System for enabling collaboration and protecting sensitive data

US 20040103147A1
Filed: 06/10/2003
Published: 05/27/2004
Est. Priority Date: 11/13/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method for use in managing a collaborative environment involving multiple data systems, comprising the steps of:

providing a collaboration system, separate from said multiple data systems, for controlling messages between said multiple data systems, wherein said collaboration system is configured to communicate with each of said multiple data systems via a defined network interface;

first accessing a communication between identified users of said multiple data systems;

second accessing processing information, indexed to one or more of said identified users, using said collaboration system, said processing information including instructions (executable rules) for use in processing said communication transmitted between said multiple data systems;

using said executable rules and said communication to obtain processed information; and

providing an output to one or more of said identified users based on said processed information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The inventive system facilitates collaboration between multiple network users with respect to collaboration subject matter while maintaining the integrity of sensitive data. In one implementation, the system (200) includes a radiant collaboration subsystem (202) and a radiant sanitizer/guard subsystem (206). The guard (202) receives input information (206), reformats the input information (206) as necessary, and processes the input information and sanitizes the input information (206) based on predefined rules regarding dissemination of sensitive information to particular recipients. Sanitized outputs are provided by the guard (204) on a recipient-specific basis. The collaboration subsystem (202) allows for establishing a conference of collaborators identifying a document or documents to be included in the conference and allowing such documents as well as such documents to be represented to individual collaborators in accordance with the noted rules governing distribution of sensitive information. In this manner, collaboration is facilitated among collaborators that may have different limitations regarding access to sensitive data. The system (200) is useful in a variety of contexts, including the sharing of information as between public and private sector entities related to homeland security.

457 Citations

42 Claims

1. A method for use in managing a collaborative environment involving multiple data systems, comprising the steps of:
- providing a collaboration system, separate from said multiple data systems, for controlling messages between said multiple data systems, wherein said collaboration system is configured to communicate with each of said multiple data systems via a defined network interface;
  
  first accessing a communication between identified users of said multiple data systems;
  
  second accessing processing information, indexed to one or more of said identified users, using said collaboration system, said processing information including instructions (executable rules) for use in processing said communication transmitted between said multiple data systems;
  
  using said executable rules and said communication to obtain processed information; and
  
  providing an output to one or more of said identified users based on said processed information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 30)
- - 2. A method as set forth in claim 1, wherein said step of first accessing comprises obtaining said first information from a non-government source.
  - 3. A method as set forth in claim 2, wherein said step of first accessing comprises obtaining said second information from a government source.
  - 4. A method as set forth in claim 1, wherein said processing information relates to converting at said communication into a converted form related to data structure.
  - 5. A method as set forth in claim 4, wherein said converted form is an internal form of said collaboration system.
  - 6. A method as set forth in claim 1, wherein said processing information relates to one or more of said identified users intended to receive said output.
  - 7. A method as set forth in claim 1, wherein said processing information relates to modifying a content of said communication.
  - 8. A method as set forth in claim 1, wherein said processing information relates to combining a first content of said communication with a second content of a second communication between certain users of said multiple data system.
  - 9. A method as set forth in claim 1, wherein said processing information relates to using said first content and said second content in performing a comparison to a threshold for identifying a condition of interest.
  - 10. A method as set forth in claim 1, wherein said processing information relates to controlling a content of said output based on an identity of a recipient user.
  - 11. A method as set forth in claim 1, wherein said processing information relates to controlling a content of said output based on a policy of said multiple source systems.
  - 12. A method as set forth in claim 1, wherein said processing information relates to controlling a content of said output based on a civil liberties related criterion.
  - 13. A method as set forth in claim 1, wherein said processing information relates to controlling a content of said output based on one of an authorization and a security clearance associated with said recipient user.
  - 14. A method as set forth in claim 1, wherein said collaboration system enables collaboration between a number of said multiple source systems with respect to collaboration subject matter.
  - 15. A method as set forth in claim 1, wherein said processing information comprises executable rules for operating on data objects of said communication.
  - 16. A method as set forth in claim 15, wherein said rules access content of said data objects.
  - 17. A method as set forth in claim 15, wherein said rules differ depending on a source and recipient pairing of said communication.
  - 18. A method as set forth in claim 17, wherein said rules differ depending on a direction of transmission of said communication as between said source and recipient pairing.
  - 19. A method as set forth in claim 1, further comprising the step of establishing a log relating to a processing of said communication by said collaboration system, wherein said log allows for verification of handling of said communication by said collaboration system in accordance with a predefined policy.
  - 20. A method as set forth in claim 19, wherein said collaboration system is further operative for automatically processing logs relating to communications between said multiple data systems for auditing compliance with said predefined policy.
  - 21. A method as set forth in claim 1, wherein said collaboration system is further operative for parsing said communication into data objects of a desired size and separately applying said instructions with respect to each of said objects.
  - 22. A method as set forth in claim 21, wherein said parsing is performed recursively to provide progressively simpler data objects.
  - 30. A method as set forth in claim 20, wherein said step of modifying comprises modifying a portion of the content of said one of said objects.

23. A method for use in sharing information between at least one source system and multiple recipient systems, comprising the steps of:
- providing a collaboration system interposed between said source system and said recipient systems for facilitating sharing of information between said source system and said recipient systems, said collaboration system configured for communication with each of said source system and said recipient system using a defined network interface;
  
  first accessing, using said collaboration systems, first input information from said source system;
  
  second accessing, using said collaboration system, a first instruction set related to a first recipient system;
  
  third accessing, using said collaboration system, a second instruction set related to a second recipient system;
  
  first operating said collaboration system to provide a first output to said first recipient system based on said first input information and said first instruction set; and
  
  second operating said collaboration system to provide a second output to said second recipient system based on said first input information and said second instruction set, where said second output has a content different than said first output.
- View Dependent Claims (24, 25, 26, 31)
- - 24. A method as et forth in claim 23, wherein said first instruction set and said second instruction set are both defined by a policy for controlling sensitive information.
  - 25. A method as et forth in claim 23, further comprising accessing a third instruction set and providing a third output to a third recipient system based on said first input and said third instruction set.
  - 26. A method as set forth in claim 23, wherein said first output differs from said second output based on different rights associated with said first and second recipient systems regarding sensitive information according to a policy controlling said sensitive information.
  - 31. A method as set forth in claim 26, wherein said step of modifying comprises deleting said one of said objects.

27. A method for use in network-based collaboration, comprising the steps of:
- establishing collaboration subject matter;
  
  establishing a conference, wherein multiple collaborators access said collaboration subject matter during a time interval of said conference, wherein said time interval can be of indefinite duration and less than all of said collaborators can participate in the conference at times within said time interval;
  
  first processing said collaboration subject matter, in connection with said conference, to provide a first output for a first collaborator based on a state of said collaboration subject matter at a first time, said first output having a first content; and
  
  second processing said collaboration subject matter, in connection with said conference, to provide a second output for a second collaborator based on said state of said collaboration subject matter at said first time, said second output having a second content different than said first content, wherein said first output is provided at a second time, the same or different than said first time, and said second output is provided at a third time, the same or different than said second time.
- View Dependent Claims (28, 29, 32)
- - 28. A method as set forth in claim 27, wherein said step of processing comprises parsing said collaboration subject matter into a number of information objects and applying said rule set to each of said information objects.
  - 29. A method as set forth in claim 27, wherein said step of first processing comprises parsing said collaboration subject matter into a number of information objects, identifying sensitive information associated with one of said objects and modifying said collaboration subject matter relative to said identified sensitive information.
  - 32. A method as set forth in claim 27, wherein said step of second processing comprises accessing a second content-based rule set associated with said second collaborator and processing said collaboration subject matter based on said second content-based rule set.

33. A method for allowing collaboration between multiple users of a data network, comprising the steps of:
- providing collaboration subject matter including first information from at least one information source;
  
  providing a collaboration system for enabling access to at least portions of said first information by a first user system and a second user system;
  
  first operating said collaboration system to receive said collaboration subject matter;
  
  second operating said collaboration system to identify said first user system, access a first content-based rule associated with said first user system, process said first information using said first content-based rule to establish a first output based on said collaboration subject matter, and provide access to said first output by said first user system; and
  
  third operating said collaboration system to identify said second user system, access a second content-based rule associated with said second user system, process said first information using said second content-based rule to establish a second output, different than said first output, based on said collaboration subject matter, and provide access to said second output by said second user system;
  
  wherein said first and second user systems can be used for collaborative work related to said collaboration subject matter in accordance with said first and second content-based rules.
- View Dependent Claims (34, 35)
- - 34. A method as set forth in claim 33, wherein said first content-based rule and said second content-based rule are both defined by a policy for controlling sensitive information.
  - 35. A method as set forth in claim 33, wherein said first output differs from said second output based on different rights associated with said first and second user systems regarding sensitive information according to a policy controlling said sensitive information.

36. A method for securely sharing information among multiple information systems, comprising the steps of:
- establishing a first community of multiple first information systems for secure sharing of information therebetween;
  
  establishing a second community of a plurality of second information systems for secure sharing of information therebetween;
  
  providing a collaboration system for facilitating sharing of information between multiple information systems;
  
  storing, for access by said collaboration system, a first set of rules governing distribution of information among said first information systems;
  
  storing, for access by said collaboration system, a second set of rules governing distribution of information among said second information systems; and
  
  operating said collaboration system to control sharing of information between said first information systems based on said first set of rules and between said second information systems based on said second set of rules.
- View Dependent Claims (37)
- - 37. A method as set forth in claim 36, further comprising the steps of storing a third set of rules governing distribution of information between said first information systems and said second information systems and operating said collaboration system to control sharing of information between said first information systems and said second information systems based on said third set of rules.

38. A method for use in securely sharing information among multiple information systems, comprising the steps of:
- first establishing a community of multiple information systems to be included within a secure context for sharing of information;
  
  second establishing a collaboration system for facilitating sharing of information among said community of multiple information systems, said collaboration system being configured to communicate with each of said multiple information systems using a defined network interface;
  
  said collaboration system being configured to process information transmitted between first and second systems of said community on a system dependent basis with regard to one of a form and a content of said information so as to facilitate sharing of information;
  
  establishing an algorithm for detecting a condition of interest based on monitored communications;
  
  monitoring a content of communications within said community; and
  
  based on said monitored communications and said algorithm, selectively generating an alert message indicating the existence of said condition of interest.
- View Dependent Claims (39)
- - 39. A method as set forth in claim 38, wherein said step of monitoring comprises aggregating contents of multiple ones of said communications to identify the existence of said condition of interest.

40. An apparatus for use in managing a collaborative environment involving multiple data systems, comprising:
- a processing structure, separate from said multiple data systems for controlling communications between said multiple data systems, wherein said processing structure is configured to communicate with each of said multiple data systems via a defined interface;
  
  said processing structure being operative to access a communication between identified users of said multiple data systems, access executable rules indexed to one of said identified users, and execute said rules with respect to said communication to obtain processed information; and
  
  output structure for providing an output to one or more of said identified users based on said processed information.

41. A method for use in processing information received from sources associated with multiple independent data systems, comprising the steps of:
- receiving first input information from a first source of a first source system, wherein said first source is associated with a first input form related to data structure;
  
  receiving second input information from a second source of a second source system separate from said first source system, wherein said second source is associated with a second input form, different from said first input form, related to data structure;
  
  combining, using said collaboration system, at least a portion of said first information and a portion of said second information to generate processed information; and
  
  providing an output to at least one recipient system based on said processed information;
  
  wherein at least one of said steps of combining and providing an output is based on a defined rule set executed by said collaboration system governing sharing of information among said source and recipient systems.

42. A computer program product for use by a computer in connection with a network where interaction of multiple source systems is controlled by a collaboration system that executes system specific rules governing interaction between said multiple source systems, comprising:
- logical instructions for enabling the computer to perform predetermined operations; and
  
  a computer readable medium bearing the logical instructions;
  
  said predetermined operations including;
  
  accessing resources of one of said multiple source systems, where said resources have at least one system dependent attribute; and
  
  establishing an interface to said resources such that said system dependent attribute is rendered system independent, wherein said resources are available for use across said network subject to said system dependent rules governing interaction between said multiple source systems.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
Schwartz, Michael I., Auten, Charles W., Flesher, Kevin E., Tolley, Richard G., Frauenhoff, Todd, Franklin, Keith

Application Number

US10/459,394
Publication Number

US 20040103147A1
Time in Patent Office

Days
Field of Search
US Class Current

709/204
CPC Class Codes

G06F 16/1767 Concurrency control, e.g. o...

G06F 16/27 Replication, distribution o...

System for enabling collaboration and protecting sensitive data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

457 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

System for enabling collaboration and protecting sensitive data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

457 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links