-
1.发明申请公开(公告)号:US20080294480A1
公开(公告)日:2008-11-27
申请号:US12186257
申请日:2008-08-05
IPC分类号: G06Q10/00
CPC分类号: G06Q10/06 , G06Q10/063
摘要: The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. First, a task from the process model is chosen. Then one or more of the elements role, data, purpose, action, obligation, and condition are gathered from the task and a rule is build up by means of these elements. Finally the rule is added to the privacy policy.
摘要翻译: 本发明提供了用于从过程模型创建隐私策略的方法和装置,以及用于检查隐私策略的合规性的方法和装置。 根据本发明的用于从过程模型创建隐私策略的方法的示例包括以下步骤。 首先,选择过程模型的任务。 然后,从任务中收集一个或多个元素的角色,数据,目的,行为,义务和条件,并通过这些元素建立规则。 最后将规则添加到隐私政策中。
-
2.发明申请公开(公告)号:US20060184995A1
公开(公告)日:2006-08-17
申请号:US11317396
申请日:2005-12-22
IPC分类号: H04L9/00
CPC分类号: G06Q10/06 , G06Q10/063
摘要: The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. First, a task from the process model is chosen. Then one or more of the elements role, data, purpose, action, obligation, and condition are gathered from the task and a rule is build up by means of these elements. Finally the rule is added to the privacy policy.
摘要翻译: 本发明提供了用于从过程模型创建隐私策略的方法和装置,以及用于检查隐私策略的合规性的方法和装置。 根据本发明的用于从过程模型创建隐私策略的方法的示例包括以下步骤。 首先,选择过程模型的任务。 然后,从任务中收集一个或多个元素的角色,数据,目的,行为,义务和条件,并通过这些元素建立规则。 最后将规则添加到隐私政策中。
-
3.发明申请IMPLEMENTATION AND USE OF PII DATA ACCESS CONTROL FACILITY EMPLOYING PERSONALLY IDENTIFYING INFORMATION LABELS AND PURPOSE SERVING FUNCTION SETS 有权使用个人识别信息标签和目的服务功能集的PII数据访问控制设施的实施和使用公开(公告)号:US20070250913A1
公开(公告)日:2007-10-25
申请号:US11764487
申请日:2007-06-18
申请人: Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人: Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号: G06F15/16
CPC分类号: G06F21/629 , G06F21/6245 , G06F2221/2101 , G06F2221/2113 , G06F2221/2141 , G06F2221/2149
摘要: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.
摘要翻译: 通过将个人识别信息(PII)分类标签分配给PII数据对象来实现数据访问控制设施,每个PII数据对象分配有一个PII分类标签。 控制设备还包括至少一个PII目的服务功能集(PSFS),其包括读或写PII数据对象的应用功能列表。 每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。 控制设备的用户被分配有PII间隙组,其包含至少一个PII分类标签的列表,该列表用于确定用户是否有权访问特定功能。
-
公开(公告)号:US20050289340A1
公开(公告)日:2005-12-29
申请号:US10874421
申请日:2004-06-23
CPC分类号: G06F21/6245
摘要: Method, system, and storage medium for reducing or minimizing access to sensitive information. A method includes identifying processes and data associated with a computer system and classifying each of the data as one of either sensitive information or non-sensitive information. The sensitive information includes at least one of: data that is personal to an individual, confidential data, and data that is legally subject to conditions of restricted use. For each of the processes the method includes selecting a process and a sensitive data item, modifying the sensitive data item, analyzing the behavior of at least the selected process, and preventing access of the sensitive data item by the selected process if, as a result of the analyzing, the sensitive data item is determined not to be needed by the selected process.
摘要翻译: 用于减少或最小化敏感信息访问的方法,系统和存储介质。 一种方法包括识别与计算机系统相关联的过程和数据,并将每个数据分类为敏感信息或非敏感信息之一。 敏感信息包括以下至少一项:对个人个人的数据,机密数据和法律上受限于使用条件的数据。 对于每个过程,该方法包括选择过程和敏感数据项,修改敏感数据项,分析至少所选过程的行为,以及如果结果,则阻止敏感数据项的访问。 在分析的情况下,敏感数据项被确定为所选择的处理不需要。
-
5.发明申请Implementation and use of a PII data access control facility employing personally identifying information labels and purpose serving functions sets 有权实施和使用使用个人识别信息标签和目的服务功能集的PII数据访问控制设施公开(公告)号:US20050044409A1
公开(公告)日:2005-02-24
申请号:US10643798
申请日:2003-08-19
申请人: Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人: Linda Betz , John Dayka , Walter Farrell , Richard Guski , Guenter Karjoth , Mark Nelson , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
CPC分类号: G06F21/629 , G06F21/6245 , G06F2221/2101 , G06F2221/2113 , G06F2221/2141 , G06F2221/2149
摘要: A data access control facility is implemented by assigning personally identifying information (PII) classification labels to PII data objects, with each PII data object having one PII classification label assigned thereto. The control facility further includes at least one PII purpose serving function set (PSFS) comprising a list of application functions that read or write PII data objects. Each PII PSFS is also assigned a PII classification label. A PII data object is accessible via an application function of a PII PSFS having a PII classification label that is identical to or dominant of the PII classification label of the PII object. A user of the control facility is assigned a PII clearance set which contains a list of at least one PII classification label, which is employed in determining whether the user is entitled to access a particular function.
摘要翻译: 通过将个人识别信息(PII)分类标签分配给PII数据对象来实现数据访问控制设施,每个PII数据对象分配有一个PII分类标签。 控制设备还包括至少一个PII目的服务功能集(PSFS),其包括读或写PII数据对象的应用功能列表。 每个PII PSFS也被分配了一个PII分类标签。 PII数据对象可通过具有与PII对象的PII分类标签相同或占优势的PII分类标签的PII PSFS的应用功能来访问。 控制设备的用户被分配有PII间隙组,其包含至少一个PII分类标签的列表,该列表用于确定用户是否有权访问特定功能。
-
6.发明授权Efficient browser-based identity management providing personal control and anonymity 有权高效的基于浏览器的身份管理提供个人控制和匿名性公开(公告)号:US09501634B2
公开(公告)日:2016-11-22
申请号:US13151708
申请日:2011-06-02
申请人: Birgit Pfitzmann , Michael Waidner
发明人: Birgit Pfitzmann , Michael Waidner
CPC分类号: H04L63/0815 , G06F21/41 , G06Q20/00 , H04L63/0807 , H04L63/083
摘要: A system allows a reliable and efficient identity management that can, with full interoperability, accommodate to various requirements of participants. For that a system is presented for providing an identity-related information about a user to a requesting entity. The method includes a location-request step initiated by the requesting entity for requesting from a client application a location information that corresponds to a location entity possessing the identity-related information, a redirecting step for connecting the client application to the location entity in order to instruct the location entity to transfer the identity-related information to the requesting entity, and an acquiring step for obtaining the identity-related information. The acquiring step includes a contact step wherein the location entity contacts the requesting entity, a request step wherein the requesting entity requests the identity-related information, and a response step wherein the requesting entity receives the identity-related information from the location entity.
摘要翻译: 系统允许可靠和有效的身份管理,可以完全互操作,适应参与者的各种要求。 为此,呈现用于向请求实体提供关于用户的身份相关信息的系统。 该方法包括由请求实体发起的位置请求步骤,用于从客户应用程序请求与具有身份相关信息的位置实体相对应的位置信息;重定向步骤,用于将客户端应用连接到位置实体,以便 指示所述位置实体将所述身份相关信息传送到所述请求实体,以及获取步骤,用于获取所述身份相关信息。 所述获取步骤包括联系步骤,其中所述位置实体联系所述请求实体;请求步骤,其中所述请求实体请求所述身份相关信息;以及响应步骤,其中所述请求实体从所述位置实体接收所述身份相关信息。
-
7.发明申请EFFICIENT BROWSER-BASED IDENTITY MANAGEMENT PROVIDING PERSONAL CONTROL AND ANONYMITY 审中-公开高效的基于浏览器的身份管理提供个人控制和无私性公开(公告)号:US20110302273A1
公开(公告)日:2011-12-08
申请号:US13151708
申请日:2011-06-02
申请人: Birgit Pfitzmann , Michael Waidner
发明人: Birgit Pfitzmann , Michael Waidner
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L63/0815 , G06F21/41 , G06Q20/00 , H04L63/0807 , H04L63/083
摘要: A system allows a reliable and efficient identity management that can, with full interoperability, accommodate to various requirements of participants. For that a system is presented for providing an identity-related information about a user to a requesting entity. The method includes a location-request step initiated by the requesting entity for requesting from a client application a location information that corresponds to a location entity possessing the identity-related information, a redirecting step for connecting the client application to the location entity in order to instruct the location entity to transfer the identity-related information to the requesting entity, and an acquiring step for obtaining the identity-related information. The acquiring step includes a contact step wherein the location entity contacts the requesting entity, a request step wherein the requesting entity requests the identity-related information, and a response step wherein the requesting entity receives the identity-related information from the location entity.
摘要翻译: 系统允许可靠和有效的身份管理,可以完全互操作,适应参与者的各种要求。 为此,呈现用于向请求实体提供关于用户的身份相关信息的系统。 该方法包括由请求实体发起的位置请求步骤,用于从客户应用程序请求与具有身份相关信息的位置实体相对应的位置信息;重定向步骤,用于将客户端应用连接到位置实体,以便 指示所述位置实体将所述身份相关信息传送到所述请求实体,以及获取步骤,用于获取所述身份相关信息。 所述获取步骤包括联系步骤,其中所述位置实体联系所述请求实体;请求步骤,其中所述请求实体请求所述身份相关信息;以及响应步骤,其中所述请求实体从所述位置实体接收所述身份相关信息。
-
8.发明授权Efficient browser-based identity management providing personal control and anonymity 失效高效的基于浏览器的身份管理提供个人控制和匿名性公开(公告)号:US07992195B2
公开(公告)日:2011-08-02
申请号:US10512229
申请日:2003-03-26
申请人: Birgit Pfitzmann , Michael Waidner
发明人: Birgit Pfitzmann , Michael Waidner
CPC分类号: H04L63/0815 , G06F21/6263
摘要: The invention allows a reliable and efficient identity management that can, with full interoperability, accommodate to various requirements of participants. For that a method and system are presented for providing an identity-related information about a user to a requesting entity. The method comprises a location-request step initiated by the requesting entity for requesting from a client application a location information that corresponds to a location entity possessing the identity-related information, a redirecting step for connecting the client application to the location entity in order to instruct the location entity to transfer the identity-related information to the requesting entity, and an acquiring step for obtaining the identity-related information. The acquiring step comprises a contact step wherein the location entity contacts the requesting entity, a request step wherein the requesting entity requests the identity-related information, and a response step wherein the requesting entity receives the identity-related information from the location entity.
摘要翻译: 本发明允许可靠和有效的身份管理,其可以具有完全互操作性,以适应参与者的各种要求。 为此,提出了一种用于向请求实体提供关于用户的身份相关信息的方法和系统。 该方法包括由请求实体发起的位置请求步骤,用于从客户端应用程序请求与拥有身份相关信息的位置实体相对应的位置信息;重定向步骤,用于将客户端应用连接到位置实体,以便 指示所述位置实体将所述身份相关信息传送到所述请求实体,以及获取步骤,用于获取所述身份相关信息。 所述获取步骤包括联系步骤,其中所述位置实体联系所述请求实体;请求步骤,其中所述请求实体请求所述身份相关信息;以及响应步骤,其中所述请求实体从所述位置实体接收所述身份相关信息。
-
9.发明申请Efficient browser-based identity management providing personal control and anonymity 失效高效的基于浏览器的身份管理提供个人控制和匿名性公开(公告)号:US20070130460A1
公开(公告)日:2007-06-07
申请号:US10512229
申请日:2003-03-26
申请人: Birgit Pfitzmann , Michael Waidner
发明人: Birgit Pfitzmann , Michael Waidner
IPC分类号: H04L9/00
CPC分类号: H04L63/0815 , G06F21/6263
摘要: The invention allows a reliable and efficient identity management that can, with full interoperability, accommodate to various requirements of participants. For that a method and system are presented for providing an identity-related information about a user to a requesting entity. The method comprises a location-request step initiated by the requesting entity for requesting from a client application a location information that corresponds to a location entity possessing the identity-related information, a redirecting step for connecting the client application to the location entity in order to instruct the location entity to transfer the identity-related information to the requesting entity, and an acquiring step for obtaining the identity-related information. The acquiring step comprises a contact step wherein the location entity contacts the requesting entity, a request step wherein the requesting entity requests the identity-related information, and a response step wherein the requesting entity receives the identity-related information from the location entity.
摘要翻译: 本发明允许可靠和有效的身份管理,其可以具有完全互操作性,以适应参与者的各种要求。 为此,提出了一种用于向请求实体提供关于用户的身份相关信息的方法和系统。 该方法包括由请求实体发起的位置请求步骤,用于从客户端应用程序请求与拥有身份相关信息的位置实体相对应的位置信息;重定向步骤,用于将客户端应用连接到位置实体,以便 指示所述位置实体将所述身份相关信息传送到所述请求实体,以及获取步骤,用于获取所述身份相关信息。 所述获取步骤包括联系步骤,其中所述位置实体联系所述请求实体;请求步骤,其中所述请求实体请求所述身份相关信息;以及响应步骤,其中所述请求实体从所述位置实体接收所述身份相关信息。
-
10.发明申请公开(公告)号:US20050251857A1
公开(公告)日:2005-11-10
申请号:US11120578
申请日:2005-05-02
CPC分类号: G06F21/57
摘要: Method and device for verifying the security of a computing platform. In the method for verifying the security of a computing platform a verification machine is first transmitting a verification request via an integrity verification component to the platform. Then the platform is generating by means of a trusted platform module a verification result depending on binaries loaded on the platform, and is transmitting it to the integrity verification component. Afterwards, the integrity verification component is determining with the received verification result the security properties of the platform and transmits them to the verification machine. Finally, the verification machine is determining whether the determined security properties comply with desired security properties.
摘要翻译: 用于验证计算平台安全性的方法和设备。 在验证计算平台的安全性的方法中,验证机首先通过完整性验证部件向平台发送验证请求。 然后,平台通过可信赖的平台模块产生取决于平台上加载的二进制文件的验证结果,并将其发送到完整性验证组件。 之后,完整性验证部件正在使用接收到的验证结果确定平台的安全属性并将其发送到验证机。 最后,验证机正在确定所确定的安全属性是否符合所需的安全属性。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.028 秒)