Data and Database Management Software
Software simplifies enforcement of privacy policies.
Press Release Summary:
Tivoli® Privacy Manager for e-business v1.2 monitors and enforces access to information by applications based on privacy policy, end-user consent to policy, and end-user choices allowed by policy. It maintains audit trail of access to information and conformance of data accesses to privacy policy, and provides automated reporting through command-line utility. Enabled Web services between Privacy Manager server and monitors allow communication across corporate boundaries.
Original Press Release:
IBM Tivoli Privacy Manager for e-business V1.2 Monitors Applications to Enforce Privacy Policies and Generate Audit Reports
At a glance
IBM Tivoli Privacy Manager for e-business V1.2 helps enterprises:
Centrally manage their privacy policies
Avoid having to rewrite existing applications in order to enforce privacy preferences
Monitor and enforce access to information (PII) by applications based on the privacy policy, end-user consent to the policy, and end-users choices allowed by the policy
Maintain an audit trail of access to information and the conformance of the data accesses to the privacy policy
For ordering, contact:
Your IBM representative, an IBM Business Partner, or the Americas Call Centers at 800-IBM-CALL (Reference: YE001).
Overview
With Tivoli® Privacy Manager, you can simplify the task of ensuring that the sensitive information your business collects is being used according to corporate policy and with the consent of the affected individuals. Tivoli Privacy Manager will:
Enable Chief Privacy Officers (CPOs) to translate written corporate privacy policy into a digital set of privacy statements and conditions specifying who can access information, personally identifiable information (PII), and for what purposes
Allow CPOs to define "opt-in" and "opt-out" choices for the end user
Enable IT staffs to deploy policies authored by the CPO onto the IT systems that store privacy-sensitive information
Detect end-user consent to privacy policy and end-users' choices allowed by the privacy policy, and record these choices for access decisions
Monitor access to privacy-sensitive resources and enforce the governing policies on those resources (factoring in end-user consent and end-user choices allowed)
Create an audit trail of accesses to protected information and generate compliance reports
New in V1.2:
Support of transaction rates of approximately 100 per second to improve performance on conformance checks.
Enhanced reports, allowing for more detailed report summaries.
Automated reporting through a new command-line utility.
Enabled Web services between Privacy Manager server and its monitors, allowing for communication across corporate boundaries.
Reference Monitor: Sample monitor code that can be modified to quickly integrate with existing applications.
Support for Red Hat Linux (Intel(TM)) and SuSE Linux (IBM zSeries®).
IBM Directory Server V4.1 and IBM DB2® Enterprise Server Edition V7.2; and portions of IBM Access Manager for e-business V4.1 and IBM WebSphere® Application Server V5.0 are included for use restricted to IBM Privacy Manager for e-business V1.2.
Key prerequisites
AIX®, Sun Solaris, Microsoft(TM) Windows(TM), Red Hat Enterprise Linux for Intel, or SuSE Linux for zSeries
Planned availability dates
September 26, 2003: Electronic availability
September 26, 2003: CD-ROM availability
Description
Major functions included in Tivoli Privacy Manager for e-business
Policy editor: This function allows the customer's Chief Privacy Officer (CPO) staff to express a privacy policy in a machine-readable format.
Policy deployment facility: This function allows the IT staff to map abstract terms from a privacy policy to the servers, privacy sensitive data, users, groups, and applications that implement their systems.
Report facility: This function allows reports to be generated. The reports describe the policies defined with the Privacy Statement Facility and the mappings performed with the Monitor Tool Facility. The Report Facility can generate enterprise-wide reports, indicating the policies that the enterprise has established, where they are being enforced in the enterprise, and audit trail reports showing how privacy sensitive resources have been accessed and their conformance to policy. The Report Facility can also be used to generate individualized reports that show how a particular person's data has been used by the enterprise.
Administration facility: This function allows an administrator to adjust the operating parameters of his or her Privacy Manager installation.
Privacy Manager Monitor Software Development Kit (SDK): This SDK contains a Java(TM) library that allows customers to develop a Privacy Manager Monitor for applications, middleware data repositories, and other systems that persistently store privacy sensitive information.
LDAP Monitor: A "reverse LDAP proxy" that can monitor LDAP V3 message flows between an LDAP client application and an LDAP server, and enforce the privacy policy on the clients accessing privacy sensitive resources on the LDAP directory.
Reference Monitor: Sample executable code that can be used to integrate with existing applications. In some cases, using the Reference Monitor can shorten the time needed to develop a monitor. Web site access to source code is provided to allow for modifications to the Reference Monitor.
Included in this product: IBM Directory Server V4.1 and IBM DB2 Enterprise Server Edition V7.2; and portions of IBM Access Manager for e-business V4.1 and IBM WebSphere Application Server V5.0 are included for use restricted to IBM Privacy Manager for e-business V1.2
