Implementation and use of PII data access control facility...

Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S027000

Reexamination Certificate

active

07617393

ABSTRACT:
A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.

REFERENCES:
patent: 4926476 (1990-05-01), Covey
patent: 5276901 (1994-01-01), Howell et al.
patent: 5539906 (1996-07-01), Abraham et al.
patent: 5922073 (1999-07-01), Shimada
patent: 5944794 (1999-08-01), Okamoto et al.
patent: 6023765 (2000-02-01), Kuhn
patent: 6070243 (2000-05-01), See et al.
patent: 6073106 (2000-06-01), Rozen et al.
patent: 6141754 (2000-10-01), Choy
patent: 6178510 (2001-01-01), O'Connor et al.
patent: 6253203 (2001-06-01), O'Flaherty et al.
patent: 6275824 (2001-08-01), O'Flaherty et al.
patent: 6289344 (2001-09-01), Braia et al.
patent: 6295605 (2001-09-01), Dockter et al.
patent: 6304973 (2001-10-01), Williams
patent: 6310538 (2001-10-01), Boucher
patent: 6367016 (2002-04-01), Lambert et al.
patent: 6389542 (2002-05-01), Flyntz
patent: 6412070 (2002-06-01), Van Dyke et al.
patent: 6430561 (2002-08-01), Austel et al.
patent: 7093298 (2006-08-01), Rodriquez et al.
patent: 7134022 (2006-11-01), Flyntz
patent: 7302569 (2007-11-01), Betz et al.
patent: 2004/0187020 (2004-09-01), Leerssen et al.
patent: 2004/0225883 (2004-11-01), Weller et al.
z/OS V1R4.0 Security Server RACF Security Administrator's Guide, IBM BookManager Print Preview, SA22-7683-03, Jun. 28, 2002, IBM Corp., 1994, 2002, pp. 1-27/.
A.C. Myers et al., “Protecting Privacy using the Decentralized Label Model”, ACM Transactions on Software Engineering and Methodology, 9(4):410-442, Oct. 2000. http://www.cs.cornell.edu/andru/iflow-tosem.pdf.
A.C. Myers et al., “Complete, Safe Information Flow with Decentralized Labels”, Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, California, May 1998, pp. 186-197. http://www.cs.cornell.edu/andru/papers/sp98/sp98.pdf.gz.
A.C. Myers et al., “A Decentralized Model for Information Flow Control”, Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP), Saint-Malo, France, Oct. 1997, pp. 129-142.
Fisher-Hubner et al., “From a Formal Privacy Model to its Implementation”, Proceedings of the 21st National Information Systems Security Conference, Arlington, VA, Oct. 5-8, 1998 http://www.cs.kau.se/˜simone
iss98.pdf.
S. Jajodia, “Database Security: Status and Prospects”, Center for Secure Information Systems, 2003, p. 1-35.
S. Fischer-Hubner, “IT-Security and Privacy—Design and Use of Privacy-Enhancing Security Mechanisms”, Springer Scientific Publishers, Lecture Notes of Computer Science, LNCS 1958, May 2001, ISBN 3-540-42142-4, Chapter 4, pp. 167-200.
T. Araki et al., “An Access Control Mechanism For Object-Oriented Database Systems,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. E76-A, No. 1 (Jan. 1993), pp. 112-121.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Implementation and use of PII data access control facility... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Implementation and use of PII data access control facility..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Implementation and use of PII data access control facility... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4052998

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.