Method and apparatus for controlling access to personally identifiable information
First Claim
1. A method for controlling access to personally identifiable information (PII) in a database system, comprising:
- receiving a request from an application to perform a function which involves accessing information in the database system;
identifying a purpose that the application has in making request to perform the function;
using the purpose to identify a set of attributes in the database system which are associated with the purpose; and
determining if any of the identified attributes contain PII, and if so enforcing access controls while accessing the identified attributes containing PII.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that controls access to personally identifiable information (PII) in a database system. During operation, the system receives a request from an application to perform a function which involves accessing information in the database system. In response to the request, the system identifies a purpose that the application has in making request to perform the function. Next, the system uses the purpose to identify a set of attributes in the database system, which are associated with the purpose. The system then determines if any of the identified attributes contain PII. If so, the system enforces access controls while accessing the identified attributes containing PII.
-
Citations
27 Claims
-
1. A method for controlling access to personally identifiable information (PII) in a database system, comprising:
-
receiving a request from an application to perform a function which involves accessing information in the database system;
identifying a purpose that the application has in making request to perform the function;
using the purpose to identify a set of attributes in the database system which are associated with the purpose; and
determining if any of the identified attributes contain PII, and if so enforcing access controls while accessing the identified attributes containing PII. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for controlling access to personally identifiable information (PII) in a database system, the method comprising:
-
receiving a request from an application to perform a function which involves accessing information in the database system;
identifying a purpose that the application has in making request to perform the function;
using the purpose to identify a set of attributes in the database system which are associated with the purpose; and
determining if any of the identified attributes contain PII, and if so enforcing access controls while accessing the identified attributes containing PII. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus for controlling access to personally identifiable information (PII) in a database system, comprising:
-
a receiving mechanism configured to receive a request from an application to perform a function which involves accessing information in the database system;
an purpose identification mechanism configured to identify a purpose that the application has in making request to perform the function;
an attribute identification mechanism configured to use the purpose to identify a set of attributes in the database system which are associated with the purpose; and
an access control mechanism configured to determine if any of the identified attributes contain PII, and if so to enforce access controls while accessing the identified attributes containing PII. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification