IBM Reveals New Privacy Language
IBM has developed a programming language for building software that automatically enforces privacy rules.
IBM has developed a programming language for building software that automatically enforces privacy rules. The vendor, which unveiled the new Enterprise Privacy Authorization Language (EPAL) on Wednesday at the Catalyst Conference in San Francisco, says the language is more sophisticated than current privacy technology, including the Platform for Privacy Preferences Project (P3P) specifications.
IBM intends to promote EPAL as an industry standard, although the company hasn't determined which standards body it will submit the language to later this year. A draft specification of the language is available here.
White PapersMore >>
An EPAL health-care application, for example, can include a policy that lets doctors see patient records only if they are the patient's primary-care physician and the patient is notified in advance. The application then enforces that policy by controlling the interactions between the application and the database with the patient records.
"We think this is the future of privacy management," Adler says. IBM's Tivoli Privacy Manager software, available since October, provides privacy enforcement capabilities, but Adler says the language is designed for broader usage.