Today, electronic communication between entities is generally an important part of cooperating to achieve a mutually desired outcome. Such communication may involve real-time or near real-time messages between entities or storage of information by one entity for subsequent retrieval by or transmission to another entity. Through the advancement of technology, the amount and complexity of communicated information has increased dramatically. For example, faster processors and larger storage systems have enabled entities to communicate larger amounts of information in shorter periods of time than those entities were able in the past. While the ability to communicate these larger amounts of information has improved dramatically, control over the dissemination of information itself has become increasingly complex and difficult to manage.
An example of controlled sharing and dissemination of information is the shared database environment. This generally includes situations where multiple entities can access a database and where a private access database can be used to selectively transfer data to an external entity. Many organizations use shared databases to allow members of its organization to share information between the members. To illustrate, a bank may use a database to store banking records of its clientele. Employees of the bank often require access to the database in order to serve the needs of the bank's clientele. Additionally, the bank may require that certain operational units of the bank share information. For example, the bank may store information regarding “unfriendly accesses” to the bank's central computer system. These unfriendly accesses may include, among other things, computer attacks by an external computer hacker. A security entity of the bank may require its members to share information regarding such an unfriendly access and subsequently determine which information may be shared with the appropriate authorities, such as the police or the Federal Bureau of Investigation (“FBI”).
Shared databases exist in a variety of forms. Often these databases are located within large storage systems that allow one or more entities to access information from the shared database in an organized fashion. For example, a database organizes a collection of information in such a way that a computer program can quickly select desired pieces of data. The database therefore operates as a sort of electronic filing system.
Traditional databases are organized by fields, records, and files, wherein a field is generally referred to as a single piece of information, a record is generally referred to as one complete set of fields and a file is generally referred to as a collection of records. For example, a telephone book is analogous to a file. It contains a list of records, each of which consists of three fields: name, address and telephone number. While a telephone book typically allows a person to search through fields by name to find a telephone number of interest, a database can allow a person to locate desired information within almost any field.
More recently, databases include the use of Hypertext. Hypertext is particularly useful for organizing and browsing through large databases that consist of disparate types of information. In a Hypertext database, substantially any object, such as text and image files, can be linked to almost any other object in the database. A selected object allows a user to view all other objects linked to the selected object regardless of data type. For example, a user may access a database to retrieve a text file that contains links to other files, such as image files, associated with that text file. These links may allow the user to retrieve a linked file, for example, by the simple click of a computer mouse at the user's computer terminal. Such links are commonly referred to as hypertext links.
For a user to access data in a database, the database is controlled by a database management system. The database management system is a collection of software programs that enables users to access, organize and/or select data. Examples of such software programs include the Microsoft SQL Server and the Oracle Enterprise Manager. Although typically transparent user, the database management system provides a “view” of the database to the user so that the user may retrieve information as needed.
These databases and database management systems, collectively referred to as database systems, can also be configured to allow a plurality of entities, each having a unique organizational goal, to share information. Additionally, a database system may be configured to allow, for example, one entity to access a particular “partition” of data within the database while excluding another entity from accessing that partition. As described in the bank security example, a bank's security organization may maintain a private record of the bank's computer attacks in one partition of the database system while allowing other entities possibly including external organizations access to another partition of the database system. Both partitions may reside within the same database system, but each ensures mutual exclusivity among the entities.
When one entity determines that another entity should be granted access to certain information, the granting entity may access the information and manually “parse out” either unnecessary or sensitive information for the other entity. For example, an airline organization may keep detailed records of a passenger manifest within the organization's database system. Police and/or counter terrorist organizations may be interested in information regarding a particular passenger who frequently travels with that airline. The airline organization may, in the interests of national security as well as the safety of its passengers, wish to cooperate with such public safety organizations and provide information regarding that particular passenger to those organizations. The airline organization, as well as many other organizations, may however wish to protect or withhold other “company sensitive” information. Accordingly, the airline organization will remove the company sensitive information and communicate that passenger information to the desiring public safety organization.
With sensitive information removed, one entity may cooperate with another entity by providing “sanitized” information to the other entity confident in the fact that the sensitive information has been protected. However, the process to remove the sensitive information is a cumbersome and time-consuming one that involves human interaction. Additionally, as humans are prone to make mistakes, sensitive information may on occasion be inadvertently transferred to another entity. Such inadvertent transfers may expose an entity to unfortunate circumstances, such as legal liability and/or competitive vulnerability. For example, if a bank unintentionally publishes information regarding a number of times the bank has been a victim of computer fraud, other competing banks may prey upon the bank's weaknesses through negative marketing.
The information sharing problems as noted herein are not limited to either exclusively commercial entities or exclusively public entities. Public entities, such as law enforcement, often desire to interact with commercial entities so that they may better serve the public in general. However, commercial entities are often reluctant to cooperate with public entities for fear that sensitive company information may be exposed to the public domain. As a result, operations of the public entities are often obstructed to the detriment of the public in general.