The invention relates generally to computing device privacy protocols, and more particularly to access by applications to user data.
Computing devices such as smartphones, laptop and tablet computers, and other personal computing devices execute a variety of applications to perform a variety of functions. To enable full functionality, many applications require access to photographs or other data stored on a user's computing device. Typically access to a particular type of data can be entirely allowed or entirely disallowed by the operating system of the computing device. For example, an application can be granted access to all of the photographs stored by the user on their computing device or none of the photographs on their computing device.
This Summary introduces simplified concepts that are further described below in the Detailed Description of Illustrative Embodiments. This Summary is not intended to identify key features or essential features of the claimed subject matter and is not intended to be used to limit the scope of the claimed subject matter.
A method is provided for applying electronic data sharing settings. The method includes determining a first image or a first plurality of images shared by a user to a first network-enabled application. A first plurality of image components are extracted from the first image or the first plurality of images, and access by the first network-enabled application to a second image or a second plurality of images stored on a computing device of the user is enabled based on the first plurality of image components extracted from the first image or the first plurality of images.
A further method for controlling electronic data sharing is provided. The further method includes determining a first plurality of images stored by a user on a computing device, and extracting a first plurality of image components from the first plurality of images. A facial recognition algorithm is applied to one or both of the first plurality of images or the first plurality of image components to determine a first plurality of occurrences of a particular human in the first plurality of images, and access by a first network-enabled application to the first plurality of images stored by the user on the computing device is enabled based on the first plurality of image components and the first plurality of occurrences of the particular human in the first plurality of images.
Another further method for controlling electronic data sharing including determining a first electronic record or a first plurality of electronic records shared by a user to a first network-enabled application, and extracting a first topic or a first plurality of topics from the first electronic record or the first plurality of electronic records. Access by the first network-enabled application to a second electronic record or a second plurality of electronic records on a computing device of the user is enabled based on the first topic extracted from the first electronic record or the first plurality of electronic records.
An internet browsing control method is provided including monitoring a first plurality of network destinations accessed by a user via a computing device via a first browser application, and extracting a first topic or a first plurality of topics from the first plurality of network destinations. An attempt to access a particular network destination by the user via the computing device via the first browser application is determined, and access by the user to the particular network destination via the computing device via the first browser application based on the first topic or the first plurality of topics and based on the particular network destination is disabled.
A more detailed understanding may be had from the following description, given by way of example with the accompanying drawings. The Figures in the drawings and the detailed description are examples. The Figures and the detailed description are not to be considered limiting and other examples are possible. Like reference numerals in the Figures indicate like elements wherein:
Embodiments of the invention are described below with reference to the drawing figures wherein like numerals represent like elements throughout. The terms “a” and “an” as used herein do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced items.
Referring to
The computing device 12 operates in the network 8. The computing device 12 can include for example a smart phone or other cellular-enabled mobile device configured to operate on a wireless telecommunications network. Alternatively, the computing device 12 can include a personal computer, tablet device, or other computing device. A user operates the computing device 12 with a privacy agent 14 active, the privacy agent 14 functioning as a user content sharing filter application on the computing device 12. Software and/or hardware residing on the computing device 12 enables the privacy agent 14 to monitor and restrict content accessible on the computing device 12 by network-based applications or services, for example enabled by a website server or application server 40 (hereinafter “web/app server” 40) or local applications 52 enabled to communicate via the network 8 with the web/app servers 40.
The privacy agent 14 can be configured as a standalone application executable by a processor of the computing device 12 via the OS 60 and in communication with the local applications 52 and the browsers 50. Alternatively, the privacy agent 14 can be provided as a processor-implemented add-on application integral with the local applications 52 or browser 50, or other applications or services. The privacy agent 14 is enabled to restrict or block user content (e.g., photos, contacts, documents, or clickstreams) accessible by local applications 52 or accessible by network-based applications or services, for example enabled by a web/app server 40, or accessible by browsers 50.
The privacy manager 20 facilitates the controlling of sharing of user content stored on a computing device 12. The operation of the privacy manager 20 is described herein with respect to the computing device 12, web/app servers 40, and application settings application program interface (API) 44. One skilled in the art will recognize that the privacy manager 20 can operate with other suitable wired or wireless network-connectable computing systems. The privacy manager 20 includes a modeling engine 22, a model datastore 24, a user datastore 26, a web application program interface (“API”) 28, a privacy application program interface (“API”) 30, and a sharing preferences interface 34. The privacy manager 20 can be implemented on one or more network-connectable processor-enabled computing systems, for example in a peer-to-peer configuration, and need not be implemented on a single system at a single location. The privacy manager 20 is configured for communication via the communications network 8 with other network-connectable computing systems including the computing device 12. Alternatively, the privacy manager 20 or one or more components thereof can be executed on the computing device 12 or other system.
The privacy manager 20 can further enable queries to be provided to a user of a computing device 12. The queries can be provided in a user interface 56 via instructions from a privacy agent 14 based on privacy data stored in a local datastore 54 or based on data transmitted from the privacy API 30 of the privacy manager 20. Alternatively, queries can be provided via the user interface 56 based on data transmitted from the web application 28 enabled by the privacy manager 20 and accessible via a browser 50 executed on the computing device 12. A user's responses to the queries can indicate whether a particular application is allowed access to particular electronic records or whether a particular browser 50 should be used to access a particular network address. Query responses are is stored in a user datastore 26 or a local datastore 54 and used by the privacy manager 20 or the privacy agent 14 in controlling user content accessible to local applications 52 executed by the user's computing device 12 and accessible to network-accessible computing systems hosting websites, webpages of websites, and applications, and used for controlling which browsers are used to access particular network addresses. Applications and websites can include for example social media or messaging applications and platforms for example Facebook™, LinkedIn™, and Google™ social media or messaging applications and platforms. Applications can include standalone applications, plugins, add-ons, or extensions to existing applications, for example web browser plugins. Applications or components thereof can be installed and executed locally on a computing device 12 or installed and executed on remote computing systems accessible to the computing device 12 via a communications network 8, for example the internet.
The sharing preferences interface 34 can search for and download user content shared by a user via a particular application, website, or webpage by accessing a web/app server 40 or by accessing an application settings API 44 which communicates permissions to a web/app server 40. The privacy agent 14 can also search for and download user content shared by a user via a particular application, website, or webpage by accessing a local application 52 with which user content has been shared or by accessing a web/app server 40 (e.g., via a browser 50 or local application 52) with which user content has been shared.
Local applications 52 are beneficially network-enabled, with Web/app servers functioning to enable local applications 52 or particular components of local applications 52. Web/app servers 40 can further enable network-enabled network-based applications, webpages, or services accessible via a browser 50 which need not have application components installed on a computing device 12. Interaction by the sharing preferences interface 34 with web/app servers 40 and application settings APIs 44 is facilitated by applying user credentials provided by a user via the privacy agent 14 or web application 28. Local applications 52 can be downloaded for example via a browser 50 or other local application 52 from an application repository 42. The privacy agent 14 monitors user activity on the computing device 12 including a user's use of local applications 52 and network-based applications, accessing of websites, and explicit and implicit sharing of user content including for example photos, contacts, documents, or clickstreams. Statistics of such use is used by the modeling engine 22 or the privacy agent 14 to build data-driven statistical models of user privacy preference stored in the model datastore 24 of the privacy manager 20 or the local datastore 54 of the computing device 12. The modeling engine 22 can for example function under the assumption that a user would allow sharing of particular types of user content with a particular application if that user had already consented to sharing similar user content with the particular application or similar application in the past.
The privacy agent 14 permits a user to use network-enabled applications, for example particular local applications 52 or network-based applications supported by web/app servers 40, without allowing access to an entire class of electronic records. For example, instead of allowing access to all photos stored on a computing device 12 in a local datastore 54, the privacy agent 14 enables a user to keep some of their photos private. The privacy agent 14 with support from the privacy manager 20 manages which local applications 52 or network-based applications are granted access to which electronic records, for example photos.
In one implementation, particular photos which have already been explicitly shared by a user to a particular local application 52 or particular network-based application are used to determine other photos which are shared with the particular application. Photos which have not been explicitly shared with the particular application, or photos which have not been explicitly shared with the particular application and have been shared with another application are precluded from being shared with the particular application. The privacy agent 14 alone or via the modeling engine 22 learns users' preferences and uses machine learning to decide which photos to share. In other implementations, other data types such as documents or contact records which have already been explicitly shared by a user to a particular local application 52 or particular network-based application are used to determine other documents or contact records which are shared with the particular application. Documents or contact records which have not been explicitly shared with the particular application, or documents or contact records which have not been explicitly shared with the particular application and have been shared with another application are precluded from being shared with the particular application. The privacy agent 14 alone or via the modeling engine 22 learns users' preferences and uses machine learning to decide which documents and contact records to share.
Electronic records are distinguishable by content type. The privacy agent 14 and privacy manager 20 are configured to assign privacy levels to electronic records based on their content type and the classification of data within the electronic record. Thereby within a specific content type, different electronic records are assigned different privacy levels. Referring to Table 1, four exemplary content types of electronic records are listed as “photos,” “contacts” (i.e., an electronic address book), “documents” (e.g., text files), and “clickstream” (i.e., a time ordered sequence of DNS requests including URLs). Example classes for electronic records of each content type are listed. Classifications of photos is beneficially based on artificial neural network image analysis. Classification of contacts and documents is beneficially based on artificial neural network content analysis and can be further based on the source of the contacts or documents, for example which application stores or manages the electronic records of the contacts or documents. Classification of clickstream is beneficially based on artificial neural network analysis of a clustered browser clickstream. Shown also are example applications which are differentiated by content type with respect to user privacy based on a user's prior interactions with the applications. The interactions can include for example sharing electronic records such as photos, contacts, or documents with the applications or using the applications, in the case of a browser application, to access particular network destination.
Referring to Table 2, exemplary machine learning conclusions enabled by either or both of the privacy agent 14 and the modeling engine 22 are set forth based on a user's photo sharing history with a particular local application 52 or network based application, for example WhatsApp™, Instagram™, or Letgo™ applications. Using a first application (“App #1”) a user explicitly shares their children's photos with members of the user's family. The exemplary machine learning conclusion generated by either or both of the privacy agent 14 and the modeling engine 22 is that access is allowed to other photos of the user's children and to other people, for example other people present in photos of the user's children. Using a second application (“App #2”) a user explicitly shares garden photos. The resulting exemplary machine learning conclusion generated by either or both of the privacy agent 14 and the modeling engine 22 is that access to garden photos and food photos not including people are allowed. Using a third application (“App #3”) a user explicitly shares photos of furniture for sale. The resulting exemplary machine learning conclusion generated by either or both of the privacy agent 14 and the modeling engine 22 is that access to other furniture photos, or other furniture photos not including people, are allowed. Using a third application (“App #4”) a user explicitly shared only one photo. To avoid a machine learning conclusion based on inadequate data, the privacy agent 14 can allow the user to lead and permit access to photos based on explicit user-selected privacy settings or privacy settings inferred from explicit user-selected privacy settings.
The privacy agent 14 or privacy manager 20 can apply an image classifier to photos in the user's gallery in the local datastore 54 on the user's computing device 12 or stored remotely by the user. The privacy agent 14 or privacy manager 20 can further apply an image classifier to photos shared via network for example via web/app servers 40 and local applications 52 or browsers 50, for example via the WhatsApp™, Instagram™, or Letgo™ applications. The image classifier can assign scores or probabilities to each photo to reflect the content of each photo. Referring to
Referring to
The facial recognition algorithm beneficially includes a convolutional neural network (“CNN”) that extracts the embeddings, the embeddings including features from facial images such as distance between human eyes and width of a human forehead. These embeddings are used as representations on faces. Classifiers, for example support vector machine (“SVM”) or k nearest neighbor (“K-NN”), included in the facial recognition algorithm, can be used to identify particular humans. Known facial recognition algorithms include DeepFace and FaceNet.
In a step 212, it is determined if the extracted embeddings correspond to a human detected frequently, for example a human detected a threshold number of times in one or more other photos 202 stored by the user. If a user captures and stores a large number of photos of a particular human, this may suggest the particular human is important to the user and the user may consider the preservation of the particular human's privacy to be important. It can be beneficial for example to tag the particular human as a target whose privacy should be preserved.
If the extracted embeddings correspond to a human detected a threshold number of times, the image vector representation 206 is updated for each such detected human (step 216). For example a vector representation indicating the presence of a human is replaced with a vector representation indicating the presence of a frequently imaged human (“private human”). If the extracted embeddings correspond to a human which has not been detected a threshold number of times in the user's stored photos, no revision is performed and the image vector update process is discontinued (step 214). The image vector representation 206 is fed into the photo sharing classifiers 220 for a plurality of different applications to determine if the photo 202 should be shareable with the each application, or in other words if the photo 202 should be accessible to a particular application.
If one or more pet image components (e.g., dog, cat, parrot, or other animal generally associated with a pet) are extracted in step 204, subsections of the photo 202 corresponding to the pet image components are forwarded to a pet recognition engine 209 (input “A”). The pet recognition engine 209 proceeds with an image vector update process, first attempting to extract embeddings from each pet via a pet recognition algorithm (step 211).
The pet recognition algorithm beneficially includes a convolutional neural network (“CNN”) that extracts the embeddings, the embeddings including unique identifying features of the pets. These embeddings are used as representations on pets. Classifiers, for example support vector machine (“SVM”) or k nearest neighbor (“K-NN”), included in the pet recognition algorithm, can be used to identify particular pets.
In a step 213, it is determined if the extracted embeddings correspond to a pet detected frequently, for example a pet detected a threshold number of times in one or more other photos 202 stored by the user. If a user captures and stores a large number of photos of a particular pet, this may suggest the particular pet is important to the user and the user may consider the preservation of the particular pet's privacy or the privacy of those in the company of the particular pet to be important. It can be beneficial for example to tag the particular pet or an individual in the company of the pet as a target whose privacy should be preserved.
If the extracted embeddings correspond to a pet detected a threshold number of times, the image vector representation 206 is updated (output “C”) for each such detected pet (step 217). For example a vector representation indicating the presence of a dog is replaced with a vector representation indicating the presence of a frequently imaged dog (“private pet”). If the extracted embeddings correspond to a pet which has not been detected a threshold number of times in the user's stored photos, no revision is performed and the image vector update process is discontinued (step 215).
If one or more location image components (e.g., street, city, park, woods, kitchen, living room, or other environments) are extracted in step 204, subsections of the photo 202 corresponding to the location image components are forwarded to the location recognition engine 219 (input “B”). The location recognition engine 219 proceeds with an image vector update process, first attempting to extract embeddings from each location via a location recognition algorithm (step 221).
The location recognition algorithm beneficially includes a convolutional neural network (“CNN”) that extracts the embeddings, the embeddings including unique identifying features of the locations. These embeddings are used as representations on locations. Classifiers, for example support vector machine (“SVM”) or k nearest neighbor (“K-NN”), included in the location recognition algorithm, can be used to identify particular locations.
In a step 223, it is determined if the extracted embeddings correspond to a location detected frequently, for example a location detected a threshold number of times in one or more other photos 202 stored by the user. If a user captures and stores a large number of photos of a particular location, this may suggest the particular location is important to the user and the user may consider the privacy of activity occurring in the particular location to be important. It can be beneficial for example to tag the particular location as a target where private activity occurs.
If the extracted embeddings correspond to a location detected a threshold number of times, the image vector representation 206 is updated (output “D”) for each such detected location (step 227). For example a vector representation indicating the presence of a kitchen is replaced with a vector representation indicating the presence of a frequently imaged location (“private location”). If the extracted embeddings correspond to a location which has not been detected a threshold number of times in the user's stored photos, no revision is performed and the image vector update process is discontinued (step 225). In addition to the facial recognition engine 208, pet recognition engine 209, and location recognition engine 219, additional engines or architecture can be provided for identifying and logging occurrences of various other features in photos 202 stored by the user and updating the image vector representation 206 based on the identified occurrences.
Training the photo sharing classifiers 220 is performed by accessing photos 202 explicitly shared by the user to one or more particular applications within a group of applications used by the user and to which sharing privacy is to be differentiated. Accessing shared photos 202 on web/app servers 40 enabling the group of applications can be performed by the privacy manager 20 via a sharing preferences interface 34 or by the privacy agent 14 via local applications 52 or browsers 50. During training, the explicitly shared photos 202 are entered into the process flow 200 as described herein. The output of each photo sharing classifier 220 is set as “share” for those applications in the group to which the photo 202 has been explicitly shared and “do not share” for those applications in the group to which the photo 202 has not been explicitly shared. This process is beneficially performed for each photo 202 explicitly shared by at least one application in the group. An application group can include for example one or more of social networking applications, messaging applications, or marketplace applications. For example a group of applications to be differentiated by image sharing policy can include WhatsApp™, Instagram™, and Letgo™.
Referring to
Referring to
The privacy agent 14 beneficially institutes photo sharing controls based on the photo sharing determination 274, for example disabling access to the photo 202 responsive to a request to access all photos stored on the computing device 12 by the local application 52 or network-based application corresponding to the photo sharing classifier 220. The privacy agent 14 can institute the photo sharing controls without user intervention. Alternatively, the privacy agent 14 can request user input prior to instituting photo sharing controls. Referring to
The privacy agent 14 with support from the privacy manager 20 further manages which local applications 52 or web/app servers 40 are granted access to electronic records including contacts. For example, particular applications within a group of applications used by a user are differentiated based on whether a user has explicitly shared personal contacts, business contacts, or both to the particular applications. Referring to
Referring to
Referring to
The privacy agent 14 beneficially institutes contact sharing controls based on the contact sharing determination 374, for example disabling access to an analyzed contact responsive to a request to access all contacts stored on the computing device 12 by the local application 52 or network-based application corresponding to the contact sharing classifier 320. The privacy agent 14 can institute the contact sharing controls without user intervention. Alternatively, the privacy agent 14 can request user input prior to instituting contact sharing controls. Referring to
The privacy agent 14 with support from the privacy manager 20 further manages which local applications 52 or web-based applications are granted access to electronic records including documents. For example, particular applications within a group of applications used by a user are differentiated based on whether a user has explicitly shared medical documents, financial documents, or professional documents to the particular applications. Referring to
Referring to
Referring to
The privacy agent 14 beneficially institutes document sharing controls based on the document sharing determination 474, for example disabling access to an analyzed document responsive to a request to access all documents stored on the computing device 12 by the local application 52 or network-based application corresponding to the document sharing classifier 420. The privacy agent 14 can institute the document sharing controls without user intervention. Alternatively, the privacy agent 14 can request user input prior to instituting document sharing controls. Referring to
The privacy agent 14 with support from the privacy manager 20 further manages which browsers 50 are to be used in accessing particular network destinations via web/app servers 40. For example, particular browsers within a group of browsers used by a user are differentiated based on which browsers of the group have been used by the user to accessed particular network destinations. Referring to
Referring to
Referring to
The privacy agent 14 beneficially institutes browser controls based on the conformance determination 574, for example disabling use on the computing device 12 of a particular browser 50 corresponding to a particular browser user classifier 520 responsive to a user executing the particular browser 50. The privacy agent 14 can institute the browser controls without user intervention. Alternatively, the privacy agent 14 can request user input prior to instituting browser controls. Referring to
Referring to
Referring particularly to
Referring to
In the described methods 600, 610 the first plurality of image components can include a first plurality of topics, the second plurality of image components can include a second plurality of topics, and the third plurality of image components can include a third plurality of topics. A first classifier can be applied to extract the first plurality of image components from the first image or from each of the first plurality of images. A second classifier can be trained based on the first plurality of image components, and beneficially further based on the third plurality of image components. The first classifier can further be applied to extract the third plurality of image components from the third image or from each of the third plurality of images. The second classifier can be applied to classify the second image or the second plurality of images stored by the user on the computing device by applying the second classifier to the second plurality of image components, and the access by the first network-enabled application to the second image or the second plurality of images stored by the user on the computing device can be based on the classifying of the second image or the second plurality of images. The first classifier can include for example a convolutional neural network (“CNN”) classifier and the second classifier can include for example one or more of a k-nearest neighbors algorithm (“k-NN”) classifier, a support-vector machine (“SVM”) classifier, or decision tree classifier.
Beneficially, the first image is compared to the third image or each of the first plurality of images are compared to each of the third plurality of images to determine each first image is not the same as each third image. The second classifier can be trained based on the first plurality of image components as a first input of the second classifier and an indication that the first image or each of the first plurality of images are shared by the user to the first network-enabled application as a first output of the second classifier. The second classifier can further be trained based on the third plurality of image components as a second input of the second classifier and an indication that the third image or each of the third plurality of images are not shared by the user to the first network-enabled application as a second output of the second classifier.
Beneficially, a first vector representation or a first plurality of vector representations are generated for the first image or each of the first plurality of images based on the first plurality of image components, a second vector representation or a second plurality of vector representations are generated for the second image or each of the second plurality of images based on the second plurality of image components, a third vector representation or a third plurality of vector representations are generated for the third image or each of the third plurality of images based on the third plurality of image components. The second classifier is trained further based on the first vector representation and the third vector representation. Alternatively, in the absence of a third vector representation, a third plurality of vector representations, a third image or a third plurality of images, the second classifier can trained further based on the first vector representation without the third vector representation. The second classifier is applied to the second vector representation or each of the second plurality of vector representations to classify the second image or each of the second plurality of images.
In implementing the described methods 600, 610 further processes can include applying a facial recognition algorithm to one or more of the first plurality of images, the first plurality of image components, the second plurality of images, the second plurality of image components, the third plurality of images, or the third plurality of image components to determine a particular human. A frequency of occurrences of the particular human is determined in the one or more of the first plurality of images, the first plurality of image components, the second plurality of images, the second plurality of image components, the third plurality of images, or the third plurality of image components based on the applying of the facial recognition algorithm. The access by the first network-enabled application to the second plurality of images stored by the user on the computing device is enabled further based on the frequency of the occurrences of the particular human in one or more of the first plurality of images, the first plurality of image components, the second plurality of images, the second plurality of image components, the third plurality of images, or the third plurality of image components. More particularly, a first plurality of vector representations is generated for the first plurality of images based on the first plurality of image components and based on the determining the frequency of the occurrences of the particular human; a second plurality of vector representations is generated for the second plurality of images based on the second plurality of image components and based on the determining the frequency of the occurrences of the particular human; and a third plurality of vector representations is generated for the third plurality of images based on the third plurality of image components and based on the determining the frequency of the occurrences of the particular human. The second classifier is trained further based on the first plurality of vector representations and the third plurality of vector representations. The second classifier is applied to the second plurality of vector representations to classify one or more of the second plurality of images.
In implementing the described methods 600, 610 further processes can include generating a first plurality of scores for the first image or the first plurality of images based on the first plurality of image components, training the second classifier based on the first plurality of scores, generating a second plurality of scores for the second image or the second plurality of images based on the second plurality of image components, and applying the second classifier to the second plurality of scores to classify the second image or the second plurality of images.
In implementing the described methods 600, 610 further processes can include receiving a request from the first network-enabled application to access the second image or the second plurality of images or receiving a request from the user to grant access to the second image or the second plurality of images. The user can be queried via the computing device regarding the request from the first network-enabled application or the request from the user, and an instruction can be received from the user responsive to the querying, for example in the manner enabled by the first exemplary interactive display 120 of
Referring to
Referring particularly to
Referring to
In an extension of the method 650 a third plurality of images shared by the user to a second network-enabled application or additional applications can be determined, a third plurality of image components are extracted from the third plurality of images, and the access by the first network-enabled application to the first plurality of images stored by the user on the computing device is enabled further based on the third plurality of image components. Further, the facial recognition algorithm can be applied to one or more of the second plurality of images or the second plurality of image components and one or more of the third plurality of images or the third plurality of image components to determine a second plurality of occurrences of the particular human, and the access by the first network-enabled application to the first plurality of images stored by the user on the computing device can be enabled further based on the second plurality of occurrences of the particular human.
Referring to
Referring particularly to
Referring to
In an extension of the method 710, the first topic or the first plurality of topics are equal to the second topic or the second plurality of topics, and the first topic or the first plurality of topics are not equal to the third topic or the third plurality of topics. And the method can further include extracting a fourth topic or a fourth plurality of topics from a fourth electronic record or a fourth plurality of electronic records stored on the computing device, and disabling access by the first network-enabled application to the fourth electronic record or the fourth plurality of electronic records based on the first topic or the first plurality of topics, the third topic or the third plurality of topics, and the fourth topic or the fourth plurality of topics.
Beneficially a first classifier is applied to extract the first topic or the first plurality of topics from the first electronic record or the first plurality of electronic records, and the first classifier is applied to extract the third topic or the third plurality of topics from the third electronic record or the third plurality of electronic records. A second classifier is trained based on the first topic or the first plurality of topics and based on the third topic or the third plurality of topics. The second classifier is applied to the second topic or the second plurality of topics to classify the second electronic record or the second plurality of electronic records stored by the user on the computing device, and the access by the first network-enabled application to the second electronic record or the second plurality of electronic records is enabled based on the classifying of the second electronic record or the second plurality of electronic records.
In implementing the described methods 700, 710 further processes can include receiving a request from the first network-enabled application to access the second electronic record or the second plurality of electronic records or receiving a request from the user to grant access to the second electronic record or the second plurality of electronic records. The user can be queried via the computing device regarding the request from the first network-enabled application or from the user, and an instruction can be received from the user responsive to the querying, for example in the manners enabled by the second and third exemplary interactive displays 140, 160 of
Referring to
Referring particularly to
Referring to
In an extension of the methods 800, 820, the user is queried regarding the attempt to access the particular network destination, an instruction is received from the user responsive to the querying, and the access by the user to the particular network destination via the computing device via the first browser application is disabled further based on receiving the instruction.
In a further extension of the methods 800, 820 a second plurality of network destinations accessed by the user via the computing device via a second browser application are monitored, and a second topic or a second plurality of topics are extracted from the second plurality of network destinations. An attempt to access the particular network destination by the user via the computing device via the second browser application is determined, and access by the user to the particular network destination via the computing device via the second browser application is enabled based on the second topic or the second plurality of topics extracted from the second plurality of network destinations and based on the particular network destination. Topics can be extracted via a classifier, for example via the exemplary network address classifier 500 of
The computer system 1000 can operate as a standalone device or can be connected (e.g., networked) to other machines. In a networked deployment, the computer system 1000 may operate in the capacity of a server or a client machine in server-client network environment, or as a peer machine in a peer-to-peer (or distributed) network environment. The computer system 1000 can also be considered to include a collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform one or more of the methodologies described herein.
It would be understood by those skilled in the art that other computer systems including but not limited to networkable personal computers, minicomputers, mainframe computers, handheld mobile communication devices, multiprocessor systems, microprocessor-based or programmable electronics, and smart phones could be used to enable the systems, methods and processes described herein. Such computer systems can moreover be configured as distributed computer environments where program modules are enabled and tasks are performed by processing devices linked through a communications network, and in which program modules can be located in both local and remote memory storage devices.
The exemplary computer system 1000 includes a processor 1002, for example a central processing unit (CPU) or a graphics processing unit (GPU), a main memory 1004, and a static memory 1006 in communication via a bus 1008. A visual display 1010 for example a liquid crystal display (LCD), light emitting diode (LED) display or a cathode ray tube (CRT) is provided for displaying data to a user of the computer system 1000. The visual display 1010 can be enabled to receive data input from a user for example via a resistive or capacitive touch screen. A character input apparatus 1012 can be provided for example in the form of a physical keyboard, or alternatively, a program module which enables a user-interactive simulated keyboard on the visual display 1010 and actuatable for example using a resistive or capacitive touchscreen. An audio input apparatus 1013, for example a microphone, enables audible language input which can be converted to textual input by the processor 1002 via the instructions 1024. A pointing/selecting apparatus 1014 can be provided, for example in the form of a computer mouse or enabled via a resistive or capacitive touch screen in the visual display 1010. A data drive 1016, a signal generator 1018 such as an audio speaker, and a network interface 1020 can also be provided. A location determining system 1017 is also provided which can include for example a GPS receiver and supporting hardware.
The instructions 1024 and data structures embodying or used by the herein-described systems, methods, and processes, for example software instructions, are stored on a computer-readable medium 1022 and are accessible via the data drive 1016. Further, the instructions 1024 can completely or partially reside for a particular time period in the main memory 1004 or within the processor 1002 when the instructions 1024 are executed. The main memory 1004 and the processor 1002 are also as such considered computer-readable media.
While the computer-readable medium 1022 is shown as a single medium, the computer-readable medium 1022 can be considered to include a single medium or multiple media, for example in a centralized or distributed database, or associated caches and servers, that store the instructions 1024. The computer-readable medium 1022 can be considered to include any tangible medium that can store, encode, or carry instructions for execution by a machine and that cause the machine to perform any one or more of the methodologies described herein, or that can store, encode, or carry data structures used by or associated with such instructions. Further, the term “computer-readable storage medium” can be considered to include, but is not limited to, solid-state memories and optical and magnetic media that can store information in a non-transitory manner. Computer-readable media can for example include non-volatile memory such as semiconductor memory devices (e.g., magnetic disks such as internal hard disks and removable disks, magneto-optical disks, CD-ROM and DVD-ROM disks, Erasable Programmable Read-Only Memory (EPROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), and flash memory devices).
The instructions 1024 can be transmitted or received over a communications network, for example the communications network 8, using a signal transmission medium via the network interface 1020 operating under one or more known transfer protocols, for example FTP, HTTP, or HTTPs. Examples of communication networks include a local area network (LAN), a wide area network (WAN), the internet, mobile telephone networks, Plain Old Telephone (POTS) networks, and wireless data networks, for example Wi-Fi™ and 3G/4G/5G cellular networks. The term “computer-readable signal medium” can be considered to include any transitory intangible medium that is capable of storing, encoding, or carrying instructions for execution by a machine, and includes digital or analog communications signals or other intangible medium to facilitate communication of such instructions.
Although features and elements are described above in particular. combinations, one of ordinary skill in the art will appreciate that each feature or element can be used alone or in any combination with the other features and elements. Methods described herein may be implemented in a computer program, software, or firmware incorporated in a computer-readable medium for execution by a computer or processor.
While embodiments have been described in detail above, these embodiments are non-limiting and should be considered as merely exemplary. Modifications and extensions may be developed, and all such modifications are deemed to be within the scope defined by the appended claims.