Search

US-20260127308-A1 - A SYSTEM THAT MANAGES ACCOUNTS BASED ON ACCESS POLICIES ESTABLISHED THROUGH ONTOLOGY NEURAL NETWORKS

US20260127308A1US 20260127308 A1US20260127308 A1US 20260127308A1US-20260127308-A1

Abstract

The computing device-implemented system for managing enterprise account access based on policies established through an ontology artificial intelligence algorithm, implemented by a computing device including one or more processors and one or more memories storing instructions. The system comprises a Work Attribute Information Analysis Unit configured to analyze enterprise work attribute information using the stored ontology AI algorithm when an access policy update is initiated. An Access Policy Establishment Unit utilizes these analysis results to update the existing access policy, thereby establishing a precise new access policy for managed resource information. An Account Access Management Unit enforces this new policy by analyzing an accessing member account's attributes against the new policy to determine whether to permit or deny access to specific resource information. This approach ensures dynamically established, context-aware access control tailored to evolving enterprise work attributes.

Inventors

  • Ja Il KOO, II

Assignees

  • SGA SOLUTIONS CO.,LTD.

Dates

Publication Date
20260507
Application Date
20251029
Priority Date
20241105

Claims (8)

  1. 1 . A system for managing accounts based on access policies established through an ontology artificial intelligence algorithm, the system being implemented by a computing device including one or more processors and one or more memories storing instructions executable by the processors, the system comprising: a work attribute information analysis unit configured to, when an update process for updating enterprise access policies is initiated through a plurality of pieces of work attribute information stored in a work database managed by an enterprise, analyze the plurality of pieces of work attribute information using a stored ontology artificial intelligence algorithm; an access policy establishment unit configured to, upon completion of functions of the work attribute information analysis unit, update an existing access policy for resource information managed by the enterprise based on results of analyzing the plurality of pieces of work attribute information using the stored ontology artificial intelligence algorithm to establish a new access policy; and an account access management unit configured to, when, in a state where the new access policy has been established, a first member account that accesses first resource information among a plurality of pieces of resource information stored in a resource database managed by the enterprise is identified, analyze member attribute information registered to the first member account and the new access policy to determine whether the first member account can access the first resource information and, based on a determination result, decide whether to permit the first member account to access the first resource information.
  2. 2 . The system of claim 1 , wherein the plurality of pieces of work attribute information includes intra-company bylaw information, email information of enterprise members, messenger information of enterprise members, and existing access policy information for enterprise resource information.
  3. 3 . The system of claim 1 , wherein the work attribute information analysis unit comprises: a detail information identification unit configured to, when the update process is initiated, identify detail information included in each of the plurality of pieces of work attribute information stored in the work database; a sentence confirmation unit configured to, upon completion of the function of the detail information identification unit, perform natural language processing on the identified detail information using the stored ontology artificial intelligence algorithm to confirm sentences corresponding to the detail information; and a sentence structure identification unit configured to, upon completion of the function of the sentence confirmation unit, start a syntactic parsing process on the confirmed sentences using the stored ontology artificial intelligence algorithm to identify a sentence structure.
  4. 4 . The system of claim 1 , wherein the access policy establishment unit comprises: a first semantic attribute-tag identification unit configured to, upon completion of functions of the work attribute information analysis unit, identify, for each keyword constituting an existing access policy sentence corresponding to existing access policy information among detail information included in the plurality of pieces of work attribute information, a first semantic attribute tag; a second semantic attribute-tag identification unit configured to, while the first semantic attribute-tag identification unit operates, identify, for each keyword constituting a work attribute sentence corresponding to information other than the existing access policy information, a second semantic attribute tag; and a non-identical tag identification unit configured to, upon completion of identification of the first and second semantic attribute tags, analyze the first and second semantic attribute tags using the stored ontology artificial intelligence algorithm to identify a second semantic attribute tag that does not match any first semantic attribute tag based on a preset RDF triple structure.
  5. 5 . The system of claim 4 , wherein the access policy establishment unit further comprises: an existing access policy sentence update unit configured to, upon completion of the function of the non-identical tag identification unit, modify the existing access policy sentence based on a keyword to which a second semantic attribute tag different from the first semantic attribute tag is matched, and update the existing access policy sentence to a new access policy sentence based on a pattern value of the stored ontology artificial intelligence algorithm; and a new access policy establishment unit configured to, upon completion of the function of the existing access policy sentence update unit, generate new access policy information based on the updated new access policy sentence and store the new access policy information in an access policy repository managed by the enterprise to complete establishment of the new access policy.
  6. 6 . The system of claim 1 , wherein the stored ontology artificial intelligence algorithm is an algorithm that learns pattern values derived by analyzing, on a session basis using timestamps, correlations among a plurality of pieces of work attribute information managed by other enterprises, relationship information among semantic attribute tags matched to keywords included in sentences corresponding to the plurality of pieces of work attribute information managed by other enterprises, existing access policy information for resource information managed by other enterprises, and new access policy information for the resource information managed by other enterprises.
  7. 7 . The system of claim 1 , wherein the account access management unit comprises: an access-account detection unit configured to, in a state where the new access policy has been established, detect a first member account that accesses first resource information among a plurality of pieces of resource information stored in a resource database managed by the enterprise; a member detail information identification unit configured to, upon completion of detection of the first member account that accesses the first resource information, identify detail information included in member attribute information registered to the first member account; and an access determination unit configured to, upon completion of identification of the detail information included in the member attribute information, compare the new access policy information with the identified detail information and determine, based on a sentence defined by the new access policy information, whether the first member account can access the first resource information.
  8. 8 . The system of claim 7 , wherein, when the access determination unit determines that the first member account is not permitted to access the first resource information, the account access management unit outputs to the first member account a sentence based on the new access policy information for the first resource information.

Description

FIELD OF THE INVENTION The present invention relates to a system that manages accounts based on access policies established through an ontology neural network. More particularly, when an update process for updating an enterprise access policy is initiated, a stored ontology artificial intelligence algorithm analyzes a plurality of pieces of work attribute information to update an existing access policy for resource information managed by the enterprise and to establish a new access policy. When a member account accessing particular resource information stored in a resource database managed by the enterprise is identified, the system analyzes member attribute information of the identified member account and the established new access policy to determine whether the member account is permitted to access the particular resource information, thereby deciding whether to grant the member account access to the particular resource information. BACKGROUND OF THE INVENTION Information security technology protects critical information such as enterprise confidential information, customer information, and intellectual property, and provides technologies and services to prevent security threats such as cyber-attacks, insider leaks, and data breaches. In particular, enterprises actively adopt information security technologies and minimize the risk of internal data leakage by regulating methods and privileges for accessing enterprise networks and systems through strict access policies and naming rules. However, recently, issues have been pointed out that overly strict enterprise access policies degrade work efficiency, and that managing the enterprise access policies requires significant cost and time. Accordingly, the industry has developed various technologies to address the above problems. For example, Korean Registered Patent No. 10-2640648 (“Enterprise Asset Management System Through Specialized Database Establishment”) discloses technology for establishing a specialized database to identify threat behaviors against assets within an enterprise. However, the above prior art merely discloses technology that detects threat behavior by analyzing network packets, extracts threat behaviors corresponding to preset threat behavior classifications, and merges extracted threat behavior data according to predefined purposes to build a database. It does not disclose technology which, when an update process for updating enterprise access policies is initiated, uses a stored ontology artificial intelligence algorithm to analyze a plurality of pieces of work attribute information, updates an existing access policy for resource information managed by the enterprise to establish a new access policy, and, when a member account that accesses particular resource information stored in a resource database managed by the enterprise is identified, analyzes member attribute information of the identified member account and the established new access policy to determine whether the member account can access the particular resource information, thereby deciding whether to grant access to the particular resource information. A technology that can solve this is therefore needed. SUMMARY OF THE INVENTION To overcome the problems of the related art, the invention provides a system which, when an update process for updating enterprise access policies is initiated, uses a stored ontology artificial intelligence algorithm to analyze a plurality of pieces of work attribute information, updates an existing access policy for resource information managed by the enterprise to establish a new access policy, and, when a member account that accesses particular resource information stored in a resource database managed by the enterprise is identified, analyzes member attribute information of the identified member account and the established new access policy to determine whether the member account can access the particular resource information, thereby deciding whether to grant access. Thus, based on work attribute information exchanged in accordance with internal circumstances and market conditions, access policies for enterprise-managed resource information can be flexibly revised and managed to improve members'work efficiency while saving cost and time consumed in managing access policies. According to an embodiment, there is provided a system for managing accounts based on access policies established through an ontology artificial intelligence algorithm, the system being implemented by a computing device including one or more processors and one or more memories storing instructions executable by the processors. The system comprises: a work attribute information analysis unit configured to, when an update process for updating enterprise access policies is initiated through a plurality of pieces of work attribute information stored in a work database managed by an enterprise, analyze the plurality of pieces of work attribute information using a stored ontolo