公开(公告)号：DE112012000249T8

公开(公告)日：2013-09-19

申请号：DE112012000249

申请日：2012-01-12

Applicant: IBM

Inventor： HINTON HEATHER MARIA ,  COHEN RICHARD JAY

IPC: G06F17/00 ,  G06Q10/00

公开(公告)号：DE112012000249T5

公开(公告)日：2013-09-05

申请号：DE112012000249

申请日：2012-01-12

Applicant: IBM

Inventor： HINTON HEATHER MARIA ,  COHEN RICHARD JAY

IPC: G06F17/00 ,  G06Q10/00

Abstract: Ein Cloud-Enablement-Aggregation-Proxy (CEAP) empfängt und verarbeitet Prüfdaten von geprüften Ressourcen, bevor diese Daten in einer Datenbank gespeichert werden. Der CEAP verwaltet Protokolldaten für Ressourcen, die in einem gemeinsam genutzten Mehrmandanten-Pool von konfigurierbaren Datenverarbeitungsressourcen (z. B. einer Rechen-Cloud) enthalten sind. Ein Verfahren zum Verwalten von Protokolldaten beginnt, indem der Proxy Protokollinformationen zusammenführt und normiert, die von einer Vielzahl der Ressourcen empfangen werden. Die zusammengeführten und normierten Protokollinformationen werden dann einer Syntaxanalyse unterzogen, um einen Mandanten zu identifizieren, der jeder aus einem Satz von Transaktionen zugehörig ist. Für jede aus dem Satz von Transaktionen kommentiert der CEAP Protokolldaten, die dem Mandanten und der bestimmten Transaktion zugehörig sind, so dass sie eine mandantenspezifische Kennung enthalten. Ein optionaler Mandanten-Separation-Proxy (TSP) trennt die kommentierten Protokolldaten nach Mandanten vor der Speicherung und die mandantenspezifischen Protokolldaten können in nach Mandanten gesonderten Datenstrukturen oder hierfür vorgesehenen Mandanten-Protokollereignis-Datenbanken gespeichert werden, um eine nachfolgende Konformitätsanalyse oder eine sonstige Analyse zu ermöglichen.

公开(公告)号：AU2008253091B2

公开(公告)日：2012-04-26

申请号：AU2008253091

申请日：2008-05-08

Applicant: IBM

Inventor： POZEFSKY MARK ,  HINTON HEATHER MARIA ,  ANGWIN ALASTAIR JOHN

IPC: H04L29/06 ,  H04W12/02

Abstract: A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an "enriched" identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, the identifier comprises a first part, and a second part. The first part comprises a data string that identifies (either directly or through a database lookup) the mobile device user's home operator. The second part, however, is an opaque data string, such as a one-time-use unique identifier (UID) or a value that is otherwise derived as a function of the MSISDN (or the like). The opaque data string encodes the mobile device's identity in a manner that preferably can be recovered only by the user's home operator (or an entity authorized thereby). When the mobile device user roams into a foreign network, that network receives the enriched identifier in lieu of an MSISDN. The foreign network uses the first part to identify the mobile device user's home network, e.g., to determine whether to permit the requested access (or to provide some other value-added service). The foreign network, however, cannot decode the second part; thus, the mobile device's identity (as well as the identity of the mobile device user) remains obscured. This ensures that the user's privacy is maintained, while preventing third parties from building a profile of the device based on the requests that include the MSISDN or similar identifier.

公开(公告)号：AU2008253091A1

公开(公告)日：2008-11-27

申请号：AU2008253091

申请日：2008-05-08

Applicant: IBM

Inventor： POZEFSKY MARK ,  HINTON HEATHER MARIA ,  ANGWIN ALASTAIR JOHN

IPC: H04L29/06 ,  H04W12/02

Abstract: A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an “enriched” identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, the identifier comprises a first part, and a second part. The first part comprises a data string that identifies (either directly or through a database lookup) the mobile device user's home operator. The second part, however, is an opaque data string, such as a one-time-use unique identifier (UID) or a value that is otherwise derived as a function of the MSISDN (or the like). The opaque data string encodes the mobile device's identity in a manner that preferably can be recovered only by the user's home operator (or an entity authorized thereby). When the mobile device user roams into a foreign network, that network receives the enriched identifier in lieu of an MSISDN. The foreign network uses the first part to identify the mobile device user's home network, e.g., to determine whether to permit the requested access (or to provide some other value-added service). The foreign network, however, cannot decode the second part; thus, the mobile device's identity (as well as the identity of the mobile device user) remains obscured. This ensures that the user's privacy is maintained, while preventing third parties from building a profile of the device based on the requests that include the MSISDN or similar identifier.