| US 7,617,393 B2 | ||
| Implementation and use of PII data access control facility employing personally identifying information labels and purpose serving function sets | ||
| Linda Betz, Poughkeepsie, N.Y. (US); John C. Dayka, New Paltz, N.Y. (US); Walter B. Farrell, Woodstock, N.Y. (US); Richard H. Guski, Red Hook, N.Y. (US); Guenter Karjoth, Waedenswil (Switzerland); Mark A. Nelson, Poughkeepsie, N.Y. (US); Birgit M. Pfitzmann, Samstagern (Switzerland); Michael P. Waidner, Au-Wadenswil (Switzerland); and Matthias Schunter, Zurich (Switzerland) | ||
| Assigned to International Business Machines Corporation, Armonk, N.Y. (US) | ||
| Filed on Jun. 18, 2007, as Appl. No. 11/764,487. | ||
| Application 11/764487 is a continuation of application No. 10/643798, filed on Aug. 19, 2003, granted, now 7,302,569. | ||
| Prior Publication US 2007/0250913 A1, Oct. 25, 2007 | ||
| This patent is subject to a terminal disclaimer. | ||
| Int. Cl. H04L 29/00 (2006.01) | ||
| U.S. Cl. 713—167 [726/27] | 29 Claims |
| 1. A method of implementing a data access control facility, said method comprising:
assigning personally identifying information (PII) classification labels to PII data objects, wherein a PII data object has
one PII classification label assigned thereto;
defining at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write
PII data objects; and
assigning a PII classification label to each PSFS, wherein a PII data object is only read accessible via an application function
of a PII PSFS having a PII classification label that is equal to or a proper subset of the PII classification label of the
PII data object.
|