US 11,727,133 B2
Enforcing data privacy policies for federated applications
Vivek Shankar, Singapore (SG); Jose Angel Rodriguez, Cayey, PR (US); Weide Victor Soon, Singapore (SG); and Adrian Rinaldi Sasmita, Singapore (SG)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Apr. 30, 2021, as Appl. No. 17/246,094.
Prior Publication US 2022/0350907 A1, Nov. 3, 2022
Int. Cl. G06F 21/00 (2013.01); G06F 21/62 (2013.01); G06F 21/31 (2013.01)
CPC G06F 21/6218 (2013.01) [G06F 21/31 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
identifying, at a service provider, user data requested by a first user and a purpose for the user data;
transmitting, using a federation protocol, a request for the user data from the service provider to an identity provider, wherein the service provider and the identity provider are in an identity federation, wherein the request includes a defined syntax for conveying the purpose for the user data to the identity federation; and
after obtaining user consent from a second user different from the first user for the user data to be used for the purpose identified by the service provider, receiving an authorization token from the identity provider to access the user data.