SYSTEM AND PROGRAM PRODUCT FOR AUTOMATICALLY MANAGING INFORMATION PRIVACY

US 20090094675A1
Filed: 12/08/2008
Published: 04/09/2009
Est. Priority Date: 11/05/2002
Status: Active Grant

First Claim

Patent Images

1. A system for automatically managing information privacy, comprising:

an input system for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, that governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and

a privacy control system for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A request including a call for the information in a bean and a purpose for the call is received. Upon receipt, the purpose is compared to a privacy control policy that is packaged with the bean. If the purpose complies with the privacy control policy, the requested access and/or use of the information is permitted.

102 Citations

View as Search Results

16 Claims

1. A system for automatically managing information privacy, comprising:
- an input system for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, that governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and
  
  a privacy control system for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the bean is an ENTERPRISE JAVABEAN.
  - 3. The system of claim 1, wherein the method comprises a procedure that operates on the information.
  - 4. The system of claim 1, further comprising an access control system in addition to the privacy control system, for automatically performing access control to the information by comparing user information that identifies the requestor making the request to an access control policy that is also packaged with the bean that dictates who can access the information.
  - 5. The system of claim 1, wherein the at least one privacy control rule is part of a privacy control policy that is packaged with the bean as a deployment descriptor.
  - 6. The system of claim 1, wherein the input system and the privacy control system are part of an application server.
  - 7. The system of claim 6, wherein the application server is WEBSPHERE application server.
  - 8. The system of claim 1, further comprising:
    - an interface for providing the information pursuant to a web transaction; and
      
      a bean system for storing the information and the method in the bean.

9. A program product stored on a recordable medium for automatically managing information privacy, which when executed, comprises:
- program code for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, which governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and
  
  program code for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The program product of claim 9, wherein the bean is an ENTERPRISE JAVABEAN.
  - 11. The program product of claim 9, wherein the method comprises a procedure that operates on the information.
  - 12. The program product of claim 9, further comprising program code for automatically, in addition to comparing of the purpose to the privacy control rule, performing access control to the information by comparing user information that identifies the requester making the request to an access control policy that is also packaged with the bean that dictates who can access the information.
  - 13. The program product of claim 9, wherein the at least one privacy control rule is part of a privacy control policy that is packaged with the bean as a deployment descriptor.
  - 14. The program product of claim 9, wherein the program code for receiving and the program code for automatically determining are part of an application server.
  - 15. The program product of claim 14, wherein the application server is WEBSPHERE application server.
  - 16. The program product of claim 9, further comprising:
    - an interface for providing the information pursuant to a web transaction; and
      
      program code for storing the information and the method in the bean.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daedalus Blue LLC
Original Assignee
Calvin S. Powers, Martin Presler-Marshall
Inventors
Powers, Calvin S., Presler-Marshall, Martin

Granted Patent

US 8,127,338 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G16H 10/60   for patient-specific data, ...

G16H 20/10   relating to drugs or medica...

H04L 63/104   Grouping of entities

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99939   Privileged access

SYSTEM AND PROGRAM PRODUCT FOR AUTOMATICALLY MANAGING INFORMATION PRIVACY

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND PROGRAM PRODUCT FOR AUTOMATICALLY MANAGING INFORMATION PRIVACY

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links