Monitoring access to a location
Abstract
Devices, methods, and systems for monitoring access to a location are described herein. One or more method embodiments include determining data associated with an access event associated with a location, determining whether the access event is an anomalous access event using the data associated with the access event and a statistical model of data associated with a number of non-anomalous access events associated with the location, and assessing, if the access event is determined to be an anomalous access event, the anomalous access event. In various embodiments, assessing the anomalous access event includes at least one of determining an anomaly type associated with the anomalous access event, determining an anomaly classification confidence associated with the anomalous access event, determining an anomaly severity associated with the anomalous access event, and determining a reliability associated with the statistical model.
Claims
exact text as granted — not AI-modifiedWhat is claimed:
1 . A computing device for monitoring access to a location, comprising:
a memory; and a processor configured to execute executable instructions stored in the memory to:
assess an anomalous access event associated with a location, wherein the assessment includes determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated;
change a pre-existing access policy for the location if the value of the anomaly severity meets or exceeds a pre-defined threshold; and
prevent a subsequent access event to the location from occurring based on the changed access policy for the location.
2 . The computing device of claim 1 , wherein the assessment includes determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with a determination that the access event is an anomalous access event.
3 . The computing device of claim 1 , wherein the assessment includes determining an anomaly type associated with the anomalous access event.
4 . The computing device of claim 1 , wherein the processor is configured to execute the instructions to assess the anomalous access event to determine whether the anomalous access event represents a security threat to the location.
5 . The computing device of claim 1 , wherein the anomaly severity is based on:
a level of security associated with the location; a level of security associated with an individual accessing the location during the anomalous access event; and a level of security associated with a time of the anomalous access event.
6 . The computing device of claim 1 , wherein the anomaly severity represents an amount of seriousness with which the anomalous access event should be treated.
7 . The computing device of claim 1 , wherein the assessment includes determining the anomaly severity based on what part of the location is being accessed during the anomalous access event.
8 . The computing device of claim 1 , wherein the computing device includes a user interface configured to provide the anomaly severity to a user of the computing device.
9 . A computer implemented method for monitoring access to a location, comprising:
determining whether an access event associated with a location is an anomalous access event; assessing the anomalous access event upon determining the access event is an anomalous access event, wherein assessing the anomalous access event includes determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with the determination that the access event is an anomalous access event; changing a pre-existing access policy for the location if the value of the anomaly classification confidence meets or exceeds a pre-defined threshold; and preventing a subsequent access event to the location from occurring based on the changed access policy for the location.
10 . The method of claim 9 , wherein assessing the anomalous access event includes determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated.
11 . The method of claim 9 , wherein assessing the anomalous access event includes determining whether the anomalous access event belongs to a pattern of anomalous access events.
12 . The method of claim 9 , wherein assessing the anomalous access event includes determining whether the anomalous access event corresponds to an anomalous access event that occurs frequently.
13 . The method of claim 9 , wherein the anomaly classification confidence represents a confidence associated with the determination that the access event is an anomalous access event.
14 . The method of claim 9 , wherein the method includes automatically assessing the anomalous access event upon determining the access event is an anomalous access event.
15 . The method of claim 9 , wherein the method includes providing the anomaly classification confidence to a user.
16 . A non-transitory computer readable medium having computer readable instructions stored thereon that are executable by a processor to:
assess an anomalous access event associated with a location, wherein the assessment includes:
determining an anomaly severity associated with the anomalous access event, wherein the anomaly severity includes a value having one or more numbers or letters therein, the value representing an amount of seriousness with which the anomalous access event should be treated; and
determining an anomaly classification confidence associated with the anomalous access event, wherein the anomaly classification confidence includes a value having one or more numbers or letters therein, the value representing a confidence level associated with the determination that the access event is an anomalous access event;
change a pre-existing access policy for the location if the value of the anomaly severity meets or exceeds a pre-defined threshold or if the value of the anomaly classification confidence meets or exceeds a pre-defined threshold; and prevent a subsequent access event to the location from occurring based on the changed access policy for the location.
17 . The computer readable medium of claim 16 , wherein the instructions are executable to determine whether the access event is an anomalous access event prior to the assessment of the anomalous access event.
18 . The computer readable medium of claim 16 , wherein:
the value of the anomaly severity is a single value; and the value of the anomaly classification confidence is a single value.
19 . The computer readable medium of claim 16 , wherein the change in the pre-existing access policy for the location includes a change in who is authorized to access the location.
20 . The computer readable medium of claim 16 , wherein the change in the pre-existing access policy for the location includes:
a change in time when access to the location is authorized; and a change in duration for which access to the location is authorized.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.