Method and system for identifying a sensor to be deployed in a physical environment
US-2015261863-A1 · Sep 17, 2015 · US
Building management system with identity management
US12341624B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12341624-B2 |
| Application number | US-202318367295-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 12, 2023 |
| Priority date | Feb 10, 2017 |
| Publication date | Jun 24, 2025 |
| Grant date | Jun 24, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A building system for identity management of a building, the building system including one or more storage devices configured to store instructions thereon, that, when executed by one or more processors, cause the one or more processors to receive a request to determine whether an entity has a privilege and determine whether the entity has the privilege by querying, based on the request, a graph database to identity information of the graph database that indicates whether the entity has the privilege, wherein the graph database stores nodes representing at least one of users, equipment, events, or spaces of the building, wherein the graph database stores edges between the nodes representing relationships between the users, equipment, events, or spaces. The instructions cause the one or more processors to generate a response including a determination whether the entity has the privilege.
First claim
Opening claim text (preview).
What is claimed: 1. A system for identity management, the system comprising one or more memory devices storing instructions thereon that, when executed by one or more processors, cause the one or more processors to: receive, from a first entity, a request associated with a piece of information; query, responsive to receipt of the request, a graph database to identify a permission associated with the first entity, the graph database storing a plurality of permissions associated with a plurality of entities, and wherein respective permissions of the plurality of permissions indicate pieces of information accessible by respective entities of the plurality of entities; detect, responsive to querying the graph database, a first edge stored in the graph database, the first edge between a first node representing the first entity and a second node representing the permission associated with the first entity; identify, responsive to detection of the first edge, the permission associated with the first entity; and transmit, to the first entity, one or more signals to grant the request associated with the piece of information. 2. The system of claim 1 , wherein the graph database stores: a plurality of nodes including the first node and the second node, and the plurality of nodes representing respective identities for the plurality of entities and at least one of a role of the first entity, an organization of the first entity, or a group associated with the first entity; and a plurality of edges including the first edge, the plurality of edges between the plurality of nodes representing relationships between the plurality of entities. 3. The system of claim 1 , wherein the one or more signals to grant the request associated with the piece of information are transmitted responsive to a determination that the permission of the first entity provides access to the piece of information. 4. The system of claim 1 , wherein the instructions further cause the one or more processors to: receive, from a second entity, a second request to access a second piece of information; identify, responsive to querying the graph database, a second permission associated with the second entity; determine, based on one or more characteristics of the second permission, that the second permission precludes the second entity from accessing the second piece of information; and transmit, to the second entity, one or more second signals to indicate that the second entity is prevented from accessing the second piece of information. 5. The system of claim 4 , wherein the instructions further cause the one or more processors to: receive, from a second system, an indication of a change to the second permission of the second entity; update, responsive to receipt of the indication, the graph database to reflect the change to the second permission of the second entity; and transmit, to the second entity, one or more third signals to grant access to the second piece of information responsive to the change to the second permission allowing access to the second piece of information. 6. The system of claim 1 , wherein the first entity is at least one of a device, an application, or a second system. 7. The system of claim 1 , wherein querying the graph database to identify the permission associated with the first entity includes identifying that the first edge links the first node representing the first entity with the second node representing the permission associated with the first entity. 8. The system of claim 1 , wherein the instructions further cause the one or more processors to identify the permission associated with the first entity by: identifying a policy rule of a plurality of policy rules that applies to the permission; and interpreting the policy rule by querying the graph database to identify information of the graph database, the information providing an interpretation of the policy rule that indicates whether the first entity has the permission. 9. A method for identity management, the method comprising: receiving, by one or more processing circuits, from a first entity, a request associated with a piece of information; querying, by the one or more processing circuits, responsive to receipt of the request, a graph database to identify a permission associated with the first entity, the graph database storing a plurality of permissions associated with a plurality of entities, and wherein respective permissions of the plurality of permissions indicate pieces of information accessible by respective entities of the plurality of entities; detecting, by the one or more processing circuits, responsive to querying the graph database, a first edge stored in the graph database, the first edge between a first node representing the first entity and a second node representing the permission associated with the first entity; identifying, by the one or more processing circuits, responsive to detection of the first edge, the permission associated with the first entity; and transmitting, by the one or more processing circuits, to the first entity, one or more signals to grant the request associated with the piece of information. 10. The method of claim 9 , wherein the graph database stores: a plurality of nodes including the first node and the second node, and the plurality of nodes representing respective identities for the plurality of entities and at least one of a role of the first entity, an organization of the first entity, or a group associated with the first entity; and a plurality of edges including the first edge, the plurality of edges between the plurality of nodes representing relationships between the plurality of entities. 11. The method of claim 9 , wherein the one or more signals to grant the request associated with the piece of information are transmitted responsive to a determination that the permission of the first entity provides access to the piece of information. 12. The method of claim 9 , further comprising: receiving, by the one or more processing circuits, from a second entity, a second request to access a second piece of information; identifying, by the one or more processing circuits, responsive to querying the graph database, a second permission associated with the second entity; determining, by the one or more processing circuits, based on one or more characteristics of the second permission, that the second permission precludes the second entity from accessing the second piece of information; and transmitting, by the one or more processing circuits, to the second entity, one or more second signals to indicate that the second entity is prevented from accessing the second piece of information. 13. The method of claim 12 , further comprising: receiving, by the one or more processing circuits, from a second system, an indication of a change to the second permission of the second entity; updating, by the one or more processing circuits, responsive to receipt of the indication, the graph database to reflect the change to the second permission of the second entity; and transmitting, by the one or more processing circuits, to the second entity, one or more third signals to grant access to the second piece of information responsive to the change to the second permission allowing access to the second piece of information. 14. The method of claim 9 , wherein the first entity is at least one of a device, an application, or a second system. 15. The method of claim 9 , wherein querying, by the one or more processing circuits, the graph database to identify the permission associated with the first entity includes iden
Assignees
Inventors
Classifications
indicating that an appliance service is present in a home automation network (monitoring functionality H04L43/0817; discovery or management thereof, e.g. service location protocol [SLP] or web services, H04L67/51) · CPC title
Interconnection of the control functionalities between home networks (single bridge functionality H04L12/4625) · CPC title
describing content present in a home automation network, e.g. audio video content (retrieval from the Internet G06F16/95) · CPC title
- G06F16/9024Primary
Graphs; Linked lists (G06F16/9027 takes precedence) · CPC title
- H04L12/2827Primary
Reporting to a device within the home network; wherein the reception of the information reported automatically triggers the execution of a home appliance functionality · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12341624B2 cover?
- A building system for identity management of a building, the building system including one or more storage devices configured to store instructions thereon, that, when executed by one or more processors, cause the one or more processors to receive a request to determine whether an entity has a privilege and determine whether the entity has the privilege by querying, based on the request, a grap…
- Who is the assignee on this patent?
- Johnson Controls Tech Co
- What technology area does this patent fall under?
- Primary CPC classification G06F16/9024. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 24 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).