The present invention relates generally to managing sensitive data, and more specifically to applying privacy policies to data sent from mobile devices.
Many applications for mobile devices (e.g., banking, collaboration, and social networking) transmit sensitive data. Known mobile platforms employ proxy interceptors to monitor, filter, and change data sent from mobile devices, but the proxy interceptors lack a security management system that provides users with sufficient control over the transmission of sensitive data.
ExFILD: A Tool for the Detection of Data Exfiltration Using Entropy and Encryption Characteristics of Network Traffic by Tyrell William Fawcett, 2010 teaches a tool that determines the sensitivity of outbound data and alerts users when sensitive data is exiting a system by using entropy characteristics of network traffic.
A first embodiment of the present invention is a method, computer system and computer program product for managing data being transmitted from a mobile device. The mobile device receives a request from a user to initiate a transmission of data. The mobile device determines whether the data includes sensitive information based on a format of the data, and if so, the mobile device determines a country in which the mobile device is currently located, determines a privacy policy of the country in which the mobile device is currently located, and determines whether the privacy policy applies to a type of the data corresponding to the format of the data; and if so, the mobile device notifies the user of the privacy policy of the country, identifies to the user the type of the data for which the privacy policy applies, and queries the user whether to transmit the data as requested by the user.
A second embodiment of the present invention is a method, computer system and computer program product for managing data being transmitted from a mobile device. The mobile device receives a request from a user to initiate a transmission of data. The mobile device determines a country in which the mobile device is currently located. The mobile device determines a privacy policy of the country in which the mobile device is currently located. The mobile device determines a format of the data. The mobile device determines whether the privacy policy applies to a type of the data corresponding to the format of the data, and if so, the mobile device notifies the user of the privacy policy of the country, identifies to the user the type of the data for which the privacy policy applies, and queries the user whether to transmit the data as requested by the user.
Embodiments of the present invention provide a mobile privacy information proxy installed on a mobile device, which allows a user to have control over whether private data including sensitive information is transmitted from the mobile device based on the current location of the mobile device. By providing the control over whether the sensitive information is transmitted from the mobile device, the proxy makes the user more comfortable with using mobile device-based applications with private data.
Overview
Embodiments of the present invention provide a proxy installed on a mobile device which periodically downloads an updated location-based privacy policy from a centralized data store and applies the privacy policy to manage an attempted transmission of sensitive data from the mobile device. The privacy policy includes rules that identify data that is sensitive in a specific country and/or another political division. Applying the rules in the privacy policy to manage the transmission of the sensitive data is based on the current location of the mobile device (i.e., based on a country and/or another political division in which the mobile device is currently located). The privacy policy can be extended to include an enterprise's rules that manage the transmission of sensitive data.
System for Managing Data Transmitted from a Mobile Device
Mobile privacy policy management program 104 is a server-side component that manages data in data store 106, which includes rules 108, privacy policies, categories, user profiles, locales, and countries, as described below.
Mobile privacy policy management program 104 stores privacy rules 108 in data store 106 and retrieves privacy rules 108 from data store 106. Mobile privacy policy management program 104 can add, update or delete rules 108 in data store 106. Mobile privacy policy management program 104 allows a user to provide a name of a rule, a regular expression that specifies a format of a category of data, and the associated category of data. In one embodiment, privacy rules 108 are included in a country-specific privacy policy that associates a country with a type (i.e., category) of data. Types of data include Social Security numbers, other national identification numbers that identify individuals who are citizens of and/or reside in a country, email addresses, mobile phone numbers, and account numbers, where the number and order of individual alphanumeric characters in a specific type of data conform to a specific format (i.e., template or pattern). Types of data can be classified by multiple levels of sensitivity of the data, which may include “sensitive private information” and “private information.” For example, identification number Y which identifies individuals in country X is sensitive private information, and data store 106 includes a privacy rule 108 that associates country X with the identification number Y. Alternatively, privacy rules 108 provide privacy policies based on enterprises, states, provinces or other political divisions (other than countries), so that a privacy rule 108 associates an enterprise, state, province or other political division with a type of data.
Mobile privacy policy management program 104 can add, update or delete privacy policies, and allows a user to provide a name of a policy and its associated rules included in rules 108. A privacy policy managed by mobile privacy policy management program 104 includes a set of rules included in rules 108. Mobile privacy policy management program 104 distributes privacy policies to a registered mobile device included in mobile devices 110-1 . . . 110-N by utilizing a policy distributor function, which enables the registered mobile device to request that computer 102 retrieve a privacy policy from data store 106, where the retrieved privacy policy is associated in data store 106 with a country in which the registered mobile device is currently located. A location service (not shown) provides the current location of the registered mobile device.
A background service (not shown) executing on the registered mobile device periodically determines whether the registered mobile device has not yet downloaded from data store 106 an update for the privacy policy for the country in which the registered mobile device is currently located. If the registered mobile device has not yet downloaded the update, then the background service automatically downloads the update from data store 106 to the registered mobile device.
Mobile privacy policy management program 104 can add, update or delete categories (i.e., types) of data, and allows a user to manage information in the categories, such as mobile phone numbers, Social Security numbers and email addresses.
Mobile privacy policy management program 104 receives and manages requests from users to register mobile devices 110-1 . . . 110-N. Mobile privacy policy management program 104 receives information for the aforementioned user profiles from the users who send requests to register mobile devices 110-1 . . . 110-N.
Mobile privacy policy management program 104 can add, update or delete information about locales, and allows a user to provide names and codes for locales. A locale specifies a user's language, country and special preferences that the user wants in a user interface, including the language that the user prefers for alerts and other notifications presented by system 100.
Mobile privacy policy management program 104 can add, update or delete information about countries in which mobile devices 110-1 . . . 110-N are currently located, and allows a user to provide a name of a country, a code (e.g., International Organization for Standardization (ISO) code) for the country, and a locale and privacy policy associated with the country.
Privacy rules 108 also associate types of data with respective formats of data. The formats of data correspond to respective types of data. For example, a privacy rule 108 associates a Social Security number with the format DDD-DD-DDDD, where each D can be any digit in the sequence 0 . . . 9.
Each of the mobile devices 110-1 . . . 110-N includes a central processing unit (CPU) (not shown), tangible data storage device(s) (not shown) and a memory (not shown). Each of the mobile devices 110-1 . . . 110-N utilizes the CPU to execute a software-based mobile privacy information proxy program 112 (i.e. computer program instructions) stored in the tangible storage device(s) via the memory to manage data being transmitted from the mobile device.
Mobile privacy information proxy program 112 determines the country or other political division in which mobile device 110-1 is located by receiving a location of mobile device 110-1 from a software-based location providing utility (not shown) (e.g., a global positioning system (GPS)-based utility). Mobile device 110-1 utilizes the CPU to execute the location providing utility stored in the tangible storage device(s) via the memory to determine the location of the mobile device. In one embodiment, the location received from the location providing utility includes latitude and longitude coordinates.
Mobile privacy information proxy program 112 includes a privacy rule parser that parses documents (i.e., policy files) that include privacy rules of a privacy policy retrieved from rules 108. In one embodiment, mobile privacy information proxy program 112 downloads a country-specific policy file in response to mobile device 110-1 changing its current location from one country to another country. The downloaded country-specific policy file corresponds to the country in which mobile device 110-1 is currently located. Data store 106 includes policy files for countries in a one-to-one correspondence. Alternatively, data store 106 includes policy files for finer levels of granularity, such as one policy file for each state or province.
Each of the other mobile devices included in mobile devices 110-1 . . . 110-N includes the same structure and provide the same functionality as the above-described mobile device 110-1.
Mobile devices 110-1 . . . 110-N are in communication with computer 102 via a computer network 114, which can be the Internet. Each of mobile devices 110-1 . . . 110-N is configured, using its native networking settings, to forward data traffic through the locally-running mobile privacy information proxy program 112 before the traffic is transmitted through network 114.
Internal and external components of mobile device 102-1 are further described below relative to
In step 204, mobile privacy information proxy program 112 (see
Sensitive information can include (1) a Social Security number or another number provided by a country or other political division or an enterprise which is used to identify a person, (2) mobile phone number, (3) email address, or (4) a financial account number, such as a credit card account number, bank account number or investment account number. Disclosure of or unauthorized access to sensitive information can adversely affect the privacy, welfare, or security of a person, business, or a political division such as a country, state, etc.
In step 206, mobile privacy information proxy program 112 (see
In step 208, mobile privacy information proxy program 112 (see
Alternative embodiments utilize variations of steps 206 and 208 to determine the current location of mobile device 110-1 (see
In step 210, mobile privacy information proxy program 112 (see
In step 212, mobile privacy information proxy program 112 (see
In step 214, mobile privacy information proxy program 112 (see
In step 216, mobile privacy information proxy program 112 (see
Returning to step 214, if mobile privacy information proxy program 112 (see
Returning to step 210, if mobile privacy information proxy program 112 (see
Returning to step 204, if mobile privacy information proxy program 112 (see
In one embodiment, steps 212 and 214 are replaced with a step that includes mobile privacy information proxy program 112 (see
In an alternate embodiment, step 204 is modified to be a process step rather than a decision step, where the process step includes mobile privacy information proxy program 112 (see
In step 504, mobile privacy information proxy program 112 (see
In other embodiments, the process of
An example of privacy rule 108 (see
An example of a privacy rule 108 (see
An example of a privacy rule 108 (see
An example of a privacy rule 108 (see
Computer System
The set of internal components 600 also includes a read/write (R/W) drive or interface 632 to read from and write to one or more portable tangible computer-readable storage devices 736 that can store but do not transmit a computer program, such as a CD-ROM, DVD, memory stick, magnetic tape, magnetic disk, optical disk or semiconductor storage device. The program instructions 112 (for mobile device 110-1 in
The set of internal components 600 also includes a network adapter or interface 636 such as a transmission control protocol/Internet protocol (TCP/IP) adapter card or wireless communication adapter (such as a 4G wireless communication adapter using orthogonal frequency-division multiple access (OFDMA) technology). The program 112 (for mobile device 110-1 in
The set of external components 700 includes a display screen 720, a keyboard or keypad 730, and a computer mouse or touchpad 734. The set of internal components 600 also includes device drivers 640 to interface to display screen 720 for imaging, to keyboard or keypad 730, to computer mouse or touchpad 734, and/or to the display screen for pressure sensing of alphanumeric character entry and user selections. The device drivers 640, R/W drive or interface 632 and network adapter or interface 636 comprise hardware and software (stored in storage device 630 and/or ROM 624.
The program 112 (see
Based on the foregoing, a computer system, method and program product have been disclosed for managing data being transmitted from a mobile device. However, numerous modifications and substitutions can be made without deviating from the scope of the present invention. Therefore, the present invention has been disclosed by way of example and not limitation.
This application is a continuation application claiming priority to Ser. No. 14/220,620 filed Mar. 20, 2014, now U.S. Pat. No. 9,271,146, issued Feb. 23, 2016.
Number | Name | Date | Kind |
---|---|---|---|
7613721 | Horvitz et al. | Nov 2009 | B2 |
9271146 | Arunachalam | Feb 2016 | B2 |
20030078053 | Abtin et al. | Apr 2003 | A1 |
20090102655 | Yi et al. | Apr 2009 | A1 |
20100250497 | Redlich | Sep 2010 | A1 |
20130132854 | Raleigh | May 2013 | A1 |
20140188804 | Gokhale et al. | Jul 2014 | A1 |
20140287723 | Lafever et al. | Sep 2014 | A1 |
20150271666 | Arunachalam et al. | Sep 2015 | A1 |
Number | Date | Country |
---|---|---|
0249380 | Jun 2002 | WO |
2009079255 | Jun 2009 | WO |
Entry |
---|
Charles Web Debugging Proxy Application for Windows, Mac OS and Linux; retrieved from the Internet; URL http://www.charlesproxy.com/documentation/proxying/ssl-proxying; retrieved on Sep. 10, 2013; 2 pages. |
Escudero-Pascual, et al.; “Role(s) of a Proxy in Location Based Services”; IEEE Proceeding of the International Symposium on Personal Indoor and Mobile Radio Communications (PIMRC 2002); Aug. 31, 2002; pp. 57-64. |
Fawcett, Tyrell William; “Exfild: A Tool for the Detection of Data Exfiltration Using Entropy and Encryption Characteristics of Network Traffic”; thesis submitted to the Faculty of the University of Delaware in partial fulfillment of he requirements for the degree of Masters of Science in Electrical and Computer Engineering; Spring 2010; 138 pages. |
Koodli, R.; IP Address Location Privacy and Mobile IPv6: Problem Statement (RFC4882); IP.com; IP.com No. IPCOM000153168D; Original Publication Date: May 1, 2007; IP.com Electronic Publication: May 26, 2007; 13 pages. |
Kia, F., et al.; RADIUS Support for Proxy Mobile IPv6 (RFC6572); IP.com; IP.com No. IPCOM000218927D; Original Publication date Jun. 1, 2012; IP.com Electronic Publication: Jun. 12, 2012; 37 pages. |
Office Action (Mail Date Jul. 8, 2015) for U.S. Appl. No. 14/220,620, filed Mar. 20, 2014. |
Amendment filed Sep. 18, 2015 in response to Office Action (Mail Date Jul. 8, 2015) for U.S. Appl. No. 14/220,620, filed Mar. 20, 2014. |
Number | Date | Country | |
---|---|---|---|
20160117525 A1 | Apr 2016 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 14220620 | Mar 2014 | US |
Child | 14989849 | US |