ROLE ACCESS TO INFORMATION ASSETS BASED ON RISK MODEL

摘要

The program controls access to data objects stored on a tangible device of a computer system within an enterprise. A user request to access a data object identifies a user role by looking up the user identification in an enterprise directory. The program determines whether the role of the user is permitted access to a system and also determines a risk score representing a risk of dissemination of the requested data object. The program compares the risk score of the requested data object to a pre-configured threshold value of the requested data object and controls access to the requested data object, based on the role of the user, and the risk score associated with the risk of disseminating the requested data object.