Method and system for implementing privacy policy enforcement with a privacy proxy

US 20060136985A1
Filed: 12/16/2004
Published: 06/22/2006
Est. Priority Date: 12/16/2004
Status: Active Grant

First Claim

Patent Images

1. A method for processing data in accordance with a privacy policy within a data processing system, the method comprising:

receiving, at a proxy, a first message from a first system to a second system;

in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, determining at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and

in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, sending the first message from the proxy to the second system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is presented for enforcing a privacy policy concerning management of personally identifiable information in a centralized manner through a privacy proxy agent. A proxy intercepts a message from a first system to a second system, e.g., from a server to a client, and determines whether the message is associated with an operation on personally identifiable information; if not, then the proxy sends the message to the second system, but if so, then the proxy determines whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information. If the message is compliant with the privacy policy and user preference data, then the proxy sends the first message to the second system; otherwise, an error indication is returned to the first system.

97 Citations

View as Search Results

27 Claims

1. A method for processing data in accordance with a privacy policy within a data processing system, the method comprising:
- receiving, at a proxy, a first message from a first system to a second system;
  
  in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, determining at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
  
  in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, sending the first message from the proxy to the second system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising:
    - in response to a determination that the operation on the personally identifiable information is not compliant with a privacy policy and with user preference information with respect to the privacy policy, sending a second message from the proxy to the first system, wherein the second message indicates an error status.
  - 3. The method of claim 1 further comprising:
    - in response to a determination at the proxy that the first message is not associated with an operation on personally identifiable information, sending the first message from the proxy to the second system.
  - 4. The method of claim 1 further comprising:
    - determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying personally identifiable information within the first message.
  - 5. The method of claim 1 further comprising:
    - determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying that the first message initiates collection of personally identifiable information by the first system or by the second system.
  - 6. The method of claim 1 further comprising:
    - determining at the proxy whether the first message is associated with an operation on personally identifiable information by scanning the first message for a data element that has been inserted into the first message by the first system to signal to the proxy that the first message is associated with an operation on personally identifiable information.
  - 7. The method of claim 1 further comprising:
    - determining at the proxy that the first message is associated with an operation on personally identifiable information in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 8. The method of claim 1 further comprising:
    - determining at the proxy that the operation on the personally identifiable information is compliant with a privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 9. The method of claim 1 further comprising:
    - determining at the proxy that the operation on the personally identifiable information is compliant with user preference information with respect to the privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.

10. An apparatus for processing data in accordance with a privacy policy within a data processing system, the apparatus comprising:
- means for receiving, at a proxy, a first message from a first system to a second system;
  
  means for determining, in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
  
  means for sending, in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, the first message from the proxy to the second system.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The apparatus of claim 10 further comprising:
    - means for sending, in response to a determination that the operation on the personally identifiable information is not compliant with a privacy policy and with user preference information with respect to the privacy policy, a second message from the proxy to the first system, wherein the second message indicates an error status.
  - 12. The apparatus of claim 10 further comprising:
    - means for sending, in response to a determination at the proxy that the first message is not associated with an operation on personally identifiable information, the first message from the proxy to the second system.
  - 13. The apparatus of claim 10 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying personally identifiable information within the first message.
  - 14. The apparatus of claim 10 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying that the first message initiates collection of personally identifiable information by the first system or by the second system.
  - 15. The apparatus of claim 10 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by scanning the first message for a data element that has been inserted into the first message by the first system to signal to the proxy that the first message is associated with an operation on personally identifiable information.
  - 16. The apparatus of claim 10 further comprising:
    - means for determining at the proxy that the first message is associated with an operation on personally identifiable information in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 17. The apparatus of claim 10 further comprising:
    - means for determining at the proxy that the operation on the personally identifiable information is compliant with a privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 18. The apparatus of claim 10 further comprising:
    - means for determining at the proxy that the operation on the personally identifiable information is compliant with user preference information with respect to the privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.

19. A computer program product on a computer readable medium for processing data in accordance with a privacy policy within a data processing system, the computer program product comprising:
- means for receiving, at a proxy, a first message from a first system to a second system;
  
  means for determining, in response to a determination at the proxy that the first message is associated with an operation on personally identifiable information, at the proxy whether the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy for a user who is associated the personally identifiable information; and
  
  means for sending, in response to a determination that the operation on the personally identifiable information is compliant with a privacy policy and with user preference information with respect to the privacy policy, the first message from the proxy to the second system.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer program product of claim 19 further comprising:
    - means for sending, in response to a determination that the operation on the personally identifiable information is not compliant with a privacy policy and with user preference information with respect to the privacy policy, a second message from the proxy to the first system, wherein the second message indicates an error status.
  - 21. The computer program product of claim 19 further comprising:
    - means for sending, in response to a determination at the proxy that the first message is not associated with an operation on personally identifiable information, the first message from the proxy to the second system.
  - 22. The computer program product of claim 19 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying personally identifiable information within the first message.
  - 23. The computer program product of claim 19 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by identifying that the first message initiates collection of personally identifiable information by the first system or by the second system.
  - 24. The computer program product of claim 19 further comprising:
    - means for determining at the proxy whether the first message is associated with an operation on personally identifiable information by scanning the first message for a data element that has been inserted into the first message by the first system to signal to the proxy that the first message is associated with an operation on personally identifiable information.
  - 25. The computer program product of claim 19 further comprising:
    - means for determining at the proxy that the first message is associated with an operation on personally identifiable information in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 26. The computer program product of claim 19 further comprising:
    - means for determining at the proxy that the operation on the personally identifiable information is compliant with a privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.
  - 27. The computer program product of claim 19 further comprising:
    - means for determining at the proxy that the operation on the personally identifiable information is compliant with user preference information with respect to the privacy policy in accordance with a set of configurable rules that contain conditions that are evaluated against the first message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LinkedIn Corporation (Microsoft Corporation)
Original Assignee
International Business Machines Corporation
Inventors
Muppidi, Sridhar R., Ashley, Paul Anthony, Vandenwauver, Mark

Granted Patent

US 7,797,726 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

H04L 63/0407   wherein the identity of one...

H04L 63/101   Access control lists [ACL]

H04L 67/306   User profiles

Method and system for implementing privacy policy enforcement with a privacy proxy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

97 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Method and system for implementing privacy policy enforcement with a privacy proxy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others