US 12,292,987 B2
Methods and systems for purpose-based access control
Arnoud Otte, Portland, OR (US)
Assigned to CAMBIA HEALTH SOLUTIONS, INC., Portland, OR (US)
Filed by Cambia Health Solutions, Inc., Portland, OR (US)
Filed on Mar. 5, 2021, as Appl. No. 17/194,071.
Claims priority of provisional application 62/986,470, filed on Mar. 6, 2020.
Prior Publication US 2021/0279355 A1, Sep. 9, 2021
Int. Cl. G06F 21/62 (2013.01)
CPC G06F 21/6218 (2013.01) [G06F 2221/2111 (2013.01); G06F 2221/2137 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A method for determining access to an asset, comprising:
receiving, from a user and an access request application program interface (API) in an access control module that is stored in a data-holding subsystem and is executed by a logic subsystem, an access request for the asset, the access request specifying a purpose for accessing the asset;
at an access control engine in the access control module, authorizing access to the asset if the purpose is approvingly linked to the asset; and
responsive to receiving the access request, tracing paths through a plurality of constraints that are assigned to the user and to the asset;
wherein a legal instrument is configured as a policy class that includes the plurality of constraints which limit access to resources which include the asset;
wherein the plurality of constraints include a financial attribute constraint, a self constraint, a medical attribute constraint, and a minors constraint;
wherein the access control engine includes a policy information point (PIP) that stores data structures that define the policy class and the relationships between the policy class and the plurality of constraints;
wherein the access is authorized if the user has a re-identification threshold that is equal to or greater than a re-identification threshold for the purpose;
wherein the re-identification thresholds for the user and the purpose correspond to re-identification scores that are not acceptable;
wherein the re-identification score is a value that is calculated based on how likely it is that a subject can be re-identified from the asset;
wherein the purpose is assigned to a Health Insurance Portability and Accountability Act (HIPAA) containment policy class that include the plurality of constraints which limit access to resources which include the asset;
wherein a HIPAA object attribute is assigned to the HIPAA containment policy class and represents a containment instrument; and
wherein the HIPAA containment policy class is configured to restrict access to HIPAA data; and
responsive to receiving the access request, tracing paths through a plurality of constraints that are assigned to the user and to the asset based on the HIPAA containment policy class; and
responsive to the asset having a path to the HIPAA object attribute, prohibiting the user from requesting selected rights on assets that are not part of the HIPAA object attribute; and
wherein the selected rights include a create right, an update right, and a delete right.