Information management system
First Claim
1. A computer program product for controlling a computer connected to a public network to manage information, the computer having access to policy data containing rules specifying an appropriate encryption strength for outbound data transmitted to the public network, the encryption strength depending on the content of the data, comprising:
- a recording medium readable by the computer, having program code recorded thereon which when executed on said computer, configures said computer to;
determine, in conjunction with an application running on the computer that is operable at least to transmit outbound data to said public network, with reference to said rules in said policy data, an appropriate encryption strength for the outbound data; and
control the transmission of said outbound data by said application in dependence upon the determination of an appropriate encryption strength.
3 Assignments
0 Petitions
Accused Products
Abstract
An information management system is described comprising one or more workstations running applications to allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or about to receive from the network and which determines an appropriate action to take regarding that transmission data. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage in a database; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission data is in force, and determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made. The analyzer may consult a policy data containing a policy to govern the workstations in order to make its determination. The information management system provides many advantages in the eCommerce environment to on-line trading companies, who may benefit by being able to regulate the transactions made by their staff according to their instructions in a policy data, automatically maintain records of passwords and business conducted on-line, avoid paying for unnecessary checks on the validity of digital certificates and ensure that transmissions of data made by their staff are always protected at an agreed strength of encryption.
-
Citations
104 Claims
-
1. A computer program product for controlling a computer connected to a public network to manage information, the computer having access to policy data containing rules specifying an appropriate encryption strength for outbound data transmitted to the public network, the encryption strength depending on the content of the data, comprising:
-
a recording medium readable by the computer, having program code recorded thereon which when executed on said computer, configures said computer to;
determine, in conjunction with an application running on the computer that is operable at least to transmit outbound data to said public network, with reference to said rules in said policy data, an appropriate encryption strength for the outbound data; and
control the transmission of said outbound data by said application in dependence upon the determination of an appropriate encryption strength. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product for controlling a plurality of computers in a private network to manage information, the network having a data repository arranged to receive data from the plurality of computers, and policy data defining rules for the recording of data that may comprise part of a commercial transaction conducted between a computer in the private network and a third party across a public network, comprising:
-
a recording medium readable by a computer, having program code recorded thereon which when executed on each of said plurality of computers configures said computers to;
analyze, in conjunction with an application running on the computer that is operable to transmit outbound data to said public network and receive inbound data from said public network, at least one of said outbound data and said inbound data to identify, with reference to said rules of said policy data, the existence of a commercial transaction occurring between the computer and a third party; and
to control said computer to store transaction data that is all or part of said outbound data or said inbound data related to an identified commercial transaction in said data repository. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
-
-
63. A computer program product, for controlling a computer to manage information, said computer being connected to a public network and having access to policy data containing rules for identifying in outbound data transmitted to the public network transaction data that is part of a commercial transaction;
- and rules for the transmission of transaction data so identified;
comprising;
a recording medium readable by the computer, having program code recorded thereon which when executed on said computer configures the computer to;
analyze, in conjunction with an application running on the computer that is operable to transmit outbound data to the public network and receive inbound data from the public network, at least said outbound data to identify, with reference to said rules of said policy data, transaction data that may be part of a transaction to determine, in accordance with said rules of said policy data, whether the transmission of said transaction data would satisfy said rules; and
to control the computer to control the transmission of said transaction data by said application in dependence on the determination made by said analyzer. - View Dependent Claims (64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85)
- and rules for the transmission of transaction data so identified;
-
86. A computer program product for controlling a computer connected to a public network to manage information, said computer having access to policy data containing rules which define whether or not verification is required for a digital certificate used to digitally sign signed data received in inbound data from the public network, comprising:
-
a recordable medium readable by the computer, having program code recorded thereon which when executed on said computer configures said computer to;
analyze, in conjunction with an application running on the computer that is operable to receive at least inbound data from the public network, signed data that has been digitally signed with a digital certificate, to extract one or more details of said signed data;
to determine whether or not verification is required for said digital certificate in dependence on said rules of said policy data and in dependence on the one or more extracted details of said signed data; and
to control the application in dependence on the determination. - View Dependent Claims (87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104)
-
Specification