DATA ASSURANCE

US 20120023544A1
Filed: 07/20/2010
Published: 01/26/2012
Est. Priority Date: 07/20/2010
Status: Active Grant

First Claim

Patent Images

1. A system for data assurance, comprising:

a service provider server configured to store persistent objects for a customer;

a customer data assurance specification module configured to;

receive data assurance capabilities related to at least one individual persistent object type in a plurality of persistent object types linked to persistent objects stored on the service provider server; and

receive data assurance specifications from the customer, the data assurance specifications being based on the data assurance capabilities; and

generate computer-readable data assurance policies for the one or more persistent object types based on the received data assurance specifications; and

a policy translator on the service provider server configured to combine the computer-readable data assurance policies with a corresponding enforceable policy template of data assurance capabilities for the at least one individual persistent object type to generate an enforceable customer-specific policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data assurance capabilities are received that are related to at least one individual persistent object type in a plurality of persistent object types linked to persistent objects stored on the service provider server. In addition, data assurance specifications are received from a customer, the data assurance specifications being based on the data assurance capabilities. Computer-readable data assurance policies for the at least one persistent object type are generated based on the received data assurance specification. The computer-readable data assurance policies then are combined with a corresponding template of data assurance capabilities for the at least one individual persistent object type to generate an enforceable customer-specific data policy.

190 Citations

15 Claims

1. A system for data assurance, comprising:
- a service provider server configured to store persistent objects for a customer;
  
  a customer data assurance specification module configured to;
  
  receive data assurance capabilities related to at least one individual persistent object type in a plurality of persistent object types linked to persistent objects stored on the service provider server; and
  
  receive data assurance specifications from the customer, the data assurance specifications being based on the data assurance capabilities; and
  
  generate computer-readable data assurance policies for the one or more persistent object types based on the received data assurance specifications; and
  
  a policy translator on the service provider server configured to combine the computer-readable data assurance policies with a corresponding enforceable policy template of data assurance capabilities for the at least one individual persistent object type to generate an enforceable customer-specific policy.
- View Dependent Claims (2, 3, 4)
- - 2. A system as in claim 1, further comprising an application service hosted on the service provider server, comprising service interception points configured to generate data access events when an application service accesses persistent data objects.
  - 3. A system as in claim 1, further comprising a policy enforcer configured to receive generated data access events for persistent objects and enforce the enforceable customer-specific policy with regards to persistent objects.
  - 4. A system as in claim 1, further comprising a graphical user interface (GUI) configured to enable customer input of the data assurance specifications into the customer data assurance specification module,wherein the GUI comprises a data assurance capability list, a set of control actions defined for each capability, and parameter values associated with the set of control actions.

5. A method for data assurance, comprising:
- providing data assurance capabilities for a plurality of persistent object types to a service customer;
  
  receiving a customer-specific data assurance specification related to at least one persistent object type in a plurality of persistent object types from the customer;
  
  combining the customer-specific data assurance specification with a template corresponding to the at least one persistent object type using a policy translator;
  
  generating an enforceable customer-specific data policy; and
  
  storing the enforceable customer-specific data policy in a repository.
- View Dependent Claims (6, 7, 8, 9)
- - 6. A method as in claim 5, further comprising generating a computer-readable data assurance policy for the at least one persistent object types based on the received customer-specific data assurance specification, wherein transmitting the customer-specific data assurance specification to the service provider server comprises transmitting the computer-readable data assurance policy.
  - 7. A method as in claim 5, wherein providing data assurance capabilities for the plurality of persistent object types to the customer further comprises creating templates describing the data assurance capabilities for the plurality of persistent object types and storing the templates on the service provider server.
  - 8. A method as in claim 5, further comprising:
    - generating data access events for accessed persistent objects;
      
      receiving the generated data access events for the accessed persistent objects;
      
      interpreting an associated enforceable customer-specific data policy; and
      
      enforcing the enforceable customer-specific data policy with regards to the accessed persistent objects.
  - 9. A method as in claim 5, further comprising receiving generated data access events for at least one of the plurality of persistent objects and enforcing the enforceable customer-specific data policy with regards to the at least one of the plurality of persistent objects.

10. A system for data assurance, comprising:
- a data store on a server for storing a plurality of persistent objects;
  
  an application service comprising service interception points configured to generate data access events for accessed persistent objects;
  
  a customer policy repository comprising an enforceable customer-specific data policy created from a combination of customer-specific data assurance specification and an enforceable policy template for a persistent object type; and
  
  a policy enforcer configured to receive the generated data access events, and enforce the enforceable customer-specific data policy with regards to the accessed persistent objects.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. A system as in claim 10, wherein the server comprises a service provider server and the system further comprises a data assurance capability management module on the service provider server for maintaining templates of data assurance enforcement capabilities for the persistent object type.
  - 12. A system as in claim 10, further comprising a customer data assurance specification module configured to generate a computer-readable data assurance policy for the persistent object type based on user input of the customer-specific data assurance specification.
  - 13. A system as in claim 10, further comprising a policy translator on the server configured to combine the customer-specific data assurance specification with a corresponding template to generate the enforceable customer-specific data policy stored in the customer policy repository.
  - 14. A system as in claim 10, further comprising a policy execution state tracking repository.
  - 15. A system as in claim 10, further comprising a tracking repository to keep track of the relationship between the persistent object instance and an activated policy execution instance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Li, Jun, Stephenson, Bryan, Nezhand, Hamid Reza Motahari

Granted Patent

US 8,656,452 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06Q 30/06 Buying, selling or leasing ...

DATA ASSURANCE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

190 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

DATA ASSURANCE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

190 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links