US2020065525A1PendingUtilityA1
Method and apparatus for generating privacy profiles
Est. expiryOct 23, 2032(~6.3 yrs left)· nominal 20-yr term from priority
G06F 2221/2141G06F 21/6245G06F 21/6263G06F 21/604G06F 2221/2117H04L 63/20H04L 63/10
59
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A privacy processing system may use privacy rules to filter sensitive personal information from web session data. The privacy processing system may generate privacy profiles or privacy metadata that identifies how often the privacy rules are called, how often the privacy rules successfully complete actions, and the processing time required to execute the privacy rules. The privacy profiles may be used to detect irregularities in the privacy filtering process that may be associated with a variety of privacy filtering and web session problems.
Claims
exact text as granted — not AI-modified1 - 20 . (canceled)
21 . A privacy processing system comprising:
a set of privacy rules, wherein each of the privacy rules is for application in filtering sensitive personal information from web session data; a set of privacy profiles, wherein each of the privacy profiles includes metrics associated with application of one or more of the privacy rules to web session data; and a privacy event processor for:
using one or more of the privacy profiles, identifying an irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data associated with a web session; and
upon identification of the irregularity, sending an electronic notification relating to the identified irregularity.
22 . The system of claim 21 , wherein the web session includes an online purchase of a product or service, and wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter sensitive personal information comprising information associated with completing the online purchase.
23 . The system of claim 21 , wherein the web session includes a credit card purchase, and wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter credit card information associated with the purchase.
24 . The system of claim 21 , comprising a privacy profiler for generating the privacy profiles.
25 . The system of claim 21 , wherein the privacy profiles identify how often the privacy rules are called, how often the privacy rules successfully complete actions, and amounts of processing time required to execute the privacy rules.
26 . The system of claim 21 , wherein application of the privacy rules in filtering sensitive personal information from web session data comprises using the privacy rules to remove sensitive personal information.
27 . The system of claim 21 , wherein the metrics are privacy metrics including aggregated metrics relating to privacy rule use over time.
28 . The system of claim 21 , wherein the metrics are privacy metrics that include aggregated metrics relating to privacy rule use over time, and wherein comparison of aggregated metrics is used in identifying the irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data.
29 . The system of claim 21 , wherein the metrics are privacy metrics that include aggregated metrics relating to privacy rule use over time, and wherein comparison of aggregated metrics is used in identifying the irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data, and wherein identifying the irregularity comprises, for a first privacy rule:
determining a first statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a first period of time; determining a second statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a second period of time; and comparing the first statistical metric to the second statistical metric in determining whether a threshold deviation has been reached between the first statistical metric and the second statistical metric, wherein reaching the threshold deviation is associated with identifying the irregularity.
30 . The system of claim 21 , wherein the privacy rules are for application in filtering sensitive personal information from the web session data before storing web session data, of the web session data, in a database for subsequent replay analysis.
31 . The system of claim 21 , wherein the privacy processing system is for replaying the web session with the sensitive personal information filtered therefrom in identifying the irregularity.
32 . The system of claim 21 , wherein the irregularity is associated with a filtering problem.
33 . The system of claim 21 , wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter sensitive personal information from web session data.
34 . The system of claim 21 , wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter sensitive personal information from web session data as required by one or more government privacy regulations.
35 . The system of claim 21 , wherein the notification is sent to be received or accessed by an operator of at least a portion of the privacy processing system.
36 . The system of claim 21 , wherein the notification comprises an email.
37 . The system of claim 21 , wherein the notification comprises a log entry accessible by an operator of at least a portion of the privacy processing system.
38 . A method comprising:
generating a set of privacy rules for application in filtering sensitive personal information from web session data; generating a set of privacy profiles, wherein each of the privacy profiles includes metrics associated with application of one or more of the privacy rules to web session data; using one or more of the privacy profiles, identifying an irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data associated with a web session; and upon identification of the irregularity, sending an electronic notification relating to the identified irregularity.
39 . The method of claim 38 , comprising identifying the irregularity, wherein the web session includes an online purchase of a product or service, and wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter sensitive personal information comprising information associated with completing the online purchase.
40 . The method of claim 38 , comprising identifying the irregularity, wherein the web session includes a credit card transaction, and wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter credit card information associated with completing the transaction.
41 . The method of claim 38 , wherein the irregularity is determined to be associated with Document Object Model (DOM) changes made to filtered web pages.
42 . The method of claim 38 , wherein the metrics are privacy metrics that include aggregated metrics relating to privacy rule use over time, and wherein comparison of aggregated metrics is used in identifying the irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data.
43 . The method of claim 38 , wherein the metrics are privacy metrics that include aggregated metrics relating to privacy rule use over time, and wherein comparison of aggregated metrics is used in identifying the irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data, and wherein identifying the irregularity comprises, for a first privacy rule:
determining a first statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a first period of time; determining a second statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a second period of time; and comparing the first statistical metric to the second statistical metric in determining whether a threshold deviation has been reached between the first statistical metric and the second statistical metric, wherein reaching the threshold deviation is associated with identifying the irregularity.
44 . A non-transitory computer readable medium or media containing instructions for executing a method comprising:
generating a set of privacy rules for application in filtering sensitive personal information from web session data; generating a set of privacy profiles, wherein each of the privacy profiles includes metrics associated with application of one or more of the privacy rules to web session data; using one or more of the privacy profiles, identifying an irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data associated with a web session; and upon identification of the irregularity, sending an electronic notification of the identified irregularity;
wherein the web session includes an online purchase of a product or service, and wherein the irregularity is associated with a filtering problem that includes a privacy rule that does not filter sensitive personal information comprising information associated with completing the online purchase; and
wherein the metrics are privacy metrics that include aggregated metrics relating to privacy rule use over time, and wherein comparison of aggregated metrics is used in identifying the irregularity in application of one or more of the privacy rules in filtering sensitive personal information from web session data, and wherein identifying the irregularity comprises, for a first privacy rule of the privacy rules:
determining a first statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a first period of time;
determining a second statistical metric associated with use of the first privacy rule in filtering sensitive personal information from web session data over a second period of time; and
comparing the first statistical metric to the second statistical metric in determining whether a threshold deviation has been reached between the first statistical metric and the second statistical metric, wherein reaching the threshold deviation is associated with identifying the irregularity.Join the waitlist — get patent alerts
Track US2020065525A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.