×

LEGISLATION AWARE SYSTEM

  • US 20170140389A1
  • Filed: 11/17/2015
  • Published: 05/18/2017
  • Est. Priority Date: 11/17/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method, said method comprising:

  • identifying, by one or more processors of a computer system, a set of at least two legal compliance rules associated with a service that uses and/or stores data, wherein the legal compliance rules include a type and format of the data, a physical locality within a legal jurisdiction relevant to security rules for the data, how long the data needs to be kept, whether or not the data needs to be encrypted, and what individuals, organizations or authorities are permitted access to the data and under what circumstances;

    identifying, by the one or more processors, a plurality of service providers with associated service provider characteristics, wherein each service provider is a physical computer having a central processing unit (CPU) and is capable of providing the service, and wherein the service provider characteristics associated with each service provider include a location where each service provider performs the service, a region specific to each service provider in which each service provider'"'"'s data for the service is stored, a cost per megabyte (MB) of each service provider'"'"'s data for the service, and a percent utilization of each service provider'"'"'s CPU used for the service;

    verifying, by the one or more processors, compliance with the legal compliance rules of the service provider characteristics of each service provider and of a service definition describing attributes of the service, wherein said verifying comprises matching the legal compliance rules against the service provider characteristics and the attributes of the service and confirming that each service provider characteristic and each attribute of the service conforms to the legal compliance rules, wherein the service definition attributes includes a value representing how often the data is backed up, an indicator denoting where disaster recovery of the data is provided, an indicator denoting a type of encryption that is used for the data, and an indicator denoting that long-term storage of the data is available and for how long, and wherein said verifying comprises verifying said compliance for only at least two service providers of the plurality of service providers;

    returning, by the one or more processors from a result of said verifying, either said compliance or said non-compliance for each service provider;

    determining, by the one or more processors, a priority of each service provider of the at least two service providers who compliance was verified, wherein the priority is based on an availability of the data for each service provider of the at least two service providers; and

    selecting, by the one or more processors from the at least two service providers who compliance was verified, a first service provider to provide the service, wherein said selecting the first service provider is based on the first service provider having been determined to have a highest priority from among the priorities determined for each service provider of the at least two service providers, and wherein said verifying compliance for the first service provider provides assurance that the data will be kept and serviced by the first service provider in a compliant manner according to the legal compliance rules.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×