The invention relates to a system for generating a profile of a network user based on an access control list of the network.
Systems which generate profiles of network users generally are known. Profile generating systems may be used in a client/server system having multiple users connected over a network. Users may also be connected to one or more databases via the network. Databases are used to store various objects. To prevent access to objects containing, for example, confidential or proprietary information, users may be assigned levels of access privileges. Access privileges may be, for example, read-only, edit, etc. Access privileges may be assigned by a system administrator (e.g., the object author or manager) and stored in an access control list (ACL). The system administrator may change the level of access privileges assigned to particular users at any given time.
Some profile generating systems generate and update a user profile each instance a user accesses a document. A reference to an accessed document is stored in the user""s profile automatically and the user may not have any control over which references are stored in the profile. Therefore, if a user accidentally accesses an object, a reference to that object will be stored in the user""s profile even though the object may have no association with the user.
Some prior systems also do not permit users to edit profiles. Accessed documents are automatically stored in the profile and may not be edited by the user. Still further systems require users to generate a profile by manually inserting and updating information in the profile.
Additionally, some prior systems do not allow other users on the network to search profiles. Profiles may be distributed automatically to other users who have expressed an interest in profiles containing predetermined criteria. This approach, however, does not permit system users to search profiles.
These and other drawbacks exist.
An object of the invention is to overcome these and other drawbacks in existing systems.
Another object is to provide a system and method that automatically generates a user profile according to an access control list that is based on objects accessible by the user.
Another object of the invention is to provide a system and method for generating a user profile that maintains a user profile based on a user""s object access privileges.
Another object of the invention is to provide a system and method for generating a user profile based on user affinities.
Another object is to provide a system and method for generating a user profile that enables users to select which user affinities are inserted into the profile.
Another object is to provide a system and method for generating a user profile that enables users to edit the profile.
These and other objects of the invention are achieved according to various embodiments of the invention. According to one embodiment, a system, method, and computer usable medium comprising computer readable program code embodied therein are provided that generate a profile of a network user based on objects stored in an access control list (ACL). The system includes an ACL accessing object. The ACL accessing object communicates with an access determining object. The access determining object communicates with a topic determining object and subsequently with a user privilege determining object. The user privilege determining object communicates with a user affinity determining object which communicates with a profile compiling/updating object to generate a user profile.
According to one embodiment of the invention, an ACL accessing object accesses an ACL. The ACL may contain, for example, a list of objects (e.g., files, documents, etc.) to which a user has access. An access determining object then determines the objects to which a particular user has access. After determining all of the objects accessible by a user, the topic determining object determines the subject-matter of the accessible objects. A user privilege determining object then determines the user privileges associated with each accessible object. The system then applies inferencing rules against the determinations made. Using the inferencing rules, the system calculates a user""s affinity for each accessible object and related subject matter. After determining the user""s affinity, the system compiles/updates a user profile reflecting a user""s affinity.
These and other objects, features, and advantages of the invention will be readily apparent to those having ordinary skill in the pertinent art from the detailed description of the preferred embodiments with reference to the appropriate figures.