Arthur A Gilbert

US Patent:

7069427, Jun 27, 2006

Filed:

Jun 19, 2001

Appl. No.:

09/884153

Inventors:

Steven B. Adler - Port Washington NY, US
Endre Felix Bangerter - Ligerz, CH
Nigel Howard Julian Brown - Richmond Hill, CA
Jan Camenisch - Ruschlikon, CH
Arthur M. Gilbert - Bethel CT, US
Guenter Karjoth - Waedenswil, CH
Dogan Kesdogan - White Plains NY, US
Michael Robert McCullough - Washington DC, US
Adam Charles Nelson - Chicago IL, US
Charles Campbell Palmer - Goldens Bridge NY, US
Martin Joseph Clayton Presler-Marshall - Chapel Hill NC, US
Michael Schnyder - Bern, CH
Elsie Van Herreweghen - Adiswil, CH
Michael Waidner - Appilalshi, CH

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 9/00

US Classification:

713 1, 726 1

Abstract:

The present invention is a system and method for handling personally identifiable information, using a rules model. The invention involves defining a limited number of privacy-related actions regarding personally identifiable information; constructing a rule for each circumstance in which one of said privacy-related actions may be taken or must be taken; allowing for the input of dynamic contextual information to precisely specify the condition for evaluation of a rule; creating a programming object containing at least one of said rules; associating the programming object with personally identifiable information; processing a request; and providing an output. The invention does not merely give a “yes-or-no answer. The invention has the advantage of being able to specify additional actions that must be taken. The invention may use a computer system and network.

US Patent:

7603317, Oct 13, 2009

Filed:

Jun 19, 2001

Appl. No.:

09/884296

Inventors:

Steven B. Adler - Port Washington NY, US
Nigel Howard Julian Brown - Richmond Hill, CA
Arthur M. Gilbert - Bethel CT, US
Charles Campbell Palmer - Goldens Bridge NY, US
Michael Schnyder - Bern, CH
Michael Waidner - Au, CH

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06Q 99/00

US Classification:

705 51, 705 57, 726 6

Abstract:

The invention entails identifying the parties involved in a process of handling personally identifiable information; identifying the data involved in said process; classifying the data; expressing each relationship between each pair of said parties in terms of a privacy agreement; and representing the parties, data, and privacy agreements graphically in one or more privacy agreement relationship diagrams. The invention has the advantage of identifying opportunities to reduce privacy-related risks, including identifying unnecessary exchanges of data, for possible elimination, and identifying opportunities to transform data into a less sensitive form. Privacy agreements are based on a limited set of privacy-related actions: access, disclose, release, notify, utilize, update, withdrawConsent, giveConsent, delete, anonymize, depersonalize, and repersonalize. One aspect of the present invention is a method for improving the handling of personally identifiable information. Another aspect of the present invention is a system for executing the method of the present invention.

US Patent:

7962962, Jun 14, 2011

Filed:

Jun 19, 2001

Appl. No.:

09/884311

Inventors:

Steven B. Adler - Port Washington NY, US
Endre Felix Bangerter - Ligerz, CH
Kathryn Ann Bohrer - Austin TX, US
Nigel Howard Julian Brown - Richmond Hill, CA
Jan Camenisch - Ruschlikon, CH
Arthur M. Gilbert - Bethel CT, US
Dogan Kesdogan - White Plains NY, US
Matthew P. Leonard - Upper Saddle River NJ, US
Xuan Liu - Yorktown Heights NY, US
Michael Robert McCullough - Washington DC, US
Adam Charles Nelson - Chicago IL, US
Charles Campbell Palmer - Goldens Bridge NY, US
Calvin Stacy Powers - Chapel Hill NC, US
Michael Schnyder - Bern, CH
Edith Schonberg - New York City NY, US
Matthias Schunter - Oldenburg, DE
Elsie Van Herreweghen - Adiswil, CH
Michael Waidner - Appitacsh, CH

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 21/00
G06F 7/04
G06F 17/30

US Classification:

726 27, 713182

Abstract:

In a computer, a first set of object classes are provided representing active entities in an information-handling process and a second set of object classes are provided representing data and rules in the information-handling process. At least one object class has rules associated with data. The above-mentioned objects are used in constructing a model of an information-handling process, and to provide an output that identifies at least one way in which the information-handling process could be improved. One aspect is a method for handling personally identifiable information. Another aspect is a system for executing the method of the present invention. A third aspect is as a set of instructions on a computer-usable medium, or resident in a computer system, for executing the method of the present invention.