Method and apparatus for using a proxy to manage confidential information
Abstract
A method, apparatus, and computer usable code for managing confidential data. A request is received to access an application from a user, wherein the application includes logic to process the confidential data. One of a first interface or a second interface is selected based on an identification whether the user is permitted to see the confidential data to form a selected interface in response to receiving the request. A selected interface is presented to the user. The first interface presents the confidential information and second interface presents non-confidential information without presenting the confidential information. The second interface allows access to the logic in the application without accessing the confidential data.
Claims
exact text as granted — not AI-modified1 . A method in a data processing system for managing confidential data, method comprising:
receiving a request to access an application from a user, wherein the application includes logic to process the confidential data; responsive to receiving the request, selecting one of a first interface or a second interface based on an identification whether the user is permitted to see the confidential data to form a selected interface; and presenting the selected interface to the user, wherein the first interface presents the confidential information and second interface presents non-confidential information without presenting the confidential information and wherein the second interface allows access to the logic in the application without accessing the confidential data.
2 . The method of claim 1 , wherein the request is for a Web page and wherein the selecting step comprises:
determining whether the user is allowed to access the confidential data; responsive to a determination that the user is allowed to access the confidential data, sending the request to a Web server, and responsive to receiving a Web page from the Web server, translating the Web page to include the confidential information to form a translated Web page.
3 . The method of claim 1 , wherein the determining step comprises:
identifying and authenticating the user from the request.
4 . The method of claim 2 further comprising:
responsive to receiving the Web page from the Web server, determining whether the Web page includes encrypted data; and responsive to the Web page including encrypted data, decrypting the encrypted data.
5 . The method of claim 1 , wherein the receiving step, the selecting step, and the presenting step are performed by a proxy server.
6 . The method of claim 1 , wherein the first interface is a classified interface and wherein the second interface is an unclassified interface.
7 . The method of claim 1 further comprising:
responsive to the request, including data to be written to storage, identifying data entered by the user; encrypting the data entered by the user to form encrypted data; and sending encrypted data to the storage.
8 . The method of claim 2 , wherein the selecting step is performed by a database.
9 . A computer program product comprising:
a computer usable medium including computer usable program code for managing confidential data, the computer program product comprising: computer usable program code for receiving a request to access an application from a user, wherein the application includes logic to process the confidential data; computer usable program code, responsive to receiving the request, for selecting one of a first interface or a second interface based on an identification whether the user is permitted to see the confidential data to form a selected interface; and computer usable program code for presenting the selected interface to the user, wherein the first interface presents the confidential information and second interface presents non-confidential information without presenting the confidential information and wherein the second interface allows access to the logic in the application without accessing the confidential data.
10 . The computer program product of claim 9 , wherein the computer usable program code for the request is for a Web page and wherein the selecting step comprises:
computer usable program code for determining whether the user is allowed to access the confidential data; computer usable program code, responsive to a determination that the user is allowed to access the confidential data, for sending the request to a Web server, and computer usable program code, responsive to receiving a Web page from the Web server, for translating the Web page to include the confidential information to form a translated Web page.
11 . The computer program product of claim 9 , wherein the computer usable program code for the determining step comprises:
computer usable program code for identifying and authenticating the user from the request.
12 . The computer program product of claim 10 wherein the computer usable program code further comprises:
computer usable program code, responsive to receiving the Web page from the Web server, for determining whether the Web page includes encrypted data; and computer usable program code, responsive to the Web page including encrypted data, for decrypting the encrypted data.
13 . The computer program product of claim 9 , wherein the computer usable program code for receiving step, the selecting step, and the presenting step are performed by a proxy server.
14 . The computer program product of claim 9 , wherein the computer usable program code for first interface is a classified interface and wherein the second interface is an unclassified interface.
15 . The computer program product of claim 9 , wherein the computer usable program code for further comprises:
computer usable program code, responsive to the requesting including data to be written to storage; computer usable program code for identifying data entered by the user; computer usable program code for encrypting the data entered by the user to form encrypted data; and computer usable program code for sending encrypted data to the storage.
16 . A data processing system comprising:
a bus; a communications unit connected to the bus; a memory connected to the bus, wherein the memory includes computer usable code; and a processor unit connected to the bus, wherein the processor unit executes the computer usable code to receive a request to access an application from a user, wherein the application includes logic to process the confidential data; select one of a first interface or a second interface based on an identification whether the user is permitted to see the confidential data to form a selected interface in response to receiving the request; and present the selected interface to the user, wherein the first interface presents the confidential information and second interface presents non-confidential information without presenting the confidential information and wherein the second interface allows access to the logic in the application without accessing the confidential data.
17 . The data processing system of claim 16 , wherein the request is for a Web page and wherein in executing the computer usable code to select one of a first interface or a second interface based on an identification whether the user is permitted to see the confidential data to form a selected interface, the processor further executes the computer usable code to determine whether the user is allowed to access the confidential data; sending the request to a Web server in response to a determination that the user is allowed to access the confidential data; and, translate the Web page to include the confidential information to form a translated Web page in response to receiving a Web page from the Web server.
18 . The data processing system of claim 16 , wherein in executing the computer usable code to determine whether the user is allowed to access the confidential data, the processor further executes the computer usable code to identify and authenticate the user from the request.
19 . The data processing system of claim 17 , wherein the processor unit further executes the computer usable code to determine whether the Web page includes encrypted data in response to receiving the Web page from the Web server and decrypt the encrypted data in response to the Web page including encrypted data.
20 . The data processing system of claim 16 , wherein the first interface is a classified interface and wherein the second interface is an unclassified interface.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.