US 9,811,683 B2
Context-based security screening for accessing data
Samuel S. Adams, Rutherfordton, NC (US); Robert R. Friedlander, Southbury, CT (US); James R. Kraemer, Santa Fe, NM (US); and Jeb R. Linton, Manassas, VA (US)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Jul. 29, 2016, as Appl. No. 15/223,296.
Application 15/223,296 is a continuation of application No. 14/526,103, filed on Oct. 28, 2014, granted, now 9,477,844.
Application 14/526,103 is a continuation of application No. 13/680,832, filed on Nov. 19, 2012, granted, now 8,931,109, issued on Jan. 6, 2015.
Prior Publication US 2016/0335449 A1, Nov. 17, 2016
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01)
CPC G06F 21/6218 (2013.01) [G06F 2221/2111 (2013.01)] 13 Claims
OG exemplary drawing
 
1. A computer system comprising:
one or more processors;
one or more computer readable memories; and
one or more non-transitory computer readable storage mediums, wherein program instructions are stored on at least one of the one or more non-transitory storage mediums for execution by at least one of the one or more processors via at least one of the one or more computer readable memories to perform a method comprising:
associating a first non-contextual data object with a first context object to define a first synthetic context-based object, wherein the first non-contextual data object describes multiple types of persons, wherein the first context object provides a context that identifies a specific type of person from the multiple types of persons, and wherein the first context object further describes a location of a computer that is being used by a requester of data as being a public Wi-Fi hot spot that provides the computer with access to a network;
associating the first synthetic context-based object with at least one specific data store in a data structure;
receiving a string of binary data that describes a request, from the requester, for data from said at least one specific data store in the data structure;
determining the context according to the physical location of the computer being used, by the requester, to send the request to a security module;
generating a new synthetic context-based object for the requester;
determining whether the new synthetic context-based object matches the first synthetic context-based object;
in response to determining that the new synthetic context-based object matches the first synthetic context-based object, locating, via the first synthetic context-based object, said at least one specific data store;
providing the requester access to said at least one specific data store;
constructing a dimensionally constrained hierarchical synthetic context-based object library for multiple synthetic context-based objects, wherein synthetic context-based objects within a same dimension of the dimensionally constrained hierarchical synthetic context-based object library share data from a same non-contextual data object, and wherein synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library contain disparate data from different context objects;
receiving the request for data from at least one data store that is associated with synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library;
receiving a time window for receiving the data from said at least one data store that is associated with synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library, wherein the time window describes an amount of time that the requester of data is willing to wait for at least one data store that is associated with synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library;
determining a security level of the requester based on the time window received from the requester, wherein a first time window that the requester to willing to wait for the at least one data store is longer than a second time window that the requester is willing to wait for the at least one data store, and wherein the first time window is indicative of a higher security level for the requester than the second time window;
matching, based on the time window for the requester, the security level of the requester to data from said at least one specific data store that is associated with synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library; and
returning, to the requester, data from said at least one specific data store that is associated with synthetic context-based objects within the same dimension of the dimensionally constrained hierarchical synthetic context-based object library and that matches the security level of the requester.