Controlled sharing of information in virtual organizations

US 8,533,774 B2
Filed: 11/24/2010
Issued: 09/10/2013
Est. Priority Date: 11/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining, by a computing device, a set of confidentiality sub-policies associated with a set of data items, wherein the set of confidentiality sub-policies specifies confidentiality values for the set of data items, and wherein different confidentiality values represent different levels of confidentiality;

determining, by the computing device, an information utility sub-policy associated with a task being performed by a virtual organization including a plurality of members, wherein the information utility sub-policy specifies information utility values for data items in the set of data items associated with the task, and wherein different information utility values represent different levels of utility to enable execution of the task;

performing, by the computing device, an analysis that optimally balances the confidentiality values and the information utility values specified in the set of confidentiality sub-policies and the information utility sub-policy to determine at least a portion of the set of data items associated with a first member in the plurality of members; and

providing, by the computing device, the at least a portion of the set of data items to a second member such that the second member can execute the task using the retrieved at least a portion of the set of data items, wherein the analysis balances preserving confidentiality while ensuring that the at least a portion of the set of data items provided to the second member are useful to execute the task.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method for extracting data items for a task requesting a set of data items in a virtual organization including a plurality of members is provided. A set of confidentiality sub-policies associated with the set of data items and an information utility sub-policy associated with the task are retrieved. At least a portion of the set of data items for the task are retrieved based on an analysis that optimally balances confidentiality and information utility using the set of confidentiality sub-policies and the information utility sub-policy.

Citations

20 Claims

1. A method comprising:
- determining, by a computing device, a set of confidentiality sub-policies associated with a set of data items, wherein the set of confidentiality sub-policies specifies confidentiality values for the set of data items, and wherein different confidentiality values represent different levels of confidentiality;
  
  determining, by the computing device, an information utility sub-policy associated with a task being performed by a virtual organization including a plurality of members, wherein the information utility sub-policy specifies information utility values for data items in the set of data items associated with the task, and wherein different information utility values represent different levels of utility to enable execution of the task;
  
  performing, by the computing device, an analysis that optimally balances the confidentiality values and the information utility values specified in the set of confidentiality sub-policies and the information utility sub-policy to determine at least a portion of the set of data items associated with a first member in the plurality of members; and
  
  providing, by the computing device, the at least a portion of the set of data items to a second member such that the second member can execute the task using the retrieved at least a portion of the set of data items, wherein the analysis balances preserving confidentiality while ensuring that the at least a portion of the set of data items provided to the second member are useful to execute the task.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - determining a set of conflict control sub-policies for members associated with the set of data items and the first member associated with the task; and
      
      determining when a conflict exists between members associated with the set of data items and the first member using the set of conflict control sub-policies,wherein the at least a portion of the set of data items are not retrieved when the conflict exists.
  - 3. The method of claim 2, wherein the set of conflict control sub-policies includes a conflict control sub-policy associated with each of the members associated with the set of data items and a conflict control sub-policy associated with the first member.
  - 4. The method of claim 1, further comprising determining an optimum level of information utility and confidentiality based on the set of confidentiality sub-policies and the information utility sub-policy for the task.
  - 5. The method of claim 4, wherein the optimum level of information utility and confidentiality is determined using an optimization function.
  - 6. The method of claim 4, further comprising determining at least a portion of the set of data items to extract based on a maximum level determined.
  - 7. The method of claim 1, wherein the confidentiality of each data item is quantified based on a pre-condition defined for the confidentiality sub-policy.
  - 8. The method of claim 1, wherein the information utility for each data item associated with the task is quantified based on a pre-condition defined for the confidentiality sub-policy.
  - 9. The method of claim 1, further comprising dynamically changing at least one sub-policy in the set of confidentiality sub-policies or the information utility sub-policy.
  - 10. The method of claim 1, wherein the set of confidentiality sub-policies and the information utility sub-policy are defined by a single policy used to control sharing of the set of data items.

11. A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured to:
- determine a set of confidentiality sub-policies associated with a set of data items, wherein the set of confidentiality sub-policies specifies confidentiality values for the set of data items, and wherein different confidentiality values represent different levels of confidentiality;
  
  determine an information utility sub-policy associated with a task being performed by a virtual organization including a plurality of members, wherein the information utility sub-policy specifies information utility values for data items in the set of data items associated with the task, and wherein different information utility values represent different levels of utility to enable execution of the task;
  
  perform an analysis that optimally balances the confidentiality values and the information utility values specified in the set of confidentiality sub-policies and the information utility sub-policy to determine at least a portion of the set of data items associated with a first member in the plurality of members; and
  
  provide the at least a portion of the set of data items to a second member such that the second member can execute the task using the retrieved at least a portion of the set of data items, wherein the analysis balances preserving confidentiality while ensuring that the at least a portion of the set of data items provided to the second member are useful to execute the task.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The non-transitory computer-readable storage medium of claim 11, further configured to:
    - determine a set of conflict control sub-policies for members associated with the set of data items and the first member associated with the task;
      
      determine when a conflict exists between members associated with the set of data items and the first member using the set of conflict control sub-policies,wherein the at least a portion of the set of data items are not retrieved when the conflict exists.
  - 13. The non-transitory computer-readable storage medium of claim 12, wherein the set of conflict control sub-policies includes a conflict control sub-policy associated with each of the members associated with the set of data items and a conflict control sub-policy associated with the first member.
  - 14. The non-transitory computer-readable storage medium of claim 11, further configured to determine an optimum level of information utility and confidentiality based on the set of confidentiality sub-policies and the information utility sub-policy for the task.
  - 15. The non-transitory computer-readable storage medium of claim 14, wherein a maximum level is determined using an optimization function.
  - 16. The non-transitory computer-readable storage medium of claim 14, further configured to determine the at least a portion of the set of data items to extract based on the optimum level determined.
  - 17. The non-transitory computer-readable storage medium of claim 11, wherein the confidentiality of each data item is quantified based on a pre-condition defined for the confidentiality sub-policy.
  - 18. The non-transitory computer-readable storage medium of claim 11, wherein the information utility for each data item associated with the task is quantified based on a pre-condition defined for the confidentiality sub-policy.

19. A system comprising:
- a storage device configured to store;
  
  data items for each member, anda non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured to;
  
  determine a set of confidentiality sub-policies associated with a set of data items, wherein the set of confidentiality sub-policies specifies confidentiality values for the set of data items, and wherein different confidentiality values represent different levels of confidentiality;
  
  determine an information utility sub-policy associated with a task being performed by a virtual organization including a plurality of members, wherein the information utility sub-policy specifies information utility values for data items in the set of data items associated with the task, and wherein different information utility values represent different levels of utility to enable execution of the task;
  
  perform an analysis that optimally balances the confidentiality values and the information utility values specified in the set of confidentiality sub-policies and the information utility sub-policy to determine at least a portion of the set of data items associated with a first member in the plurality of members; and
  
  provide the at least a portion of the set of data items to a second member such that the second member can execute the task using the retrieved at least a portion of the set of data items, wherein the analysis balances preserving confidentiality while ensuring that the at least a portion of the set of data items provided to the second member are useful to execute the task.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the instructions are further configured to:
    - determine a set of conflict control sub-policies for members associated with the set of data items and the first member associated with the task; and
      
      determine when a conflict exists between members associated with the set of data items and the first member using the set of conflict control sub-policies,wherein the at least a portion of the set of data items are not retrieved when the conflict exists.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Zielinski, Marek Piotr, Eloff, Jan Harm Petrus
Primary Examiner(s)
Blair, April Y

Application Number

US12/954,037
Publication Number

US 20120131581A1
Time in Patent Office

1,021 Days
Field of Search

726/1, 726/2, 726/27, 718/1, 718/100, 713/150
US Class Current

726/1
CPC Class Codes

G06Q 10/10 Office automation; Time man...

Controlled sharing of information in virtual organizations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Controlled sharing of information in virtual organizations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links