David ChallonerFollow


A technique is proposed for signaling when a request path leaves the permissible regions by considering the entire request path as an authorization signal. A data access controller, after receiving a data access request, can determine whether the requested data is subject to regional limitations. If the data is subject to such limitations, the data access controller determines whether each device of the request path is within permissible regions of applicable data controls. The data access controller can also use a device inventory database to apply additional controls based on the characteristics of devices in the request path. If a device in the path is outside of the permitted regions, the data access controller can signal to a user of the computing system that the request is not compliant with the data controls. This increases the accuracy of detecting when data access requests would cause regulated data to be transmitted/accessed outside the permissible regions.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.