Transparent interceptors for privacy policy implementation

US 7,748,026 B1
Filed: 03/30/2005
Issued: 06/29/2010
Est. Priority Date: 03/30/2005
Status: Active Grant

First Claim

Patent Images

1. A system for applying a privacy policy to an application, comprising:

a data store on a computer readable storage media adapted to maintain a plurality of privacy policies;

an existing middleware mechanism stored as a set of computer readable instructions in a computer readable storage media and executable by a processor to facilitate an exchange of messages between at least one client and a plurality of applications, the existing middleware mechanism comprising a plurality of message interceptors and the middleware mechanism executable to receive a request from the at least one client to access private information associated with one of the plurality of applications; and

an interceptor logic component stored as a set of computer readable instructions in a computer readable storage media and executable by a processor to register with at least one message interceptor of the plurality of message interceptors in the existing middleware mechanism, andthe interceptor logic component executable to authorize access to the private information associated with the one of the plurality of applications when a result of applying at least one of the plurality of privacy policies associated with the one of the plurality of applications to contents of the request received by the middleware mechanism indicates that access to the private information is authorized.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for applying a privacy policy to an application is provided. The system comprises a data store adapted to defining at least one privacy policy. The system also comprises an interceptor logic component operable to authorize access to information based on the at least one privacy policy. The system further comprises a middleware mechanism operable to receive a request for a service provided by the application, wherein the request relates to private data, to request the interceptor logic component to authorize the request, and to reject the request for the service for an unauthorized request.

20 Citations

View as Search Results

18 Claims

1. A system for applying a privacy policy to an application, comprising:
- a data store on a computer readable storage media adapted to maintain a plurality of privacy policies;
  
  an existing middleware mechanism stored as a set of computer readable instructions in a computer readable storage media and executable by a processor to facilitate an exchange of messages between at least one client and a plurality of applications, the existing middleware mechanism comprising a plurality of message interceptors and the middleware mechanism executable to receive a request from the at least one client to access private information associated with one of the plurality of applications; and
  
  an interceptor logic component stored as a set of computer readable instructions in a computer readable storage media and executable by a processor to register with at least one message interceptor of the plurality of message interceptors in the existing middleware mechanism, andthe interceptor logic component executable to authorize access to the private information associated with the one of the plurality of applications when a result of applying at least one of the plurality of privacy policies associated with the one of the plurality of applications to contents of the request received by the middleware mechanism indicates that access to the private information is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, wherein the middleware mechanism is selected from the group consisting of a common object request broker architecture middleware mechanism, a java remote method invocation middleware mechanism, a web services middleware mechanism, and a message service queue middleware mechanism.
  - 3. The system of claim 1, wherein the privacy policy is defined in an extensible markup language file.
  - 4. The system of claim 1, wherein the data store is further configured to receive an authorization request from the interceptor logic component and determines authorization of access to the private information based on the at least one of the plurality privacy policies that is associated with the one of the plurality of applications.
  - 5. The system of claim 1, further comprising a privacy management application configured to receive an authorization request from the interceptor logic component and to determine authorization of access to the private information based on the at least one of the plurality privacy policies that is associated with the one of the plurality of applications.
  - 6. The system of claim 5, wherein the privacy management application determines authorization of access to the private information based on an originator of the request.
  - 7. The system of claim 5, wherein the privacy management application determines authorization of access to the private information based on a purpose of the request associated with the one of the plurality of applications.
  - 8. The system of claim 5, wherein the privacy management application is a customer data privacy management system.
  - 9. The system of claim 1, wherein the interceptor logic component authorizes access to the private information based in part on the identity of the one of the plurality of applications.
  - 10. The system of claim 1, wherein the interceptor logic component authorizes access to the private information based in part on a purpose of the request associated with the one of the plurality of applications.
  - 11. The system of claim 1, wherein the middleware mechanism is further configured to forward the request for access to private information to the one of the plurality of applications after the interceptor logic component authorizes the request.
  - 12. The system of claim 1, wherein the middleware mechanism is a common object request broker architecture.
  - 13. The system of claim 1, wherein the interceptor logic component forwards a request for access to private information to the one of the plurality of applications.
  - 14. The system of claim 1, wherein the privacy policy further comprises a customer data privacy management system.

15. A system for controlling access to private data, comprising:
- a broker stored as a set of computer readable instructions in a computer readable storage media executable by a processor to receive a request for service from a requestor, the request for service associated with an application; and
  
  an authorization component stored as a set of computer readable instructions in a computer readable storage media executable by a processor to determine whether the request for service received by the broker involves access to private data associated with the application;
  
  the authorization component executable to query the requestor for additional information about the requestor;
  
  the authorization component executable to determine whether a privacy policy of the application associated with the private data permits access to the private data; and
  
  the broker executable to provide the request for services based on the determination of the authorization component.
- View Dependent Claims (16, 17)
- - 16. The system of claim 15, wherein the authorization component further comprises an interceptor logic component adapted for authorizing the request for service.
  - 17. The system of claim 15, wherein the authorization component further comprises at least one data store adapted for storing the privacy policy.

18. A computer readable storage medium having stored thereon computer executable code comprising:
- an existing middleware mechanism stored as a set of computer readable instructions in the computer readable storage medium and executable by a processor to facilitate an exchange of messages between a client and a plurality of applications, the existing middleware mechanism comprising a plurality of message interceptors, and the existing middleware mechanism receives a request from the client to access private information associated with one of the plurality of applications; and
  
  an interceptor logic component stored as a set of computer readable instructions in the computer readable storage medium and executable by a processor to register with at least one message interceptor of the plurality of message interceptors in the existing middleware mechanism, andthe interceptor logic component authorizes access to the private information associated with the one of the plurality of applications when a result of applying at least one of the plurality of privacy policy policies associated with the one of the plurality of applications to contents of the request received by the existing middleware mechanism indicates that access to the private information is authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Stone, M. Jeffrey, Lee, Wing K.
Primary Examiner(s)
COLIN, CARL G

Application Number

US11/093,607
Time in Patent Office

1,917 Days
Field of Search

726/4, 726/17, 726/28, 726/29, 726/30, 726/1
US Class Current

726/1
CPC Class Codes

H04L 63/20 for managing network securi...

Transparent interceptors for privacy policy implementation

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Transparent interceptors for privacy policy implementation

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links