US2013124420A1PendingUtilityA1

Secure system and method for enforcement of privacy policy and protection of confidentiality

58
Assignee: DURI SASTRY SPriority: Aug 30, 2002Filed: May 10, 2012Published: May 16, 2013
Est. expiryAug 30, 2022(expired)· nominal 20-yr term from priority
G06Q 20/382H04L 9/3263H04L 2209/805H04L 63/104G06Q 20/383H04L 9/321H04L 63/0428H04L 2209/56H04L 2209/84H04L 9/3247G06Q 20/3829
58
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

The invention includes various systems, architectures, frameworks and methodologies that can securely enforce a privacy policy. A method is included for securely guaranteeing a privacy policy between two enterprises, comprising: creating a message at a first enterprise, wherein the message includes a request for data concerning a third party and a privacy policy of the first enterprise; signing and certifying the message that the first enterprise has a tamper-proof system with a privacy rules engine and that the privacy policy of the first entity will be enforced by the privacy rules engine of the first enterprise; sending the message to a second enterprise; and running a privacy rules engine at the second enterprise to compare the privacy policy of the first enterprise with a set of privacy rules for the third party.

Claims

exact text as granted — not AI-modified
1 . A method for securely guaranteeing a privacy policy for credit card transactions, comprising:
 building a plurality of data processing devices that can recognize each other using cryptography;   programming a privacy policy into each of the data processing devices;   certifying that each of the data processing devices are equipped with privacy policy enforcement means;   distributing the data processing devices to a merchant and a financial institution;   issuing a credit card to an end user from the financial institution, wherein the end user is assigned a privacy policy in the data processing device of the financial institution;   making a credit card purchase from the merchant by the end-user; and   requesting data from the financial institution's data processing device by the merchant's data processing device, wherein the type of data that can be provided to the merchant's data processing device regarding the end user is governed by the assigned privacy policy of the end user.   
     
     
         2 . The method of  claim 1 , wherein the plurality of data processing devices comprise secure coprocessors. 
     
     
         3 . The method of  claim 1 , wherein the plurality of data processing devices can communicate with each other using private key/public key pairs.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.