Systems and methods for sharing data between entities
First Claim
1. A system for sharing data, comprising:
- a storage element configured for storing a plurality of rules, wherein the rules include rule information regarding a policy framework, a data type, a data transfer and a data classification; and
a processor including an information segmentation module configured for processing at least one of the plurality of rules, wherein said processor is responsive to a processed said at least one rule to control transfer of the data to a first entity and to maintain integrity of the data within the system based on the rule information, said information segmentation module being operative to segment the data into data segments and tag the data segments with sub component identifiers in accordance with policy information of the policy framework, wherein the policy information is selected from a group consisting of;
a data owner;
a data provider;
a data user; and
a data use;
wherein said information segmentation module is further operative to detect private information in the data, segment the private information into a plurality of subsegments with each subsegment being identified with a particular private information sensitivity, and organize the data according to the private information sensitivity whereby the segmented data may be transferred to the first entity according to a rule designating which of the segments may be transferred to the first entity according to the private information sensitivity;
wherein said information segmentation module is further operative to detect one or more classification standards within the data, segment the data according to the one or more classification standards, and organize the data by the one or more classification standards whereby a rule may be generated that governs the transfer of information with respect to the one or more classification standards and prevents the transfer of classified data to an unauthorized entity; and
wherein said information segmentation module is further operative to sanitize and aggregate portions of the private information.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention is generally directed to methods and apparatus for sharing data. A system maintains the integrity of the data by controlling access to and from the data. For example, one entity may wish to cooperate with another entity by sharing information with the other entity. The sharing entity may, however, wish to block access to certain portions of the data. The system, therefore, includes a processor configured for processing stored rules that, when processed, control transfer of the data to the other entity. The processor maintains integrity of the data because, among other reasons, the processor can determine that certain portions of the data to be transferred should be excluded from an intended recipient based upon a processed rule. Examples of such data sanitization include the deletion of information regarding the data owner, the data provider and/or other entity specific sensitive portions of the data.
-
Citations
21 Claims
-
1. A system for sharing data, comprising:
-
a storage element configured for storing a plurality of rules, wherein the rules include rule information regarding a policy framework, a data type, a data transfer and a data classification; and a processor including an information segmentation module configured for processing at least one of the plurality of rules, wherein said processor is responsive to a processed said at least one rule to control transfer of the data to a first entity and to maintain integrity of the data within the system based on the rule information, said information segmentation module being operative to segment the data into data segments and tag the data segments with sub component identifiers in accordance with policy information of the policy framework, wherein the policy information is selected from a group consisting of;
a data owner;
a data provider;
a data user; and
a data use;wherein said information segmentation module is further operative to detect private information in the data, segment the private information into a plurality of subsegments with each subsegment being identified with a particular private information sensitivity, and organize the data according to the private information sensitivity whereby the segmented data may be transferred to the first entity according to a rule designating which of the segments may be transferred to the first entity according to the private information sensitivity; wherein said information segmentation module is further operative to detect one or more classification standards within the data, segment the data according to the one or more classification standards, and organize the data by the one or more classification standards whereby a rule may be generated that governs the transfer of information with respect to the one or more classification standards and prevents the transfer of classified data to an unauthorized entity; and wherein said information segmentation module is further operative to sanitize and aggregate portions of the private information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 19)
-
-
11. A method of sharing stored data, comprising:
-
tagging data from a plurality of entities with one or more operational identifiers; operating a processor to execute an information segmentation module within said processor, wherein the information segmentation module segments the data based on one or more of the operational identifiers, wherein the information segmentation module further detects private information in the data, segments the private information into a plurality of subsegments with each subsegment being identified with a particular private information sensitivity, and organizes the data according to the private information sensitivity whereby the segmented data may be transferred to an entity according to a rule designating which of the segments may be transferred to an entity according to the private information sensitivity, and wherein the information segmentation module further detects one or more classification standards within the data, segments the data according to the one or more classification standards, and organizes the data by the one or more classification standards whereby a rule may be generated that governs the transfer of information with respect to the one or more classification standards and prevents the transfer of classified data to an unauthorized entity; storing segmented said data on a storage element in operative communication with said processor; processing said stored segmented said data with said processor according to at least one rule, wherein a processed said at least one rule configures said processor to exclude from a first entity of said plurality of entities a one or more data segments of said stored segmented said data from a second entity of said plurality of entities; aggregating a plurality of data segments of said stored segmented said data according to one or more of the operational identifiers, wherein the operational identifiers are selected from a group consisting of;
a policy framework, a data type, a data transfer, and a data classification; andrecognizing a pattern within aggregated said plurality of data segments of said stored segmented said data to generate a message and to transfer the message to one or more of the plurality of entities according to an entity specific concern. - View Dependent Claims (12, 13, 14, 15, 16, 17, 20)
-
-
18. A method of sharing data and protecting sensitive information within the data, comprising:
-
storing data of a plurality of entities on a storage element in operative communication with a processor; storing a plurality of rules on the storage element, wherein the rules include rule information regarding a policy framework, a data type, a data transfer and a data classification; operating a processor to execute an information segmentation module within said processor, wherein the information segmentation module is configured for processing at least one of the plurality of rules, wherein said processor is responsive to a processed said at least one rule to control transfer of the data to a first entity and to maintain integrity of the data within the system based on the rule information; wherein said information segmentation module segments the data into data segments and tags the data segments with sub component identifiers in accordance with policy information of the policy framework, wherein the policy information is selected from a group consisting of;
a data owner;
a data provider;
a data user; and
a data use;wherein the information segmentation module detects private information in the data, segments the private information into a plurality of subsegments with each subsegment being identified with a particular private information sensitivity, and organizes the data according to the private information sensitivity whereby the segmented data may be transferred to an entity according to a rule designating which of the segments may be transferred to an entity according to the private information sensitivity; and wherein the information segmentation module further detects one or more classification standards within the data, segments the data according to the one or more classification standards, and organizes the data by the one or more classification standards whereby a rule may be generated that governs the transfer of information with respect to the one or more classification standards and prevents the transfer of classified data to an unauthorized entity; processing said plurality of rules with said processor, wherein at least one rule is associated with a first entity of said plurality of entities and wherein a processed said at least one rule is configurable to exclude from the first entity one or more segments of data of a second entity of said plurality of entities; and allowing the first entity to retrieve stored data with the one or more segments of data from the second entity excluded. - View Dependent Claims (21)
-
Specification