IBM enhances the honour system

Paul Venezia

InfoWorld (US)

One question looms large in the boardroom: Is our privacy policy relevant?

When discussing identity management, how the gathered data is used should be addressed. The Curion Corp. and Business Layers Inc. products focus on managing employee identities within a corporation, but ID management shouldn’t end there. A broader ID management strategy incorporates managing the identity of customers and business partners as well.

Most privacy policies look great on paper, but enforcing them is based almost exclusively on the honor system. Should employees in the shipping department have unfettered access to client data such as credit card numbers? In a perfect world, they would only have access to the subset of data — the shipping information — relevant to their job: in essence, a data firewall.

Recent events have underscored that the honor system doesn’t work at the corporate level. IBM Corp. took note of this problem and released TPM (Tivoli Privacy Manager) in late 2002.

TPM integrates with J2EE applications and LDAP data sets, enforcing a privacy policy on top of the core application and limiting the data available to the user based on his or her credentials and the rules in the overall policy. TPM is outfitted with an auditing and reporting engine, allowing for a very granular view of what data is flowing where, pinpointing the account used to access, view, or modify that data. Although achieving this goal may be possible in a rudimentary fashion by coding the rules directly into the core application, managing privacy policies at the code level is all but impossible. Add the onus of keeping up with changes to the corporate privacy policy, and the problem proves even more difficult. But if a dataset is protected at a layer well above the code, the problem becomes manageable. TPM does this and adds the ability for non-IT personnel to manage the policies and generate reports and audit trails. All the bases are covered — the data firewall becomes a litigation firewall.

Tivoli Privacy Manager is a companion product to TIM (Tivoli Identity Manager) and TAM (Tivoli Access Manager). IBM declined to participate in a review (a new release of TIM and TAM is set for June), but provided us with a TPM demo instead. The demo focused on a Web storefront application, highlighting the integration of TPM and the J2EE storefront application.

When implementing TPM, an administrator draws parallels between the entity Java beans that define sensitive data and the privacy policies’ structure on the appropriate use of that data. By defining roles for accounts and user groups within TPM, certain portions of the datasets returned to the user are blocked based on his or her privilege level. TPM can be implemented as an enforcement engine or simply used as an auditing tool to assess the current state of policy adherence.