SYSTEM AND PROGRAM PRODUCT FOR AUTOMATICALLY MANAGING INFORMATION PRIVACY
First Claim
Patent Images
1. A system for automatically managing information privacy, comprising:
- an input system for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, that governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and
a privacy control system for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule.
3 Assignments
0 Petitions
Accused Products
Abstract
A request including a call for the information in a bean and a purpose for the call is received. Upon receipt, the purpose is compared to a privacy control policy that is packaged with the bean. If the purpose complies with the privacy control policy, the requested access and/or use of the information is permitted.
102 Citations
16 Claims
-
1. A system for automatically managing information privacy, comprising:
-
an input system for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, that governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and a privacy control system for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A program product stored on a recordable medium for automatically managing information privacy, which when executed, comprises:
-
program code for receiving a request that includes a call for information in a bean and a purpose for the call, the purpose indicating a manner in which a requestor of the information intends to use the information, wherein the call is to a method within the bean, and wherein the method references at least one privacy control rule, which governs at least one of access or use of the information, that is packaged with the bean, the privacy control rule being additional to the information and methods of the bean and being packaged as an element of a deployment descriptor; and program code for automatically determining whether the request should be granted by comparing the purpose to at least one privacy control rule to determine whether the purpose is valid, wherein the request is granted if the purpose complies with the at least one privacy control rule. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification