Abstract: A system for customer data privacy management is provided. The system includes a data store having customer data and privacy rules associated with the customer data, a rules engine that limits access to the customer data, an application to provide a service related to the customer data, and an interface in communication with the application and the rules engine. The rules engine promotes limiting access to customer data based on the service of the application and the privacy rules associated with the customer data. The customer data includes mobile location information and positioning information. The service of the application may be further defined as a mobile location service. The customer data includes a buddy list and one or more of the privacy rules can be associated with the buddy list to limit access by one or more applications to the buddy list.

Abstract: The present system allows disparate secure applications to communicate directly with one another in a heterogeneous application environment by providing for the creation of tokens that can be passed between the applications without human intervention. Security information is passed between applications in the form of a token with a string data type. Since a string is a primitive data type, it can be recognized by a large number of applications and interfaces. The token has no header and therefore no application-specific header configuration, making it platform and technology independent. This eliminates the need for conversion of security information between different formats. The use of tokens also eliminates the need for an application to be authenticated and authorized every time it sends a message to another application. Instead of a permanent context or session, a context is created with every invocation from one application to another.

Abstract: A system to validate a request for web services which includes a digital certificate is provided. The system includes a first certification authority that provides a public encryption key and a certificate revocation list in response to requests. The system also includes a certification revocation list component that determines whether a digital certificate is named in the certification revocation list, a certificate verification component that determines whether a digital certificate is valid, a plurality of verifier components that determine the validity of a request for web services and each of which operates in accordance with a different one of a plurality of OASIS Web Services Security versions. The system also includes a management component to determine the version of the OASIS Web Service Security version of the web services request and to select an appropriate verifier component.

Abstract: A system and method for managing customer data is provided. The method for managing customer data includes assigning one or more roles with entities desiring access to customer data, the entities including at least one application. The method provides for determining a category associated with at least some of the customer data, determining an access level for each role based on the category associated with the at least some of the customer data, and restricting access by the application to a system maintaining the customer data based on whether the application is authorized to access the system.