SYSTEM AND METHOD FOR LIMITING DISCLOSURE IN HIPPOCRATIC DATABASES
First Claim
1. A computer-implemented method for limiting data disclosure in a software application, comprising:
- storing privacy semantics;
classifying data items into categories;
rewriting incoming queries to reflect stored privacy semantics; and
masking prohibited values.
1 Assignment
0 Petitions
Accused Products
Abstract
A tool for enforcing limited disclosure rules in a software application, typically an unmodified database. The invention enables individual queries to respect data subjects'"'"' preferences and choices by storing privacy semantics, classifying data items into categories, rewriting incoming queries to reflect stored privacy semantics, and masking prohibited values. Privacy semantics include individual data subject choices and privacy policies comprise rules describing authorized data recipients and authorized data access purposes. Privacy policies may require specific consent from data subjects. The invention assigns each (purpose, recipient) pair a view over each database table, so entire tuples and individual cells can have particular privacy semantics. Purposes and recipients are inferred based on the application issuing the query. Masking is performed at the individual cell level, and may employ NULL or other predetermined indicia for prohibited values. The invention is cost-efficient and scalable to large databases.
69 Citations
20 Claims
-
1. A computer-implemented method for limiting data disclosure in a software application, comprising:
-
storing privacy semantics;
classifying data items into categories;
rewriting incoming queries to reflect stored privacy semantics; and
masking prohibited values. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for limiting data disclosure in a software application comprising:
-
means for storing privacy semantics;
means for classifying data items into categories;
means for rewriting incoming queries to reflect stored privacy semantics; and
means for masking prohibited values. - View Dependent Claims (11)
-
-
12. A computer program product comprising a computer useable medium including a computer readable program that causes a computer system to limit data disclosure in a software application by:
-
storing privacy semantics;
classifying data items into categories;
rewriting incoming queries to reflect stored privacy semantics; and
masking prohibited values. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification