Method and system for implementing privacy policy enforcement with a privacy proxy
First Claim
1. A method for processing data in accordance with a privacy policy within a data processing system, the method comprising:
- receiving, at a proxy, a first message from a first system to a second system;
in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, determining at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, sending the first message from the proxy to the second system.
2 Assignments
0 Petitions
Accused Products
Abstract
A method is presented for enforcing a privacy policy concerning management of personally identifiable information in a centralized manner through a privacy proxy agent. A proxy intercepts a message from a first system to a second system, e.g., from a server to a client, and determines whether the message is associated with an operation on personally identifiable information; if not, then the proxy sends the message to the second system, but if so, then the proxy determines whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information. If the message is compliant with the privacy policy and user preference data, then the proxy sends the first message to the second system; otherwise, an error indication is returned to the first system.
97 Citations
27 Claims
-
1. A method for processing data in accordance with a privacy policy within a data processing system, the method comprising:
-
receiving, at a proxy, a first message from a first system to a second system;
in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, determining at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, sending the first message from the proxy to the second system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus for processing data in accordance with a privacy policy within a data processing system, the apparatus comprising:
-
means for receiving, at a proxy, a first message from a first system to a second system;
means for determining, in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
means for sending, in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, the first message from the proxy to the second system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product on a computer readable medium for processing data in accordance with a privacy policy within a data processing system, the computer program product comprising:
-
means for receiving, at a proxy, a first message from a first system to a second system;
means for determining, in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
means for sending, in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, the first message from the proxy to the second system. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification