Method and apparatus for controlling access to personally identifiable information

US 7,716,242 B2
Filed: 10/19/2004
Issued: 05/11/2010
Est. Priority Date: 10/19/2004
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access to personally identifiable information (PII) of a data owner in a database system, comprising:

allowing the data owner to specify different opt-in or opt-out choices with respect to different business purposes for a given PII attribute, wherein the business purposes are listed in a privacy policy, which indicates an organization'"'"'s control of PII in accordance with the data owner'"'"'s preference, and wherein the data owner can opt out voluntary but not mandatory attributes information containing PII;

receiving a request from an application to access attributes associated with the data owner in the database system;

identifying a business purpose that the application has in making the request, wherein the business purpose identifies how the application uses the accessed attributes;

identifying a set of attributes associated with the data owner corresponding to the identified business purpose;

determining that the identified attributes contain a PII attribute that the data owner has opted out; and

,enforcing access control by restricting access to the identified attributes containing the PII attribute based on the data owner'"'"'s choice with respect to the PII attributes for the identified business purpose.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system that controls access to personally identifiable information (PII) in a database system. During operation, the system receives a request from an application to perform a function which involves accessing information in the database system. In response to the request, the system identifies a purpose that the application has in making request to perform the function. Next, the system uses the purpose to identify a set of attributes in the database system, which are associated with the purpose. The system then determines if any of the identified attributes contain PII. If so, the system enforces access controls while accessing the identified attributes containing PII.

297 Citations

14 Claims

1. A method for controlling access to personally identifiable information (PII) of a data owner in a database system, comprising:
- allowing the data owner to specify different opt-in or opt-out choices with respect to different business purposes for a given PII attribute, wherein the business purposes are listed in a privacy policy, which indicates an organization'"'"'s control of PII in accordance with the data owner'"'"'s preference, and wherein the data owner can opt out voluntary but not mandatory attributes information containing PII;
  
  receiving a request from an application to access attributes associated with the data owner in the database system;
  
  identifying a business purpose that the application has in making the request, wherein the business purpose identifies how the application uses the accessed attributes;
  
  identifying a set of attributes associated with the data owner corresponding to the identified business purpose;
  
  determining that the identified attributes contain a PII attribute that the data owner has opted out; and
  
  ,enforcing access control by restricting access to the identified attributes containing the PII attribute based on the data owner'"'"'s choice with respect to the PII attributes for the identified business purpose.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein after identifying the business purpose associated with the request, the method additionally comprises:
    - identifying a role associated with the application;
      
      determining if the role is empowered to have the identified business purpose; and
      
      if so, identifying the set of attributes associated with the business purpose.
  - 3. The method of claim 1, further comprising enforcing policies for attributes containing PII in the database system.
  - 4. The method of claim 1, further comprising restricting access to specific attributes in the database system containing PII regardless of the business purpose.
  - 5. The method of claim 1, further comprising restricting access to specific attributes in the database system which do not contain PII.
  - 6. The method of claim 1, wherein the database system includes tables, which are organized into rows and columns, wherein the columns are associated with attributes.
  - 7. The method of claim 1, wherein each attribute containing PII is associated with a sensitivity level which indicates whether the attribute is, public, private, confidential or sensitive.

8. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for controlling access to personally identifiable information (PII) of a data owner in a database system, the method comprising:
- allowing the data owner to specify different opt-in or opt-out choices with respect to different business purposes for a given PII attribute, wherein the business purposes are listed in a privacy policy, which indicates an organization'"'"'s control of PII in accordance with the data owner'"'"'s preference, and wherein the data owner can opt out voluntary but not mandatory attributes information containing PII;
  
  receiving a request from an application to access attributes associated with the data owner in the database system;
  
  identifying a business purpose that the application has in making the request, wherein the business purpose identifies how the application uses the accessed attributes;
  
  identifying a set of attributes associated with the data owner corresponding to the identified business purpose;
  
  determining that the identified attributes contain a PII attribute that the data owner has opted out; and
  
  ,enforcing access control by restricting access to the identified attributes containing the PII attribute based on the data owner'"'"'s choice with respect to the PII attributes for the identified business purpose.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium of claim 8, wherein after identifying the business purpose associated with the request, the method additionally comprises:
    - identifying a role associated with the application;
      
      determining if the role is empowered to have the identified business purpose; and
      
      if so, identifying the set of attributes associated with the business purpose.
  - 10. The computer-readable storage medium of claim 8, wherein the method further comprises enforcing policies for attributes containing PII in the database system.
  - 11. The computer-readable storage medium of claim 8, wherein the method further comprises restricting access to specific attributes in the database system containing PII regardless of the business purpose.
  - 12. The computer-readable storage medium of claim 8, wherein the method further comprises restricting access to specific attributes in the database system which do not contain PII.
  - 13. The computer-readable storage medium of claim 8, wherein the database system includes tables, which are organized into rows and columns, wherein the columns are associated with attributes.
  - 14. The computer-readable storage medium of claim 8, wherein each attribute containing PII is associated with a sensitivity level which indicates whether the attribute is, public, private, confidential or sensitive.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Singh, Rajesh C., Pae, Christine Y.
Primary Examiner(s)
Alam; Hosain T
Assistant Examiner(s)
Ng; Amy

Application Number

US10/968,566
Publication Number

US 20060085443A1
Time in Patent Office

2,030 Days
Field of Search

707/100, 707/9, 726 27- 30, 726/26
US Class Current

707/783
CPC Class Codes

G06F 21/6227 where protection concerns t...

G06F 21/6245 Protecting personal data, e...

Method and apparatus for controlling access to personally identifiable information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

297 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for controlling access to personally identifiable information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

297 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links