FI116820B - Intimacy Protection Method - Google Patents

Description

4

Privacy Policy - Inti m itetskyddnings method

The invention relates generally to the protection of privacy in telecommunications: The invention relates to a method for protecting the private service information of a mobile subscriber line, as described in the preamble of claim 5. The invention relates to a method for protecting single service information of a user interface of a mobile station as stated in the independent patent claim relating to the system.

It is known per se to transmit information over a data network, and in particular via a mobile state information server. The Presence server is referred to as the status information server, and similarly, for example, the presence information of the said server is called status information. According to the prior art, upon awakening, the terminal transmits its own status information to the state information server for viewing. The state-of-the-art state information is transmitted via a 15-person terminal to the state information server. When a person changes his or her state, the status of the person on the status server also changes from person to person, as long as said person, referred to as a supervisor, allows his or her terminal to send status information to said brother. The status information itself can be, for example, only an announcement 20 The person who would like to call the supervised person can then request to know: * · *: the status information of the supervised person being called, • · The status information sent by the supervised person is for example * »: v. • "free" to call the supervised supervisor.

It is known in the art to determine the status of an example or internet interface for use by one. Most notable pic when constructing configuration communities for state information such as the IETF working community and the Wireless Village communities that define state information for directions * *. * ··. I can. Presence element, also referred to as "til. 'ΐΠ ti Ι7ΛΐΗί> αι1 Displays the status of the terminal so mnkiiHo Easy Ιτηΐη l / iinfancrnl / 2 The network status of the terminal may indicate whether the terminal has registered the physical location of the terminal, for example an address. The terminal data may specify more detailed information, such as version and support for various mode methods such as speech, Short Message Service SMS (Multimedia Messaging Service MM S).

The state information attributes of the monitor can be used in the prior art to monitor the state. The status information attribute tells the supervisor the availability dot and the desired communication method. The use of the spatial information attribute to communicate, for example, the mood or m 10 of the supervised entity. The use of the address book is important for the status information. You are maintaining a list of users of the service maintained by you. Address book is used in tilatir for many purposes, for example as a distribution list when sending ge, for other users' status information, for proactive dlatiedor, etc. One user can have several different address books for different purposes 15 one address book for work community and another for leisure time.

Status authorization is divided into two parts, Proactive Authorization. In a Proactive Authorization, the supervised entity authorizes the state to be displayed before it is requested by anyone, whereas in the Reactive Authorization, the status information attributes are authorized to be displayed upon request.

The authorization may be assigned to one user or to the subscriber's own contact list. One user can access it frequently. ···. Proactive authorization is defined by the Create A ttributeListRequest san * * mass specifies which user or address book the request would be *. \ wants to change the authorization, he sends a new CreateAttribu • »'25 message.

* · • * · * ♦ · * ·

Let us now consider the distribution of state information in the prior art, but * * * there are three different ways of doing things.

• · • · 1 2 * · 1. Subscribed Presence Feature 2 • * ♦ · * * · 3 3. Update Presence Feature This feature allows the supervised entity to update his or her own status information.

Figure 1 illustrates the search for jobs using the current technique. The status requester 113 sends the SubscribePre 5 message 101 to the server 114. The message contains a user or sets defined by, for example, a user-ID, Contact-ListID or m <la, as well as information about the status information attributes that are not included in the t bytes. in the request, the request can be interpreted to refer to all available state information attributes which comprise the subject state to receive the state information. Server 114 responds with Status message 102.

Once the status information has been subscribed, the subscriber is immediately provided with that information in the PresenceNotificationRequest message 103, as well as any 10 "information 105 in the status information of the supervised entity. The subscriber, moderator, part 1 or all status information and the requested subject can receive 15% or more status information.

As long as the status information subscription is valid and the subject of the order allows sharing of status information to the subscriber, the supervisor is delivered by Päivi When modified by the supervisor, the status information is delivered by PresenceNotifl · message 107, to which the supervisor responds with Status message 108.

* * * »• 9 • 9 20 The status information owner, supervised by 115, can update its status information with the Upda quest message 105, so that only changed status information is transmitted to the [./. The server responds with a status message to 106 supervisors, which receives t 1 'i updates. Server 114 provides the status information to the supervisor 113 * · van 115 when the state changes.

• M * * • · · * · 25 The status information server itself is both a Wireless Village Consortium] • * .J Engineering Task Force (IETF) SIP for Instant Messaging and Pre .1 ·. prior art ·· * 1 1 * - _ 1t,, 4 in several documents published by OMA / IMPS by ging extensions (SIMPLE). Presence client, only the interface it uses is defined in Wireless Village. Made in the IETF as part of the entire spatial data definition.

For example, the Open Mobile Alliance (OMA) has defined the IMPS (] 5 ging and Presence Services) status information server in some way during this time, when a version of the Wireless Village 1.1 W.V-020 (

One important point is that the need for privacy on the web is increasing as new service platforms and services increase. Two p privacy aspects are particularly prominent, are p 10 status information services. In both services, the network user provides location information to users of other network services. Ver] then has a certain need to control its own privacy. The state of the art privacy enhancement functions exist per se, the protection achieved is not enough.

15 With regard to location services, the GSM and 3GPP standards know you the level of privacy of a subscriber in travel systems (Home Location Register, HLR). Also, according to a solution that has not yet been standardized, a PrivacyProfileRegister can be built between the application and the concern about ^ 20 the authority to forward it and the privacy of the subscriber.

• * • *

The problem with current solutions is that the subject must either have the level of privacy he or she wants, or, if he or she so desires, activate the level of privacy. For example, the current positioning technology h> subject must know in advance, for example, the times * *. ···. 25 reference groups may or may not locate him. For example, if one thinks t should locate an employee during working hours but not outside work, ni e .; you must specify the desired times in the system beforehand, for example L. * spur is allowed from 8:00 to 16:00. In current work routines, regular ♦ · 1 compliance is becoming increasingly rare, so there is a need for a place; 5

There is a need for a supervisor who gives other network users access to their personal information to dynamically authorize them to avoid weaponry of any potentially unfavorable combinations of status! information server for its users to see.

5 A spatial information service defined by OMA, familiar with the technology used to distribute its own (spatial) information.

Status information is distributed through authorization. For example, proactivity is defined by the CreateAttributeListRequest message. In the message, which user or address book is being requested. If the subscriber wants; After 10 teases, he sends a new CreateAttributeListRequest message.

When subscribing to a supervised status, the system checks whether the supervised entity has accessed it. information distribution or not. If an authorization exists, the information will be accessed.

When a service user subscribes to the status information of another person or subscriber, the subscriber is subscribed to the Watcher list, the supervisor list. allows the subscriber or subscriber who is subscribed to to view their status information.

Figure 2 illustrates one of the prior art state information and: v. this is the user 201 who can be moderated by the Admin List, ···. 20, one user 203. User 201 may set the status information to be read by supervisors of status list 2 (* *. In this case, said user 201 is logged as supervisor 206 as another user 207 on said list 206. Monitor *; *; also associated with one of the available status information · • m · ** ·: la.

* · · • · * · 25 In the spatial information service, as well as in the location services, the user is empowered dynamically more flexibly than the current technology ···! potential.

··· 6

In the state of the art solutions, the user of the terminal cannot dynamically influence the distribution of service information concerning him.

The object of the invention is to overcome the drawbacks of the prior art and the dynamic control technology which enables flexible service information of a crisp terminal.

The method according to the invention for protecting other service information of a user of a data network is characterized by: in the characterizing part of the method claim.

The system of the invention for protecting other service information of a user interface 10 of a data network is characterized by what is; in the characterizing part of the claim.

The software product according to the invention is characterized by the connection of the data network user to protect the nature of service information in the characterizing part of the claim of the software product.

Other preferred embodiments of the invention are set forth in the subclaims;

Spatial Information Technology enables you to control your privacy in a simple and flexible way by utilizing the controlled attril ... The status attribute can be used to tell the supervisor's status, for example, at work, meeting, hobby, vacation, etc. This information can be used by 1 • * 20 to ask who or who can access his or her status information at that particular time. Later, status information was also available for other services where privacy management is critical: • *. In a method according to an embodiment of the invention, the protection of the private service data of the computer * · interface comprises the steps, * 9 V *: 25 (i) creating a supervised service information profile on a server, * * * ΙΊΠ storing the server

In a method according to an embodiment of the invention, said profile comprises rules for user privacy which may be specific.

In a method according to an embodiment of the invention, said profile is integrated as an integral part of the service information profile.

The method according to one embodiment of the invention comprises In response to the supervised service information request, check: in response to a privacy profile, information about what kind of services can only be sent. For example, the information to be scanned may be a proxy 10 in the service information profile and / or the privacy profile.

In a method according to an embodiment of the invention, a privacy profile, a first privacy profile and a second one are created! The first privacy profile then defines a level of privacy protection and the second privacy profile defines 15 levels of privacy.

In one embodiment of the invention, said processing server is a status information server, another location information processing service related to a location information utilizing service in the data network. According to one embodiment of the invention, the service information is status information and / or: coordinates. According to one embodiment of the invention, the incentive information is formed on the basis of the network structure of the data network: information.

In a method according to an embodiment of the invention, the user profile and / or the service information profile may be sent to an external user to utilize service information, for example, the service was provided to said user (supervised) and / or to another. a user (va) * 8 (ii) for storing a service information profile on a service information server, (iii) a privacy profile defining a supervised privacy for a server, and (iv) associating a privacy profile with said service information profile 5

The invention allows the user to manage his / her privacy in a server The embodiments of the invention have several advantages in terms of privacy. According to an advantageous embodiment of the invention, the privacy profiles and rules can be stored in the service information server system. The external system may be, for example, a locational privacy management registry to be defined.

According to a preferred embodiment of the invention, the rules may be correct, for example, the positioning service and the status information service may be operating under the same latent profile.

In a preferred embodiment of the invention, the service information server dynamically controls the level and rules of its privacy protection when the road level is associated with a particular user mode, which is the user's setting: * · [: information server for reporting.

Another advantage of the invention is that since the same service information profile 1 \ defines the levels of privacy protection for multiple services, the subscriber does not: ♦ · · * · separately, for example, the location service profile and / or the status information service *. and network resources and makes the service more meaningful.

. ·,; An advantage of the technology according to the invention is related to the service information retrieval] ·· I ·. * Communication device. Hereby, the integration of the status information functions into the strong one and the setting of the status information takes place, for example, in the mobile terminal 9 paying for it. No expensive specialty terminals, they are needed, or any other communication methods are needed. In order to use the invention, the following technical components or the like are required for the status information service in a state mobile data service (Open Mobile Allia 5 Village) or an IETF / SIMPLE-compatible state information server and a state in the terminal whose status information is monitored.

By means of the invention, for example, a spatial information service provider freely employed by modifying his or her own spatial information, enables the employer or co-workers to see his or her location through a positioning service and obtain the spatial information; Similarly, when the same user leaves work to change their profile to traffic, he or she may allow his or her own group of friends, or even urchens, to access his or her location and / or status information.

The invention will now be described in more detail with reference to! Figure 2 illustrates the distribution of state information in the prior art m Figure 2 illustrates the distribution of state information in the prior art r Figure 3 illustrates an embodiment of the invention ... Figure 4 illustrates a state information profile, in accordance with an embodiment of the invention * · 1 2, Figure 5A illustrates a state information profile, • • • 1 1 I Figure 5B illustrates a hierarchy of a privacy profile, Figure 6 illustrates a system of a preferred embodiment of the invention, and Figure 9 illustrates the classification of objects.

* Vely data is a positioning information that can be used to denote information geographically, or location on a data network. Similarly to the law, the status information about supervisors that can be shared with other services can be used to form a service information profile. If 5 service information about supervisors that can be shared with supervisors, the profile can define what service information each supervised.

Figure 3 illustrates a mesh according to an embodiment of the invention. The service information is then, for example, status information. In the method, a status profile is created, which is stored 302 on a status information server 303, and a privacy profile is created, which in step 304 is connected to Uin. This creates rules that associate the supervisors of a particular supervisor with a privacy profile. In this case, it is possible to determine n types of which type or status information relates to a particular entity.

Figure 4 illustrates an embodiment according to an embodiment of the invention by means of a profile database 403. Figure 4 shows a supervised son 402 who may be, for example, a wife, employer, colleague, member of a friendship community, and / or other information seeker. Figure 4 also includes a preview collection 404 showing rules 405, 406, 407, and 408 state 409, 410, 411, and privacy levels of privacy profiles 412, 413, 414. but not limited to f * • Ϊ *, of a particular combination. Defines its own privacy policy to create service and reference group specific rules 405,406,40 '* * * 25 in the privacy policy control database 403. After creating rules **' *: Creates 403, 410,411, its own status profiles 403, 412,411, , 414. After creating said profiles, the created rules and said profiles are controlled as desired, which will be performed in step 304 of Figure 3. another level of privacy, depending on the level of privacy profile. In this case, rules can determine which profile privacy levels and status information profiles are related. It is advantageous for the ancestor and the lover / mistress to have different modes 5 connected to certain levels of privacy boredom by certain rules set by the supervisor.

After creating profiles and rules, the supervisor can change the ant using tools provided by the service provider, such as the Internet. It is also possible to change the information in the Wireless Village Architect 10, but with expanded messages that can include: -CreateListRequest, the supervisor can create a new address book (contact 1 -ListManageRequest, the supervisor can edit the existing address book -DeleteListRequest, the supervisor can delete the existing address book! -CreateAttributeListRequest, the supervisor can create the address book va 15 edit the created address book credentials -DeleteAttributeListRequest, the supervisor can delete the address book proxy

Once profiles and rules have been created, supervisor 402 can request, for example, status information or location information, which is considered to be the supervisor's c. information. If the moderator has the right to be informed by the rules, • V; Otherwise, the request of the supervisor will be rejected.

• * • * • t »*; For example, in Figure 4, rules 405 may specify what to subscribe to for certain services. Rules 406 may be vi, but slightly different, arranged for, for example, colleagues. Weather, for example, wife and / or family member rules to control a particular account, but for example, rules 408 may be ι, for example, for a circle of friends, but the supervisor's own need • -: ri-4- n 1 A - "A.

y 12 li, which corresponds to the status of the supervised entity at work, and which defines eg service information for positioning and / or status information. In this case, the privacy point 413, 414 is information about the supervisor 402 and what information is being monitored by each; Figure 4 illustrates, by way of example, three different privacy profiles; 5 different supervisors. The privacy profile 412 encompasses privacy levels for supervisors such as relatives, wife and friends. Privacy sets levels of privacy for supervisors such as relative friends, employer and hobby community. Privacy Profile 414 privacy levels for other supervisors, for example, those who do not have 10 supervisors.

Figure 5 shows an example of a status information profile 500. Status information is information called an attribute. One such attril profile holder 501, in the form desired by him. Only the ribbons are illustrated in Figure 5. In the status information profile 15, an identity 502 is defined, which may be, for example, a domain type, nh series, and an authentication code to authenticate the holder can further define a number 503 of persons with correct and status information. In addition, another set of 504 can be defined they have the right to change the status information. It is also possible to define a set of data that does not wish to have any rights to the status data.

The status profile can also define the holder's device 511 or already • ·; . to enable the device owner to communicate with one of the data networks: v. information needed to establish a connection 506 on the device and the road may be included in the status information profile. Such details; * 1 25 Examples include data network, traffic speed and desired protocol, · · · defined in the status information profile.

• · * *

An open field 510 may also be reserved in the status information profile for such roads <; the holder also wants to make it visible on a network. Status information i. ··% displayed by the holder's own identity or a pseudonym, set * · 'based on 30 task fields.

13

According to one embodiment of the invention, the privacy profile may be in a data profile. Integration with a status profile then means that the profile is not included as part of the status profile. In this case, v <field 509 is used to indicate the rules for combining the status information and the privacy profile.

Field 512 may also include a list of states that the state information profile may access when accessing the state information server. The modes can be standard, such as '' at work '', '' on holiday ',' 'free' ',' 'party mood' ',' not allowed for 1 minute ', or they can also be user-defined, for example 10 raan for another week', '' home right away. " If desired, the user can air his or her condition based on the status information.

In the user interface of the spatial data server and / or the user terminal, pointing means for selecting spatial data from one of the fields of the spatial profile profile based on the spatial information rule field to provide a plurality of data that can express complex spatial information. The status profile can also define who pays j; information service associated with the holder of said status profile.

Suitably, using a privacy profile and hierarchy of its privacy levels, such states can be pointed out in even complex state information! ... 20 to be made available to various supervisors who have the status information corresponding to their status} • «·; β e "in this privacy statement.

• · i · M *: * · *: According to an advantageous embodiment, the status information report can be a state of * *: from the node, for example, by a user (supervisor) terminal where <. ·. ; some transceivers needed to communicate with a brother • * · 25, for example, to request space for the elderly or other handicapped. The report is then sent, for example, on the day of the medical institution; . . * · · * · "It is particularly important that when submitting sensitive information to individuals, an adequate level of privacy protection is also provided to those individuals who are linked to such information through a privacy profile. the status information service to the profile those conditions that trigger an alarm when the heart rate exceeds a certain value to be sent to a specific address, which is an attribute] 5 in the privacy profile and / or related rules. alarm, not received by a certain time, the spatial information server is set to alert, for example, a relative, but leaves the other Suki 10 with appropriate settings in the supervised user's privacy profile.

Use example for a lease according to a preferred embodiment of the invention. In this case, the car rental company will track your driving and / or location. In this case, the vehicle can be integrated p and the vehicle status can be monitored, which indicates, for example, whether a 15 is idle or in service. In addition, more detailed information on the terminal connection can be obtained, for example, from the various Ant's computers, the technical condition of the car and / or the need for maintenance, driving status (car occupancy rate) or other such factor which facilitates optimization of said car rental. In addition, the status information can be extended to include your vehicle location based on a satellite positioning system and / or mobile communication positioning technology. In this case, for example, ash: [**] leased the car on the basis of the location service status information when the car profile · * · * has sufficient authority to do so. Depending on whether aut <• *: 25 people have agreed with your car hire on your location, ·. : also for the car renter and / or for general distribution, for example, the instances mentioned in * * · l .. \ vat obtain location information according to the rental car's privacy) *. The privacy profile may also define the location information provided, for example, to the car rental employer, · · * · "30 relatives or others potentially interested in the state and / or location of the car.

m 15 occupancy rate information may be different for maintenance activities v; for example, a market research unit. In addition, for example, the family can provide more detailed information about the location of the rental car than e. In a location-related privacy profile, you can set a 5 tolerance for location information based on the level of privacy protection, for example, the accuracy of location information reported to supervisors depends on the privacy <

However, it is not desired to limit the invention to a car rental example, λ can be applied mutatis mutandis to the use of other facilities.

It is, of course, obvious to a person skilled in the art that many other objects are also v according to the technique of the invention.

According to one embodiment of the invention, the user can define the structure of the bogie profile. One such is the hierarchical structure. According to an embodiment of the invention, the hierarchy is made up of at least partially completed mires, which the user defines as desired, e.g.

Figure 5B is a hierarchical diagram of a privacy profile private; The levels may also be mutually exclusive where applicable. It has the highest level of privacy, for example '' family members' '550,' 'v; v> 20' 'gritty' '551,' 'other relatives'' 552, '' friends' '553,' 'neighbor' 'public' 555. You can also define each level 3 «* members in groups or private entities, including attributes, j | ·: · * A group except an individual; for example, relatives except the mother-in-law. The distribution in 1 hierarchy does not want to limit the invention to the example of · ·: / ·· 25, but may have a higher density hierarchy with fewer levels or fewer, with few levels in the 5B example representing certain acquaintances and sul: * .e; the privacy levels do not necessarily have to be in accordance with Figure 5B * ·. ···. gorisia, but the levels could also include the privacy levels of the pre-16, which is connected to the information network 604 through it. The status information server 602, which also has the status information and the single database as shown in Figure 4, and the first transceiver means 601 are provided for setting the level of privacy protection and creating rules for the server 5.

In addition, Figure 6 illustrates another transceiver means 603 for updating and / or transmitting status information and / or privacy information to the status information server. The information may be, for example, an Internet network, a WAP network, a cellular radio network, a GPRS network, a WLAN network and a landline network, a combination of the above.

Fig. 6 also illustrates an embodiment of the invention that enables the application of the invention to a business application of a software product comprising a slot 15 according to another embodiment, e.g., a state information system sex in a data network, but also such business means to initiate the maintenance of reporting data according to the privacy profile of the status profile server according to the privacy profile, database means 607 for storing subscription requests, privacy terms, and target data for billing: .. f querying means 608 For example, the billing basis may be a fixed, time period based t \ ** i 25, or a combination of the latter two.

According to an embodiment of the invention, similar privacy may also be applied to other objects. . based on the use of status information. In this case, the said entities have a similarity to human beings. However, such that the * * * ··· '30 other device, for example, cannot be' 'on holiday', such as TV. mi i 17

Figure 7 illustrates a classification of an object concept. Object 72 person 721, group 730, and / or algorithm 741, such as a demo in some part of the data network. The data network device 742 may also be an entity or a natural person 722, for example, a human, or a legal operator, association, company, or the like. Natural, for example, secretary 724 or other assistant in a niche of 725. The group 730 may be a homogeneous group 731 or a heterogeneous group In a homogeneous group 731, its members are substantially the same. A group 732 has at least one member that is not substantially more than at least another member of the group. Thus, the heterogeneous can have both natural 722 and legal 723 persons, the algorithm] also other entities 720 and / or other groups 730 having their own rake can serve another entity. In an embodiment of the invention, r and / or monitor is an object.

15 9 * ♦ • · • * · * 99 99 99 99 99 99 99 9 99 · 199 199 199 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 99 · • · «* t • 9 # • ·» · · • · • * ♦ ··

Claims (11)

A method of protecting a private user interface of a data network, comprising the steps of (i) creating a supervised service information profile on a server, (5) (ii) storing a service information profile on a service information server, (iii) creating a privacy defining security profile, defines a moderator-specific rule for privacy 10 in the service information profile. A method according to claim 1, characterized in that the privacy profile comprises service-specific rules for user privacy 3. A method according to claim 1, characterized in that, in response to an alert that is a service of the supervised service, in response to a privacy profile, information is provided about which of the supervised entity can be transmitted. · • · · «· •« A method according to claim 3, characterized in that t ·· • v is an authorization in the user's service information profile or a privacy profile ♦ * • · • · « A method according to claim 1, characterized in that the profile * and ** or service information profile is transmitted to an external server in relation to said size. A method according to claim 1, characterized in that at least two privacy profiles, the first privacy profile,, # h / tetniertr A method according to claim 7, characterized in that, based on the known level of privacy protection, a service is being directed to a user. The method according to claim 1, characterized in that the velocity profile is a status information profile and / or a location information profile. A system for protecting a private user interface of a data network, comprising (i) means for creating a supervised service information profile for a pab (ii) means for storing a service information profile in a service information server 10 (iii) means for generating a supervised privacy to connect a privacy profile based on a rule specific to the service information profile. A system according to claim 10, characterized in that the server is a status information server, a location processing server and a server associated with a status information utilizing service in the network. «« · • ♦ «» • • I A system according to claim 11, characterized in that another service in the data network utilizes service information li i «i! 20 is an external information system external to said network] • M • ♦ • · « 13. A software product, characterized in that it contains software claims for carrying out the steps of the method of claim 1. • 1 * «♦ • · · t« «1 ··· • ♦ · ·