Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Information Privacy Within Structured Query Applications

IP.com Disclosure Number: IPCOM000240861D
Publication Date: 2015-Mar-06
Document File: 2 page(s) / 24K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method to implement a set of standard methods and means for accessing and processing sensitive data within structured query applications that can (1) preserve accepted principles for privacy (e.g., anonymity, pseudonymity, unobservability, and unlinkability) and (2) provide compliance information on access to and usage of sensitive information.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 2

Information Privacy Within Structured Query Applications

Businesses, organizations, and governments that want to comply with legal and ethical standards are hindered when software technologies do not provide the required functionality to properly control collection, storage, aggregation, and sharing of potentially sensitive information.

A method is herein disclosed for accessing and processing sensitive data within structured query applications that can (1) preserve accepted principles for privacy (e.g., anonymity, pseudonymity, unobservability, and unlinkability) and (2) provide compliance information on access to and usage of sensitive information.

The disclosed method includes:

• A body of sensitive data

• A data structure that combines sensitive data with metadata


• A set of rules that describes the acceptable actions that can be performed on the data


• One or more software programs that act as a mediator between the structured query application and the user data


• The mediator (also to be considered as a proxy)

A structured query application has direct and complete access to raw data, and the

operations on the accessed raw data are embedded in the business logic of the application.

According to the disclosed method, the raw data is assembled into a queryable data structure, along with s white list of acceptable queries and responses. The data structure is constructed with a security schema that includes the raw data, identifying metadata, rules, and a set of protections. The protections provide sustainable integrity of the data and unobservability of the data when encryption is specified as a protection mechanism. The operation of the proxy in combination with the rules within the data structure enforces anonymity, pseudonymity, and unlinkability.

According to the present invention, the queryable data structure is pre-built and stored as a protection data structure, or built on-demand when the query application initializes.

The following provide additional details regarding the above described method:

1. The structured query application requests a dialog with the proxy application, specifying the identifier of the target data structure or a sequential access


2. The proxy may return the acceptable queries to the structured query application
3. The query application and the proxy exchange requests and...