Managing exchanges of sensitive data
First Claim
Patent Images
1. A method of managing exchanges of sensitive data comprising:
- establishing a secure connection between a first application and a second application across a network;
the first application utilizing a processing device to request a service across the network from the second application utilizing a separate processing device, the service requiring a disclosure of a first set of sensitive data by the second application;
responsive to the second application requesting a set of certified policy commitments of the first application in response to the service request, providing across the network the set of certified policy commitments of the first application regarding the first set of sensitive data to the second application for authentication of the set of certified policy commitments and for a determination of acceptability of data handling policies included in the set of certified policy commitments, wherein the set of certified policy commitments provided by the first application includes data handling policies that the first application commits to utilize in handling and protecting the set of sensitive data of the second application; and
upon a positive authentication of the set of certified policy commitments and a positive determination of acceptability of the included data handling policies by the second application, receiving the service including the disclosure of the first set of sensitive data from the second application through the secure connection;
wherein the first set of sensitive data can be provided by the second application to the first application pursuant to the set of certified policy commitments provided by the first application if the second application determines that the included data handling policies satisfy a set of predetermined policy requirements of the second application.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system or computer usable program product for managing exchanges of sensitive data including utilizing a processor to request a service across a network from an application, the service requiring a disclosure of a first set of sensitive data by the application; providing a set of certified policy commitments regarding the first set of sensitive data to the application for a determination of acceptability; and upon a positive determination, receiving the service including the disclosure of the first set of sensitive data.
-
Citations
35 Claims
-
1. A method of managing exchanges of sensitive data comprising:
-
establishing a secure connection between a first application and a second application across a network; the first application utilizing a processing device to request a service across the network from the second application utilizing a separate processing device, the service requiring a disclosure of a first set of sensitive data by the second application; responsive to the second application requesting a set of certified policy commitments of the first application in response to the service request, providing across the network the set of certified policy commitments of the first application regarding the first set of sensitive data to the second application for authentication of the set of certified policy commitments and for a determination of acceptability of data handling policies included in the set of certified policy commitments, wherein the set of certified policy commitments provided by the first application includes data handling policies that the first application commits to utilize in handling and protecting the set of sensitive data of the second application; and upon a positive authentication of the set of certified policy commitments and a positive determination of acceptability of the included data handling policies by the second application, receiving the service including the disclosure of the first set of sensitive data from the second application through the secure connection; wherein the first set of sensitive data can be provided by the second application to the first application pursuant to the set of certified policy commitments provided by the first application if the second application determines that the included data handling policies satisfy a set of predetermined policy requirements of the second application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 35)
-
-
13. A computer usable program product comprising a non-transitory computer usable storage medium including computer usable code for use in managing exchanges of sensitive data, the computer usable program product comprising code for performing the steps of:
-
establishing a secure connection between a first application and a second application across a network; the first application utilizing a processing device to request a service across the network from the second application utilizing a separate processing device, the service requiring a disclosure of a first set of sensitive data by the second application; responsive to the second application requesting a set of certified policy commitments of the first application in response to the service request, providing across the network the set of certified policy commitments of the first application regarding the first set of sensitive data to the second application for authentication of the set of certified policy commitments and for a determination of acceptability of data handling policies included in the set of certified policy commitments, wherein the set of certified policy commitments provided by the first application includes data handling policies that the first application commits to utilize in handling and protecting the set of sensitive data of the second application; and upon a positive authentication of the set of certified policy commitments and a positive determination of acceptability of the included data handling policies by the second application, receiving the service including the disclosure of the first set of sensitive data from the second application through the secure connection; wherein the first set of sensitive data can be provided by the second application to the first application pursuant to the set of certified policy commitments provided by the first application if the second application determines that the included data handling policies satisfy a set of predetermined policy requirements of the second application. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A data processing system for managing exchanges of sensitive data, the data processing system comprising:
-
a processing device; and a memory storing program instructions which when executed by the processing device execute the steps of; establishing a secure connection between a first application and a second application across a network; the first application utilizing the processing device to request a service across the network from the second application utilizing a separate processing device, the service requiring a disclosure of a first set of sensitive data by the second application; responsive to the second application requesting a set of certified policy commitments of the first application in response to the service request, providing across the network the set of certified policy commitments of the first application regarding the first set of sensitive data to the second application for authentication of the set of certified policy commitments and for a determination of acceptability of data handling policies included in the set of certified policy commitments, wherein the set of certified policy commitments provided by the first application includes data handling policies that the first application commits to utilize in handling and protecting the set of sensitive data of the second application; and upon a positive authentication of the set of certified policy commitments and a positive determination of acceptability of the included data handling policies by the second application, receiving the service including the disclosure of the first set of sensitive data from the second application through the secure connection; wherein the first set of sensitive data can be provided by the second application to the first application pursuant to the set of certified policy commitments provided by the first application if the second application determines that the included data handling policies satisfy a set of predetermined policy requirements of the second application. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
Specification