time.
27. The least one non-transitory computer readable storage medium of claim 26 , wherein the one or more resource rules each pertain to one or more of the following contexts: creation, publication, annotation, interaction, or consumption, and the one or more resource rules each specify one or more of the following: a resource type, a location, a user, or a time, and wherein the one or more resource rules specify at least one conditional operator.
28. The least one non-transitory computer readable storage medium of claim 22 , wherein the current ACP for the one or more specified resources is formed automatically based on one or more other ACP's for one or more other resources that have similar characteristics as the one or more specified resources.
29. The at least one non-transitory computer-readable storage medium of claim 22 , the computer program instructions stored thereon being arranged to perform operations, further comprising: receiving a configuration from one of the plurality of users, the configuration indicating whether a location of the one of the plurality of users is excluded from being used in forming the current ACP.
30. The at least one non-transitory computer-readable storage medium of claim 22 , the computer program instructions stored thereon being arranged to perform operations, further comprising: receiving a configuration from one of the plurality of users, the configuration indicating whether communication data for the one of the plurality of users is excluded from being used in forming the current ACP.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.