公开(公告)号：US09317710B2

公开(公告)日：2016-04-19

申请号：US14141548

申请日：2013-12-27

Applicant: Xerox Corporation

Inventor： Thierry Jacquin

IPC: G06F3/00 ,  G06F21/62

CPC classification number: G06F21/6227

Abstract: A method for implementing a privacy policy includes receiving code for an application which includes definitions for a set of classes of records and for each of the record classes in the set, a definition of at least one field. A user selects one or more of the record classes and fields of the application as sensitive. A records manager is generated for identifying an associated minimization service for generating a minimized value of data in the sensitive field. A mapping aspect identifies joins in the application code where the minimization service is to be called. When the records manager and mapping aspect are deployed with the application, the minimization service generates a minimized value of data in the respective sensitive field.

Abstract translation: 一种用于实现隐私策略的方法包括接收应用程序的代码，该程序包括一组记录类的定义以及集合中的每个记录类别的定义，至少一个字段的定义。 用户选择应用程序的一个或多个记录类别和字段是敏感的。 生成用于识别相关联的最小化服务的记录管理器，用于在敏感场中生成最小化的数据值。 映射方面标识应用代码中要调用最小化服务的连接。 当记录管理器和映射方面与应用程序一起部署时，最小化服务在相应的敏感字段中生成最小化的数据值。

公开(公告)号：US09443101B2

公开(公告)日：2016-09-13

申请号：US14202477

申请日：2014-03-10

Applicant: Xerox Corporation

Inventor： Thierry Jacquin

IPC: G06F21/62

CPC classification number: G06F21/6245

Abstract: A system and method for implementing a privacy policy in an application to be run are provided. Definitions are received for a set of fields. At least one of the fields is designated as sensitive by a default privacy policy. A user is provided with a consent editor whereby the user can consent to relaxing the default privacy policy for at least one of the sensitive fields. A consent privacy rule is generated based on the received consent. A mapping aspect is provided which identifies joins at which code of the application is to be augmented by calling a minimization service to apply the default privacy policy by generating a minimized value of data in each of the designated sensitive fields used by the application unless there is a generated consent privacy rule which authorizes relaxation of the default privacy policy for the user's data in a respective sensitive field.

Abstract translation: 提供了一种在要运行的应用程序中实现隐私策略的系统和方法。 接收到一组字段的定义。 至少有一个字段被默认隐私策略指定为敏感的。 向用户提供了同意编辑器，由此用户可以同意放松至少一个敏感字段的默认隐私策略。 根据收到的同意产生同意隐私规则。 提供了映射方面，其通过调用最小化服务来标识应用程序的哪个代码的连接，以通过在应用中使用的每个指定的敏感字段中生成数据的最小值来应用默认隐私策略，除非存在 授权在相应的敏感字段中放弃用户数据的默认隐私策略的生成的同意隐私规则。

公开(公告)号：US20150186666A1

公开(公告)日：2015-07-02

申请号：US14141548

申请日：2013-12-27

Applicant: Xerox Corporation

Inventor： Thierry Jacquin

IPC: G06F21/62 ,  G06F17/24

CPC classification number: G06F21/6227

Abstract: A method for implementing a privacy policy includes receiving code for an application which includes definitions for a set of classes of records and for each of the record classes in the set, a definition of at least one field. A user selects one or more of the record classes and fields of the application as sensitive. A records manager is generated for identifying an associated minimization service for generating a minimized value of data in the sensitive field. A mapping aspect identifies joins in the application code where the minimization service is to be called. When the records manager and mapping aspect are deployed with the application, the minimization service generates a minimized value of data in the respective sensitive field.

Abstract translation: 一种用于实现隐私策略的方法包括接收应用程序的代码，该程序包括一组记录类的定义以及集合中的每个记录类别的定义，至少一个字段的定义。 用户选择应用程序的一个或多个记录类别和字段是敏感的。 生成用于识别相关联的最小化服务的记录管理器，用于在敏感场中生成最小化的数据值。 映射方面标识应用代码中要调用最小化服务的连接。 当记录管理器和映射方面与应用程序一起部署时，最小化服务在相应的敏感字段中生成最小化的数据值。

公开(公告)号：US09313022B2

公开(公告)日：2016-04-12

申请号：US14665356

申请日：2015-03-23

Applicant: Xerox Corporation

Inventor： Thierry Jacquin ,  Johan Clier ,  Ioan Calapodescu

IPC: G06F17/00 ,  H04L9/00 ,  H04L9/14 ,  G06F21/62

CPC classification number: H04L9/008 ,  G06F21/6218 ,  G06F21/6245 ,  H04L9/14 ,  H04L2209/24

Abstract: Data privacy is becoming increasingly important and, in some jurisdictions, required. Access to private data can be controlled by forcing all access to go through minimizations services that allow only authorized access to private data. These minimization services can become processing bottlenecks if the only way to modify private data is by way of requests to the minimization service. Certain homomorphic operations allow for encrypted data to be modified without being first decrypted although other operands must be encrypted. Augmenting a minimization service to provide a public encryption key provides for encryption of the other operands. Providing a records manager that can take advantage of homomorphic operations allows certain data operations to be performed without compromising security and without accessing the minimization service.

Abstract translation: 数据隐私变得越来越重要，在某些司法管辖区也是如此。 可以通过强制所有访问来实现仅允许授权访问私有数据的最小化服务来控制对私有数据的访问。 如果修改私有数据的唯一方法是通过对最小化服务的请求，这些最小化服务可能成为处理瓶颈。 某些同态操作允许修改加密数据，而不必首先解密，尽管其他操作数必须加密。 增加最小化服务以提供公共加密密钥提供其他操作数的加密。 提供可以利用同态操作的记录管理器允许执行某些数据操作，而不会影响安全性并且不访问最小化服务。

公开(公告)号：US20150254456A1

公开(公告)日：2015-09-10

申请号：US14202477

申请日：2014-03-10

Applicant: Xerox Corporation

Inventor： Thierry Jacquin

IPC: G06F21/54 ,  G06F21/62

CPC classification number: G06F21/6245

Abstract: A system and method for implementing a privacy policy in an application to be run are provided. Definitions are received for a set of fields. At least one of the fields is designated as sensitive by a default privacy policy. A user is provided with a consent editor whereby the user can consent to relaxing the default privacy policy for at least one of the sensitive fields. A consent privacy rule is generated based on the received consent. A mapping aspect is provided which identifies joins at which code of the application is to be augmented by calling a minimization service to apply the default privacy policy by generating a minimized value of data in each of the designated sensitive fields used by the application unless there is a generated consent privacy rule which authorizes relaxation of the default privacy policy for the user's data in a respective sensitive field.

Abstract translation: 提供了一种在要运行的应用程序中实现隐私策略的系统和方法。 接收到一组字段的定义。 至少有一个字段被默认隐私策略指定为敏感的。 向用户提供了同意编辑器，由此用户可以同意放松至少一个敏感字段的默认隐私策略。 根据收到的同意产生同意隐私规则。 提供了映射方面，其通过调用最小化服务来标识应用程序的哪个代码的连接，以通过在应用中使用的每个指定的敏感字段中生成数据的最小值来应用默认隐私策略，除非存在 授权在相应的敏感字段中放弃用户数据的默认隐私策略的生成的同意隐私规则。

公开(公告)号：US20150195083A1

公开(公告)日：2015-07-09

申请号：US14665356

申请日：2015-03-23

Applicant: Xerox Corporation

Inventor： Thierry Jacquin ,  Johan Clier ,  Ioan Calapodescu

IPC: H04L9/00 ,  H04L9/14

CPC classification number: H04L9/008 ,  G06F21/6218 ,  G06F21/6245 ,  H04L9/14 ,  H04L2209/24

Abstract: Data privacy is becoming increasingly important and, in some jurisdictions, required. Access to private data can be controlled by forcing all access to go through minimizations services that allow only authorized access to private data. These minimization services can become processing bottlenecks if the only way to modify private data is by way of requests to the minimization service. Certain homomorphic operations allow for encrypted data to be modified without being first decrypted although other operands must be encrypted. Augmenting a minimization service to provide a public encryption key provides for encryption of the other operands. Providing a records manager that can take advantage of homomorphic operations allows certain data operations to be performed without compromising security and without accessing the minimization service.

Abstract translation: 数据隐私变得越来越重要，在某些司法管辖区也是如此。 可以通过强制所有访问来实现仅允许授权访问私有数据的最小化服务来控制对私有数据的访问。 如果修改私有数据的唯一方法是通过对最小化服务的请求，这些最小化服务可能成为处理瓶颈。 某些同态操作允许修改加密数据，而不必首先解密，尽管其他操作数必须加密。 增加最小化服务以提供公共加密密钥提供其他操作数的加密。 提供可以利用同态操作的记录管理器允许执行某些数据操作，而不会影响安全性并且不访问最小化服务。