Profile and consent accrual
First Claim
1. A method of managing consent between a client and a network server, the client and the network server configured to be communicatively coupled to a data communication network, the network server configured to provide a service to a user via the client, and the client configured to operate a browser that is configured to permit the user to communicate on the data communication network, the method comprising:
- maintaining a user profile associated with the user;
receiving a first request, the first request received from the service and requesting access to user information associated with the user;
determining whether the user profile indicates that the user has provided consent for the service to access the user information;
in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, providing to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information;
receiving, from the user and via the consent user interface, the indication;
updating the user profile to include the indication; and
allowing the service to access the at least one portion in accordance with the indication.
2 Assignments
0 Petitions
Accused Products
Abstract
Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual.
-
Citations
26 Claims
-
1. A method of managing consent between a client and a network server, the client and the network server configured to be communicatively coupled to a data communication network, the network server configured to provide a service to a user via the client, and the client configured to operate a browser that is configured to permit the user to communicate on the data communication network, the method comprising:
-
maintaining a user profile associated with the user; receiving a first request, the first request received from the service and requesting access to user information associated with the user; determining whether the user profile indicates that the user has provided consent for the service to access the user information; in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, providing to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information; receiving, from the user and via the consent user interface, the indication; updating the user profile to include the indication; and allowing the service to access the at least one portion in accordance with the indication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory computer-readable storage media having computer-executable instructions for managing consent between a client and a network server, the client and the network server being coupled to a data communication network, the network server providing a service to a user via the client, and the client operating a browser that is configured to permit the user to communicate on the data communication network, the non-transitory computer-readable storage media comprising computer executable instructions for:
-
maintaining a user profile associated with the user; receiving a first request, the first request received from the service and requesting access to user information associated with the user; determining whether the user profile indicates that the user has provided consent for the service to access the user information; providing, in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information; receiving, from the user and via the consent user interface, the indication; updating the user profile to include the indication; and allowing the service to access the at least one portion in accordance with the indication. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An authentication system comprising:
-
an authentication server including a processor and a memory configured to couple to a data communication network; an authentication database associated with the authentication server, the authentication database storing user-specific information identifying the user with respect to one or more services provided by at least one affiliate server coupled to the data communication network, the affiliate server providing the one or more services to the user via a client coupled to the data communication network, the client configured to operate a browser that is configured to permit the user to communicate on the data communication network; the authentication server executing instructions to; maintain a user profile associated with the user; receive a first request, the first request received from the service and requesting access to user information associated with the user; determine whether the user profile indicates that the user has provided consent for the service to access the user information; provide, in response to the determining that the user profile does not indicate that the user has provided consent for the service to access the user information, to the user a consent user interface that includes a second request, the second request including information describing how the service intends to use the user information and a user-selectable option configured to allow the user to provide an indication with respect to whether the user approves providing consent for the service to access at least one portion of the user information; receive, from the user and via the consent user interface, the indication; update the user profile to include the indication; and allow the service to access the at least one portion in accordance with the indication. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification