AUTHORIZATION AUDIT

Organization Name

Hewlett-Packard Development Company, L.P.

Inventor(s)

Paul Michael Anderson of Fort Collins CO (US)

Christopher Myers of Vancouver WA (US)

AUTHORIZATION AUDIT - A simplified explanation of the abstract

This abstract first appeared for US patent application 18250528 titled 'AUTHORIZATION AUDIT

Simplified Explanation

The patent application describes a system, method, and storage medium that allows a user to authorize access to a subset of their privileged information. Here are the key points:

• The system sends a request to the user for authorization, specifying the limited subset of privileged information.
• The user responds to the request for authorization.
• Upon receiving the response, the system accesses the specified subset of privileged information from a user data repository.
• The system then sends an audit record to an audit system, which includes the request, response, and a summary of the access.
• Finally, the system sends the audit record to the user.

Potential applications of this technology:

• Healthcare: Patients can authorize access to specific medical records for healthcare providers, ensuring privacy and control over sensitive information.
• Financial services: Users can grant limited access to their financial data to third-party apps or services, enhancing security and privacy.
• Government agencies: Citizens can authorize access to specific personal information for government agencies, streamlining processes while maintaining privacy.

Problems solved by this technology:

• Privacy concerns: Users can control and limit access to their privileged information, ensuring that only authorized parties can access specific data.
• Security risks: By limiting access to a subset of privileged information, the system reduces the risk of unauthorized access to sensitive data.
• Compliance requirements: The audit record provides a transparent and accountable trail of access to privileged information, helping organizations meet regulatory requirements.

Benefits of this technology:

• Enhanced privacy: Users have control over which specific information is accessed, ensuring their privacy is protected.
• Improved security: By limiting access to a subset of privileged information, the system reduces the risk of data breaches or unauthorized access.
• Compliance and accountability: The audit record provides a clear record of access to privileged information, helping organizations demonstrate compliance and accountability.

Original Abstract Submitted

In an example implementation according to aspects of the present disclosure, a system, method, and storage medium comprising a processor, memory, and instructions to send a request for authorization to a user wherein the authorization is limited to a subset of privileged information associated with the user, receive a response for authorization from the user. The instructions, responsive to the receipt of the response, access the subset of privileged information from a user data repository. The instructions, responsive to the access, send an audit record to an audit system, wherein the audit record comprises the request, the response, and a summary of the access and send the audit record to the user.