Systems and methods for content-aware access control

摘要

A computer-implemented method for content-aware access control is described. An access control action is obtained. The access control action identifying content and one or more users. A sensitivity classification is determined for the content. A sensitivity rating is determined for the one or more users. A determination is made as to whether the sensitivity classification and the sensitivity rating satisfy a policy. Upon determining that the policy is not satisfied, a policy restriction is enforced.

主权项

1. A computer-implemented method for content-aware access control, comprising:
intercepting, by a processor, access control traffic and data traffic that are being communicated to a content sharing service; inspecting, by the processor, the access control traffic to obtain an access control action, the access control action identifying content and one or more users; inspecting, by the processor, the data traffic to generate a database of sensitivity classifications; determining, by the processor, a first sensitivity classification for the content from the database of sensitivity classifications; determining, by the processor, a sensitivity rating for the one or more users; determining, by the processor, whether the first sensitivity classification and the sensitivity rating satisfy a policy; and upon determining that the policy is not satisfied, enforcing a policy restriction.