An Information Visualization Software System to Manage
Resource Access Control Policies
Jaime Montemayor, InventorThomas Llanso, Inventor
Problem Background• Complex digital Access Control policies/ rules
can be difficult to author, analyze, update, approve, and reverse-engineer.– Access can be a function of many factors
– Visualization techniques can help manage complex
rule sets
• Security clearance• Physical location• Type of workstation• Type of user login
• Role / Group• Time of day• Operational Need• Security Risk
Access Visualization Tool (“Ruba”)
• Visualize policies from many angles
• Reveal hidden relationships, interactions
• Useful for experts and non-experts alike
Technical Applicability
• Useful anywhere control access required– Networks, virtual networks– Web sites, portals, web services, messaging– Databases, directories, other repositories
• Useful to different stakeholders– Network, repository, mission owners– System support personnel– System Certifiers– System and Network Accreditors
Commercial Applicability
• Relevant across many industries– Government / Military– Medical– Financial– Legal– Entertainment
• Can play a role in meeting the spirit of security-related legislation– HIPAA– Graham Leach Bliley Act
Commercial Opportunities• For technical information contact:
Jaime Montemayor, [email protected]
Thomas Llanso, [email protected]
• For licensing information contact:
Norma Lee Todd, Technology ManagerOffice of Technology TransferThe Johns Hopkins UniversityApplied Physics Laboratory11100 Johns Hopkins RoadLaurel, MD [email protected]/ott