Categorization Of Privacy Data And Data Flow Detection With Rules Engine To Detect Privacy Breaches
First Claim
1. A processor-implemented method comprising:
- receiving, at a source location, a request from a requestor, wherein the requestor is at a target location;
retrieving one or more data elements from a data store responsive to the request;
identifying a privacy data type category corresponding to one or more of the retrieved data elements;
identifying a data flow category based on the target location; and
performing one or more privacy actions modifying one or more of the data elements based on the privacy data type category of the data elements and the data flow category so that the modified data elements comply with one or more data privacy rules pertaining to the target location.
1 Assignment
0 Petitions
Accused Products
Abstract
A runtime approach receives a request from a target location. Data elements are received from a data store. Privacy data type categories corresponding to retrieved data elements are identified. Data flow category is identified based on the target location. Privacy actions are performed modifying some data elements based on the identified privacy data type categories and the data flow category so that the modified data elements comply with one or more data privacy rules pertaining to the target location. A design-time approach retrieves data types included in a software application data design. Privacy categories are selected that correspond to the retrieved data types. Flow categorization data is retrieved that correspond to software application processes. Privacy categories and flow categorization data are compared to privacy rules. A user is informed if privacy rules are violated to facilitate software application modification in order to comply with the privacy rules.
-
Citations
29 Claims
-
1. A processor-implemented method comprising:
-
receiving, at a source location, a request from a requestor, wherein the requestor is at a target location; retrieving one or more data elements from a data store responsive to the request; identifying a privacy data type category corresponding to one or more of the retrieved data elements; identifying a data flow category based on the target location; and performing one or more privacy actions modifying one or more of the data elements based on the privacy data type category of the data elements and the data flow category so that the modified data elements comply with one or more data privacy rules pertaining to the target location. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An information handling system comprising:
-
one or more processors; a memory coupled to at least one of the processors; a nonvolatile storage area that is accessible by at least one of the processors and that stores one or more data stores; a network adapter that connects the information handling system to a computer network; and a set of instructions stored in the memory and executed by at least one of the processors in order to perform actions of; receiving, at the network adapter, a request from a requestor, wherein the requestor is at a target location; retrieving one or more data elements from a data store responsive to the request; identifying a privacy data type category corresponding to one or more of the retrieved data elements; identifying a data flow category based on the target location; and performing one or more privacy actions modifying one or more of the data elements based on the privacy data type category of the data elements and the data flow category so that the modified data elements comply with one or more data privacy rules pertaining to the target location. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer program product stored in a computer readable medium, comprising functional descriptive material that, when executed by an information handling system, causes the information handling system to perform actions that include:
-
receiving, at a source location, a request from a requestor, wherein the requestor is at a target location; retrieving one or more data elements from a data store responsive to the request; identifying a privacy data type category corresponding to one or more of the retrieved data elements; identifying a data flow category based on the target location; and performing one or more privacy actions modifying one or more of the data elements based on the privacy data type category of the data elements and the data flow category so that the modified data elements comply with one or more data privacy rules pertaining to the target location. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A processor-implemented method comprising:
-
retrieving a plurality of data types included in a data design of a software application; selecting one or more privacy categories wherein each of the selected privacy categories correspond to one or more of the plurality of retrieved data types; retrieving flow categorization data corresponding to one or more processes included in the software application; comparing the selected privacy categories and the retrieved flow categorization data to one or more privacy rules; and informing a user when the comparison reveals that one or more of the privacy rules is violated to facilitate modification of the software application in order to comply with the privacy rules. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A computer program product stored in a computer readable medium, comprising functional descriptive material that, when executed by an information handling system, causes the information handling system to perform actions that include:
-
retrieving a plurality of data types included in a data design of a software application; selecting one or more privacy categories wherein each of the selected privacy categories correspond to one or more of the plurality of retrieved data types; retrieving flow categorization data corresponding to one or more processes included in the software application; comparing the selected privacy categories and the retrieved flow categorization data to one or more privacy rules; and informing a user when the comparison reveals that one or more of the privacy rules is violated to facilitate modification of the software application in order to comply with the privacy rules. - View Dependent Claims (24, 25, 26, 27, 28, 29)
-
Specification