US2016110539A1PendingUtilityA1

Monitoring access to a location

48
Assignee: HONEYWELL INT INCPriority: Jun 22, 2011Filed: Dec 22, 2015Published: Apr 21, 2016
Est. expiryJun 22, 2031(~4.9 yrs left)· nominal 20-yr term from priority
G07C 2209/08G08B 31/00G06F 21/45G06F 9/542G07C 9/00
48
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Devices, methods, and systems for monitoring access to a location are described herein. One or more method embodiments include determining data associated with an access event associated with a location, determining whether the access event is an anomalous access event using the data associated with the access event and a statistical model of data associated with a number of non-anomalous access events associated with the location, and assessing, if the access event is determined to be an anomalous access event, the anomalous access event. In various embodiments, assessing the anomalous access event includes at least one of determining an anomaly type associated with the anomalous access event, determining an anomaly classification confidence associated with the anomalous access event, determining an anomaly severity associated with the anomalous access event, and determining a reliability associated with the statistical model.

Claims

exact text as granted — not AI-modified
What is claimed: 
     
         1 . A computing device for monitoring access to a location, comprising:
 a memory; and   a processor configured to execute executable instructions stored in the memory to:
 assess an anomalous access event associated with a location, wherein the assessment includes determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated; 
 change a pre-existing access policy for the location if the value of the anomaly severity meets or exceeds a pre-defined threshold; and 
 prevent a subsequent access event to the location from occurring based on the changed access policy for the location. 
   
     
     
         2 . The computing device of  claim 1 , wherein the assessment includes determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with a determination that the access event is an anomalous access event. 
     
     
         3 . The computing device of  claim 1 , wherein the assessment includes determining an anomaly type associated with the anomalous access event. 
     
     
         4 . The computing device of  claim 1 , wherein the processor is configured to execute the instructions to assess the anomalous access event to determine whether the anomalous access event represents a security threat to the location. 
     
     
         5 . The computing device of  claim 1 , wherein the anomaly severity is based on:
 a level of security associated with the location;   a level of security associated with an individual accessing the location during the anomalous access event; and   a level of security associated with a time of the anomalous access event.   
     
     
         6 . The computing device of  claim 1 , wherein the anomaly severity represents an amount of seriousness with which the anomalous access event should be treated. 
     
     
         7 . The computing device of  claim 1 , wherein the assessment includes determining the anomaly severity based on what part of the location is being accessed during the anomalous access event. 
     
     
         8 . The computing device of  claim 1 , wherein the computing device includes a user interface configured to provide the anomaly severity to a user of the computing device. 
     
     
         9 . A computer implemented method for monitoring access to a location, comprising:
 determining whether an access event associated with a location is an anomalous access event;   assessing the anomalous access event upon determining the access event is an anomalous access event, wherein assessing the anomalous access event includes determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with the determination that the access event is an anomalous access event;   changing a pre-existing access policy for the location if the value of the anomaly classification confidence meets or exceeds a pre-defined threshold; and   preventing a subsequent access event to the location from occurring based on the changed access policy for the location.   
     
     
         10 . The method of  claim 9 , wherein assessing the anomalous access event includes determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated. 
     
     
         11 . The method of  claim 9 , wherein assessing the anomalous access event includes determining whether the anomalous access event belongs to a pattern of anomalous access events. 
     
     
         12 . The method of  claim 9 , wherein assessing the anomalous access event includes determining whether the anomalous access event corresponds to an anomalous access event that occurs frequently. 
     
     
         13 . The method of  claim 9 , wherein the anomaly classification confidence represents a confidence associated with the determination that the access event is an anomalous access event. 
     
     
         14 . The method of  claim 9 , wherein the method includes automatically assessing the anomalous access event upon determining the access event is an anomalous access event. 
     
     
         15 . The method of  claim 9 , wherein the method includes providing the anomaly classification confidence to a user. 
     
     
         16 . A non-transitory computer readable medium having computer readable instructions stored thereon that are executable by a processor to:
 assess an anomalous access event associated with a location, wherein the assessment includes:
 determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated; and 
 determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with the determination that the access event is an anomalous access event; 
   change a pre-existing access policy for the location if the value of the anomaly severity meets or exceeds a pre-defined threshold or if the value of the anomaly classification confidence meets or exceeds a pre-defined threshold; and   prevent a subsequent access event to the location from occurring based on the changed access policy for the location.   
     
     
         17 . The computer readable medium of  claim 16 , wherein the instructions are executable to determine whether the access event is an anomalous access event prior to the assessment of the anomalous access event. 
     
     
         18 . The computer readable medium of  claim 16 , wherein:
 the value of the anomaly severity is a single value; and   the value of the anomaly classification confidence is a single value.   
     
     
         19 . The computer readable medium of  claim 16 , wherein the change in the pre-existing access policy for the location includes a change in who is authorized to access the location. 
     
     
         20 . The computer readable medium of  claim 16 , wherein the change in the pre-existing access policy for the location includes:
 a change in time when access to the location is authorized; and   a change in duration for which access to the location is authorized.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.