Profile and consent accrual

US 10,003,667 B2
Filed: 06/18/2015
Issued: 06/19/2018
Est. Priority Date: 02/23/2004
Status: Active Grant

First Claim

Patent Images

1. A method of managing consent between a client and a network server, the client and the network server configured to be communicatively coupled to a data communication network, the network server configured to provide a service to a user via the client, and the client configured to operate a browser that is configured to permit the user to communicate on the data communication network, the method comprising:

maintaining a user profile associated with the user;

receiving a first request, the first request received from the service and requesting access to user information associated with the user;

determining whether the user profile indicates that the user has provided consent for the service to access the user information;

in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, providing to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information;

receiving, from the user and via the consent user interface, the indication;

updating the user profile to include the indication; and

allowing the service to access the at least one portion in accordance with the indication.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual.

Citations

26 Claims

1. A method of managing consent between a client and a network server, the client and the network server configured to be communicatively coupled to a data communication network, the network server configured to provide a service to a user via the client, and the client configured to operate a browser that is configured to permit the user to communicate on the data communication network, the method comprising:
- maintaining a user profile associated with the user;
  
  receiving a first request, the first request received from the service and requesting access to user information associated with the user;
  
  determining whether the user profile indicates that the user has provided consent for the service to access the user information;
  
  in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, providing to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information;
  
  receiving, from the user and via the consent user interface, the indication;
  
  updating the user profile to include the indication; and
  
  allowing the service to access the at least one portion in accordance with the indication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - receiving a third request, the third request received from the service and requesting access to additional user information associated with the user, the requested additional user information comprising an additional portion of the user information and the additional portion being at least partially different than the at least one portion;
      
      determining whether the user profile indicates that the user has provided consent for the service to access the requested additional user information;
      
      in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the requested additional user information, providing to the user, via the browser, a further consent user interface that includes a fourth request, the fourth request requesting that the user provide consent for the service to access the requested additional user information, the fourth request including information describing how the service intends to use the requested additional user information and a user-selectable option configured to allow the user to provide an indication that the user approves providing consent for the service to access the requested additional user information;
      
      receiving, from the user and via the further consent user interface, the indication that the user approves providing consent for the service to access the requested additional user information;
      
      further updating the user profile to include an indication that the user has provided consent for the service to access the requested additional user information; and
      
      allowing the service to access the requested additional user information in accordance with the indication of consent included in the further updated user profile.
  - 3. The method of claim 2, wherein the service provided by the network server is a member of a policy group, and wherein the further consent user interface further displays a list of members of said policy group and further displays retention information associated with the requested additional user information, said retention information specifying how long the requested additional user information will be retained by the service provided by the network server.
  - 4. The method of claim 2, wherein said further consent user interface further displays a second user-selectable option for viewing a privacy policy associated with a policy group, said privacy policy relating to how user information that the policy group is granted consent to use is to be protected, and further comprising providing a policy user interface via the browser for displaying the privacy policy, said policy user interface being provided in response to the second user-selectable option being selected by the user.
  - 5. The method of claim 1, wherein the user profile is being maintained by a central server, said central server being coupled to the data communication network, and wherein the user interface is being provided by the central server and displays the user information previously included in the user profile.
  - 6. The method of claim 1, further comprising providing a revocation user interface via the browser for allowing the user to revoke consent for the service provided by the network server to use the user information included in the user profile, said revocation user interface displaying a list of services for which the user has granted consent to use the user information included in the user profile.
  - 7. The method of claim 6, wherein said revocation user interface further displays a user-selectable option for revoking consent for the service provided by the network server to use the user information included in the user profile, and revoking consent in response to the user-selectable option being selected by the user.
  - 8. The method of claim 1, further comprising providing an administrator user interface to a responsible person of the user in response to said receiving the indication from the user and via the further consent user interface, said administrator user interface allowing the responsible person of the user to grant consent for the service provided by the network server to use the requested additional user information and allowing access by the service to the received requested additional user information if consent for the service to use the received requested additional user information is granted by said responsible person and wherein said responsible person is a parent of the user.
  - 9. The method of claim 1, wherein the consent user interface is provided via the browser.

10. One or more non-transitory computer-readable storage media having computer-executable instructions for managing consent between a client and a network server, the client and the network server being coupled to a data communication network, the network server providing a service to a user via the client, and the client operating a browser that is configured to permit the user to communicate on the data communication network, the non-transitory computer-readable storage media comprising computer executable instructions for:
- maintaining a user profile associated with the user;
  
  receiving a first request, the first request received from the service and requesting access to user information associated with the user;
  
  determining whether the user profile indicates that the user has provided consent for the service to access the user information;
  
  providing, in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information;
  
  receiving, from the user and via the consent user interface, the indication;
  
  updating the user profile to include the indication; and
  
  allowing the service to access the at least one portion in accordance with the indication.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The non-transitory computer-readable storage media of claim 10, further comprising reviewing instructions configured to display retention information associated with the user information, said retention information specifying how long the user information will be retained by the service provided by the network server.
  - 12. The non-transitory computer-readable storage media of claim 10, wherein the user interface is configured to display the user information previously stored in a profiling component, and further comprising revoking instructions for allowing the user to revoke consent for the service provided by the network server to use the user-specific information stored in the profiling component, said revoking instructions displaying a list of member services that the user has granted consent to use the user information stored in the profiling component.
  - 13. The non-transitory computer-readable storage media of claim 12, wherein said revoking instructions further display a user-selectable option for allowing the user to revoke consent for the service, and revoking consent in response to the user-selectable option being selected by the user.
  - 14. The non-transitory computer-readable storage media of claim 10, further comprising reviewing instructions configured to display a list of member services of a policy group.
  - 15. The non-transitory computer-readable storage media of claim 10, further comprising managed-consent instructions for providing the received indication to a responsible person of the user to allow the responsible person of the user to grant consent for the service provided by the network server to use the received user information.
  - 16. The non-transitory computer-readable storage media of claim 10, the method further comprising:
    - receiving a third request, the third request received from the service and requesting access to additional user information associated with the user, the requested additional user information comprising an additional portion of the user information and the second portion being at least partially different than the at least one portion;
      
      determining whether the user profile indicates that the user has provided consent for the service to access the requested additional user information;
      
      in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the requested additional user information, providing to the user a further consent user interface that includes a fourth request, the fourth request requesting that the user provide consent for the service to access the requested additional user information, the fourth request including information describing how the service intends to use the requested additional user information and a user-selectable option configured to allow the user to provide an indication that the user approves providing consent for the service to access the requested additional user information;
      
      receiving, from the user and via the further consent user interface, the indication that the user approves providing consent for the service to access the requested additional user information;
      
      further updating the user profile to include an indication that the user has provided consent for the service to access the requested additional user information; and
      
      allowing the service to access the requested additional user information in accordance with the indication of consent included in the further updated user profile.
  - 17. The non-transitory computer-readable storage media of claim 16, wherein the further consent user interface further displays a second user-selectable option for viewing a privacy policy, said privacy policy relating to how user information that a policy group is granted consent to use is to be protected, and further comprising providing a policy user interface for displaying the privacy policy, said policy user interface being provided in response to the second user-selectable option being selected by the user.
  - 18. The non-transitory computer-readable storage media of claim 10, wherein the consent user interface is provided via the browser.

19. An authentication system comprising:
- an authentication server including a processor and a memory configured to couple to a data communication network;
  
  an authentication database associated with the authentication server, the authentication database storing user-specific information identifying the user with respect to one or more services provided by at least one affiliate server coupled to the data communication network, the affiliate server providing the one or more services to the user via a client coupled to the data communication network, the client configured to operate a browser that is configured to permit the user to communicate on the data communication network;
  
  the authentication server executing instructions to;
  
  maintain a user profile associated with the user;
  
  receive a first request, the first request received from the service and requesting access to user information associated with the user;
  
  determine whether the user profile indicates that the user has provided consent for the service to access the user information;
  
  provide, in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information;
  
  receive, from the user and via the consent user interface, the indication;
  
  update the user profile to include the indication; and
  
  allow the service to access the at least one portion in accordance with the indication.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The authentication system of claim 19, the authentication server further executing instructions to:
    - receive a third request, the third request received from the service and requesting access to additional user information associated with the user, the requested additional user information comprising an additional portion of the user information and the second portion being at least partially different than the at least one portion;
      
      determine whether the user profile indicates that the user has provided consent for the service to access the requested additional user information;
      
      in response to the determination that the user profile does not indicate that the user has provided consent for the service to access the requested additional user information, provide to the user, via the browser, a further consent user interface that includes a fourth request, the fourth request requesting that the user provide consent for the service to access the requested additional user information, the fourth request including information describing how the service intends to use the requested additional user information and a user-selectable option configured to allow the user to provide an indication that the user approves providing consent for the service to access the requested additional user information;
      
      receive, from the user and via the further consent user interface, the indication that the user approves providing consent for the service to access the requested additional user information;
      
      further updating the user profile to include an indication that the user has provided consent for the service to access the requested additional user information; and
      
      allow the service to access the requested additional user information in accordance with the indication of consent included in the further updated user profile.
  - 21. The authentication system of claim 20, wherein the further consent user interface further displays a second user-selectable option for viewing a privacy policy associated with a policy group, said privacy policy relating to how user information that the policy group is granted consent to use is to be protected, and further comprising providing a policy user interface via the browser for displaying the privacy policy, said policy user interface being provided in response to the second user-selectable option being selected by the user.
  - 22. The authentication system of claim 20, further comprising providing a revocation user interface via the browser for allowing the user to revoke consent for the service provided by the authentication server to use the user information included in the user profile, said revocation user interface displaying a list of services for which the user has granted consent to use the user information included in the user profile.
  - 23. The authentication system of claim 19, wherein the authentication server is further configured to provide a revocation user interface via the browser for allowing the user to revoke consent for the service provided by the network server to use the user information included in the user profile, the revocation user interface displaying a list of services for which the user has granted consent to use the user information included in the user profile.
  - 24. The authentication system of claim 19, wherein the authentication server is further configured to provide an administrator user interface to a responsible person of the user in response to the receiving the user information provided by the user indication from the user and via the further consent user interface, the another administrator user interface allowing the responsible person of the user to grant consent for the service provided by the network server to use the received requested additional user information and wherein the responsible person is a parent of the user.
  - 25. The authentication system of claim 19, wherein the service provided by the authentication server is a member of a policy group, and wherein the further consent user interface further displays a list of members of said policy group and further displays retention information associated with the requested user information, said retention information specifying how long the requested user information will be retained by the service provided by the network server.
  - 26. The authentication system of claim 19, wherein the consent user interface is provided via the browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Mathew, Ashvin Joseph, Vetrivel, Puhazholi, Mutha, Nayana Ramdas, Coco, Joseph Nicholas, Dunn, Melissa W.
Primary Examiner(s)
Blair, Douglas B

Application Number

US14/743,371
Publication Number

US 20150304448A1
Time in Patent Office

1,097 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06Q 30/02   Marketing; Price estimation...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/306   User profiles

Profile and consent accrual

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Profile and consent accrual

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links