Managing data handling policies
First Claim
1. A method of automatically sharing sensitive data in accordance with a set of predetermined policy requirements including data handling policies a node requires for handling and protecting sensitive data, the method comprising:
- establishing a secure connection between a first node and a second node across a network;
receiving a request from the first node across the network to provide a set of data for the first node;
determining whether the requested set of data includes a set of sensitive data;
upon a positive determination of a set of sensitive data, requesting a set of certified policy commitments from the first node, wherein the set of certified policy commitments includes data handling policies that the first node commits to utilize in handling and protecting the set of sensitive data of the second node;
the second node receiving across the network the set of certified policy commitments for the first node;
authenticating the set of certified policy commitments;
the second node comparing the data handling policies of the authenticated set of certified policy commitments from the first node to the data handling policies of the set of predetermined policy requirements that the second node requires for handling and protecting the requested sensitive data;
utilizing a processor of the second node to automatically determine from the comparison whether the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node; and
upon a positive determination by the second node that the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node, transmitting across the network the requested set of data including the set of sensitive data from the second node to the first node through the secure connection.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, computer usable program product or system for automatically sharing a set of sensitive data in accordance with a set of predetermined policy requirements including receiving across a network a set of certified policy commitments for a node; authenticating the set of certified policy commitments; utilizing a processor to automatically determine whether the set of certified policy commitments satisfies the set of predetermined policy requirements; and upon a positive determination, transmitting across the network the set of sensitive data to the node.
55 Citations
37 Claims
-
1. A method of automatically sharing sensitive data in accordance with a set of predetermined policy requirements including data handling policies a node requires for handling and protecting sensitive data, the method comprising:
-
establishing a secure connection between a first node and a second node across a network; receiving a request from the first node across the network to provide a set of data for the first node; determining whether the requested set of data includes a set of sensitive data; upon a positive determination of a set of sensitive data, requesting a set of certified policy commitments from the first node, wherein the set of certified policy commitments includes data handling policies that the first node commits to utilize in handling and protecting the set of sensitive data of the second node; the second node receiving across the network the set of certified policy commitments for the first node; authenticating the set of certified policy commitments; the second node comparing the data handling policies of the authenticated set of certified policy commitments from the first node to the data handling policies of the set of predetermined policy requirements that the second node requires for handling and protecting the requested sensitive data; utilizing a processor of the second node to automatically determine from the comparison whether the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node; and upon a positive determination by the second node that the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node, transmitting across the network the requested set of data including the set of sensitive data from the second node to the first node through the secure connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer usable program product comprising a non-transitory computer usable storage medium including computer usable code for use in automatically sharing sensitive data in accordance with a set of predetermined policy requirements including data handling policies a node requires for handling and protecting sensitive data, the computer usable program product comprising code for performing the steps of:
-
establishing a secure connection between a first node and a second node across a network; receiving a request from the first node across the network to provide a set of data for the first node; determining whether the requested set of data includes sensitive data; upon a positive determination of sensitive data, requesting a set of certified policy commitments from the first node, wherein the set of certified policy commitments includes data handling policies that the first node commits to utilize in handling and protecting the set of sensitive data of the second node; the second node receiving across the network the set of certified policy commitments for the first node; authenticating the set of certified policy commitments; the second node comparing the data handling policies of the authenticated set of certified policy commitments from the first node to the data handling policies of the set of predetermined policy requirements that the second node requires for handling and protecting the requested sensitive data; utilizing a processor of the second node to automatically determine from the comparison whether the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node; and upon a positive determination by the second node that the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node, transmitting across the network the requested set of data including the set of sensitive data from the second node to the first node through the secure connection. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A data processing system for automatically sharing sensitive data in accordance with a set of predetermined policy requirements including data handling policies a node requires for handling and protecting sensitive data, the data processing system comprising:
-
a processor; and a memory storing program instructions which when executed by the processor execute the steps of; establishing a secure connection between a first node and a second node across a network; receiving a request from the first node across the network to provide a set of data for the first node; determining whether the requested set of data includes sensitive data; upon a positive determination of sensitive data, requesting a set of certified policy commitments from the first node, wherein the set of certified policy commitments includes data handling policies that the first node commits to utilize in handling and protecting the set of sensitive data of the second node; the second node receiving across the network the set of certified policy commitments for the first node; authenticating the set of certified policy commitments; the second node comparing the data handling policies of the authenticated set of certified policy commitments from the first node to the data handling policies of the set of predetermined policy requirements that the second node requires for handling and protecting the requested sensitive data; utilizing a processor of the second node to automatically determine from the comparison whether the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node; and upon a positive determination by the second node that the data handling policies of the authenticated set of certified policy commitments of the first node at least meets the data handling policies of the set of predetermined policy requirements of the second node, transmitting across the network the requested set of data including the set of sensitive data from the second node to the first node through the secure connection. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification