| CPC G06F 21/6245 (2013.01) [G06N 5/022 (2013.01)] | 9 Claims |
|
1. A method for dynamically restricting access to data stored within a data repository, the method comprising:
defining risk thresholds for predetermined data access patterns of the data repository using a personal data protection system;
monitoring, using the personal data protection system, new data access patterns of the data repository to build a security data profile based on quantifiable characteristics as risk factors, where data access patterns include at least one request for data within a data repository and identification of data requested by the request for data, and where the quantifiable characteristics include:
security classification of requested data;
governance compliance and regulation violations;
identification of tools used for the request for data;
geographic location of origin of the request for data;
receiving a second request for data from a client device at the data repository;
determining if any access control policies applies to the second request for data using the personal data protection system;
generating a risk score for the second request for data based on the security data profile using the personal data protection system;
determining whether to grant access to the second request for data based upon at least one applicable access control policy and the risk score using the personal data protection system;
providing, by the data repository, the requested data in response to the second request for data when access is determined to be granted; and
blocking the client device from accessing the requested data when access is determined to not be granted.
|