Supervised online identity

US 10,375,080 B2
Filed: 04/03/2017
Issued: 08/06/2019
Est. Priority Date: 06/28/2013
Status: Active Grant

First Claim

Patent Images

1. At least one server for being used in association with at least one server-provided online service, at least one first remote client computing device associated with a parent user, and at least one second remote client computing device associated with a child user, the at least one server comprising:

communication circuitry for permitting communication via an Internet network, when the at least one server is in operation, with the at least one first remote client computing device and the at least one second remote client computing device;

at least one processor; and

storage to store instructions that when executed by the at least one processor permit the at least one server to be configured to perform operations comprising;

storing, at least in part, at the at least one server, online child user identity profile data, the online child user identity profile data identifying, at least in part, the child user;

processing policy data provided, at least in part, via the at least one first remote client computing device, the policy data being configurable to indicate, at least in part, policy rules to be implemented, at least in part, via the at least one server to control, at least in part, usage of the at least one online server-provided service by the child user via the at least one second remote client computing device; and

processing request data from the at least one second remote client computing device, the request data indicating, at least in part, at least one request by the child user to use the at least one online server-provided service;

wherein;

the at least one server is configured to generate email notification data to be provided, at least in part, via the Internet network and the at least one first remote client computing device, the notification data being to notify, at least in part, the parent user of the at least one request and of the usage of the at least one online server-provided service by the child user;

determination of whether the at least one request is to be granted is to be based at least in part upon whether the at least one request is in accordance with the policy rules;

in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the at least one first remote client computing device, the at least one server is configured to permit granting of the at least one request, the authorization confirmation data being to indicate, at least in part, that the granting of the at least one request is authorized by the parent user;

the policy rules are configurable to comprise;

at least one policy profile rule to be used by the at least one server in determining whether to permit, at least in part, online sharing of the online child user identity profile data in association with the at least one server-provided service; and

at least one access control rule that is to be used in determining whether to permit, at least in part, the usage of the at least one online server-provided service by the child user, the at least one access control rule being configurable to be based at least in part upon at least one restriction related to network searching; and

at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;

the at least one server is to monitor and restrict the online sharing of at least one portion of the online child user identity profile data based upon the at least one policy profile rule;

the at least one policy profile rule is to be set via the at least one first remote client computing device; and

the at least one server is to determine, based upon the at least one policy profile rule, which information contained in the online child user identity profile data is to be used by the at least one server to establish a public profile for the child user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

31 Citations

35 Claims

1. At least one server for being used in association with at least one server-provided online service, at least one first remote client computing device associated with a parent user, and at least one second remote client computing device associated with a child user, the at least one server comprising:
- communication circuitry for permitting communication via an Internet network, when the at least one server is in operation, with the at least one first remote client computing device and the at least one second remote client computing device;
  
  at least one processor; and
  
  storage to store instructions that when executed by the at least one processor permit the at least one server to be configured to perform operations comprising;
  
  storing, at least in part, at the at least one server, online child user identity profile data, the online child user identity profile data identifying, at least in part, the child user;
  
  processing policy data provided, at least in part, via the at least one first remote client computing device, the policy data being configurable to indicate, at least in part, policy rules to be implemented, at least in part, via the at least one server to control, at least in part, usage of the at least one online server-provided service by the child user via the at least one second remote client computing device; and
  
  processing request data from the at least one second remote client computing device, the request data indicating, at least in part, at least one request by the child user to use the at least one online server-provided service;
  
  wherein;
  
  the at least one server is configured to generate email notification data to be provided, at least in part, via the Internet network and the at least one first remote client computing device, the notification data being to notify, at least in part, the parent user of the at least one request and of the usage of the at least one online server-provided service by the child user;
  
  determination of whether the at least one request is to be granted is to be based at least in part upon whether the at least one request is in accordance with the policy rules;
  
  in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the at least one first remote client computing device, the at least one server is configured to permit granting of the at least one request, the authorization confirmation data being to indicate, at least in part, that the granting of the at least one request is authorized by the parent user;
  
  the policy rules are configurable to comprise;
  
  at least one policy profile rule to be used by the at least one server in determining whether to permit, at least in part, online sharing of the online child user identity profile data in association with the at least one server-provided service; and
  
  at least one access control rule that is to be used in determining whether to permit, at least in part, the usage of the at least one online server-provided service by the child user, the at least one access control rule being configurable to be based at least in part upon at least one restriction related to network searching; and
  
  at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;
  
  the at least one server is to monitor and restrict the online sharing of at least one portion of the online child user identity profile data based upon the at least one policy profile rule;
  
  the at least one policy profile rule is to be set via the at least one first remote client computing device; and
  
  the at least one server is to determine, based upon the at least one policy profile rule, which information contained in the online child user identity profile data is to be used by the at least one server to establish a public profile for the child user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The at least one server of claim 1, wherein:
    - the at least one access control rule is capable of comprising white/black list information.
  - 3. The at least one server of claim 1, wherein:
    - the at least one online server-provided service comprises a plurality of online services that are to be provided, at least in part, by a plurality of remote servers.
  - 4. The at least one server of claim 1, wherein:
    - the at least one access control rule is also capable of being based at least in part upon time of day related restrictions.
  - 5. The at least one server of claim 1, wherein:
    - the at least one server is to serve, at least in part, as a cloud-computing broker with respect to the at least one online server-provided service.
  - 6. The at least one server of claim 1, wherein:
    - the at least one first remote client computing device and/or at least one second remote client computing device comprise at least one game-related client consumer electronic device.
  - 7. The at least one server of claim 1, wherein:
    - the at least one first remote client computing device and the at least one second remote client computing device each comprise;
      
      a desktop computer;
      
      a workstation;
      
      a laptop computer;
      
      a notebook computer;
      
      a tablet computer;
      
      a smartphone;
      
      a distributed computing system;
      
      a multiprocessor system;
      
      a consumer electronic device;
      
      a smart television; and
      
      /ora smart appliance.

8. Non-transitory machine-readable storage storing instructions to be executed by at one processor of at least one server, the at least one server to be used in association with at least one server-provided online service, at least one first remote client computing device associated with a parent user, and at least one second remote client computing device associated with a child user, the at least one server comprising communication circuitry, the communication circuitry being for permitting communication via an Internet network, when the at least one server is in operation, with the at least one first remote client computing device and the at least one second remote client computing device, the instructions when executed by the at least one processor resulting in the at least one server being configured to perform operations comprising:
- storing, at least in part, at the at least one server, online child user identity profile data, the online child user identity profile data identifying, at least in part, the child user;
  
  processing policy data provided, at least in part, via the at least one first remote client computing device, the policy data being configurable to indicate, at least in part, policy rules to be implemented, at least in part, via the at least one server to control, at least in part, usage of the at least one online server-provided service by the child user via the at least one second remote client computing device; and
  
  processing request data from the at least one second remote client computing device, the request data indicating, at least in part, at least one request by the child user to use the at least one online server-provided service;
  
  wherein;
  
  the at least one server is configured to generate email notification data to be provided, at least in part, via the Internet network and the at least one first remote client computing device, the notification data being to notify, at least in part, the parent user of the at least one request and of the usage of the at least one online server-provided service by the child user;
  
  determination of whether the at least one request is to be granted is to be based at least in part upon whether the at least one request is in accordance with the policy rules;
  
  in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the at least one first remote client computing device, the at least one server is configured to permit granting of the at least one request, the authorization confirmation data being to indicate, at least in part, that the granting of the at least one request is authorized by the parent user;
  
  the policy rules are configurable to comprise;
  
  at least one policy profile rule to be used by the at least one server in determining whether to permit, at least in part, online sharing of the online child user identity profile data in association with the at least one server-provided service;
  
  at least one access control rule that is to be used in determining whether to permit, at least in part, the usage of the at least one online server-provided service by the child user, the at least one access control rule being configurable to be based at least in part upon at least one restriction related to network searching; and
  
  at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;
  
  the at least one server is to monitor and restrict the online sharing of at least one portion of the online child user identity profile data based upon the at least one policy profile rule;
  
  the at least one policy profile rule is to be set via the at least one first remote client computing device; and
  
  the at least one server is to determine, based upon the at least one policy profile rule, which information contained in the online child user identity profile data is to be used by the at least one server to establish a public profile for the child user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one access control rule is capable of comprising white/black list information.
  - 10. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one online server-provided service comprises a plurality of online services that are to be provided, at least in part, by a plurality of remote servers.
  - 11. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one access control rule is also capable of being based at least in part upon time of day related restrictions.
  - 12. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one server is to serve, at least in part, as a cloud-computing broker with respect to the at least one online server-provided service.
  - 13. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one first remote client computing device and/or at least one second remote client computing device comprise at least one game-related client consumer electronic device.
  - 14. The non-transitory machine-readable storage of claim 8, wherein:
    - the at least one first remote client computing device and the at least one second remote client computing device each comprise;
      
      a desktop computer;
      
      a workstation;
      
      a laptop computer;
      
      a notebook computer;
      
      a tablet computer;
      
      a smartphone;
      
      a distributed computing system;
      
      a multiprocessor system;
      
      a consumer electronic device;
      
      a smart television; and
      
      /ora smart appliance.

15. A method implemented, at least in part, using at least one server, the at least one server being for being used in association with at least one server-provided online service, at least one first remote client computing device associated with a parent user, and at least one second remote client computing device associated with a child user, the at least one server comprising communication circuitry, the communication circuitry being to permit communication via an Internet network, when the at least one server is in operation, with the at least one first remote client computing device and the at least one second remote client computing device, the method comprising:
- storing, at least in part, at the at least one server, online child user identity profile data, the online child user identity profile data identifying, at least in part, the child user;
  
  processing policy data provided, at least in part, via the at least one first remote client computing device, the policy data being for indicating, at least in part, policy rules to be implemented, at least in part, via the at least one server to control, at least in part, usage of the at least one online server-provided service by the child user via the at least one second remote client computing device; and
  
  processing request data from the at least one second remote client computing device, the request data indicating, at least in part, at least one request by the child user to use the at least one online server-provided service;
  
  wherein;
  
  the at least one server is to generate email notification data to be provided, at least in part, via the Internet network and the at least one first remote client computing device, the notification data being to notify, at least in part, the parent user of the at least one request and of the usage of the at least one online server-provided service by the child user;
  
  determination of whether the at least one request is to be granted is to be based at least in part upon whether the at least one request is in accordance with the policy rules;
  
  in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the at least one first remote client computing device, the at least one server is to permit granting of the at least one request, the authorization confirmation data being to indicate, at least in part, that the granting of the at least one request is authorized by the parent user;
  
  the policy rules comprise;
  
  at least one policy profile rule to be used by the at least one server in determining whether to permit, at least in part, online sharing of the child user profile data with other users in association with the at least one server-provided service;
  
  at least one access control rule is to be used in determining whether to permit, at least in part, the usage of the at least one online server-provided service by the child user, the at least one access control rule being based at least in part upon at least one restriction related to network searching; and
  
  at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;
  
  the at least one server is to monitor and restrict the online sharing of at least one portion of the online child user identity profile data based upon the at least one policy profile rule;
  
  the at least one policy profile rule is to be set via the at least one first remote client computing device; and
  
  the at least one server is to determine, based upon the at least one policy profile rule, which information contained in the online child user identity profile data is to be used by the at least one server to establish a public profile for the child user.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15, wherein:
    - the at least one access control rule is capable of comprising white/black list information.
  - 17. The method of claim 15, wherein:
    - the at least one online server-provided service comprises a plurality of online services that are to be provided, at least in part, by a plurality of remote servers.
  - 18. The method of claim 15, wherein:
    - the at least one access control rule is also capable of being based at least in part upon time of day related restrictions.
  - 19. The method of claim 15, wherein:
    - the at least one server is to serve, at least in part, as a cloud-computing broker with respect to the at least one online server-provided service.
  - 20. The method of claim 15, wherein:
    - the at least one first remote client computing device and/or at least one second remote client computing device comprise at least one game-related client consumer electronic device.
  - 21. The method of claim 15, wherein:
    - the at least one first remote client computing device and the at least one second remote client computing device each comprise;
      
      a desktop computer;
      
      a workstation;
      
      a laptop computer;
      
      a notebook computer;
      
      a tablet computer;
      
      a smartphone;
      
      a distributed computing system;
      
      a multiprocessor system;
      
      a consumer electronic device;
      
      a smart television; and
      
      /ora smart appliance.

22. At least one server to be used in association with at least one server-provided online service, at least one first remote client computing device associated with a parent user, and at least one second remote client computing device associated with a child user, the at least one server comprising:
- communication means for permitting communication via an Internet network, when the at least one server is in operation, with the at least one first remote client computing device and the at least one second remote client computing device;
  
  at least one processor means; and
  
  storage means for storing instructions that when executed by the at least one processor means permits the at least one server to be configured for performing operations comprising;
  
  storing, at least in part, at the at least one server, online child user identity profile data, the online child user identity profile data identifying, at least in part, the child user;
  
  processing policy data provided, at least in part, via the at least one first remote client computing device, the policy data indicating, at least in part, policy rules to be implemented, at least in part, via the at least one server to control, at least in part, usage of the at least one online server-provided service by the child user via the at least one second remote client computing device; and
  
  processing request data from the at least one second remote client computing device, the request data indicating, at least in part, at least one request by the child user to use the at least one online server-provided service;
  
  wherein;
  
  the at least one server is for generating email notification data to be provided, at least in part, via the Internet network and the at least one first remote client computing device, the notification data being to notify, at least in part, the parent user of the at least one request and of the usage of the at least one online server-provided service by the child user;
  
  determination of whether the at least one request is to be granted is to be based at least in part upon whether the at least one request is in accordance with the policy rules;
  
  in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the at least one first remote client computing device, the at least one server is for permitting granting of the at least one request, the authorization confirmation data being to indicate, at least in part, that the granting of the at least one request is authorized by the parent user;
  
  the policy rules comprise;
  
  at least one policy profile rule to be used by the at least one server in determining whether to permit, at least in part, online sharing of the child user profile data with other users in association with the at least one server-provided service;
  
  at least one access control rule that is to be used in determining whether to permit, at least in part, the usage of the at least one online server-provided service by the child user, the at least one access control rule being based at least in part upon at least one restriction related to network searching; and
  
  at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;
  
  the at least one server is to monitor and restrict the online sharing of at least one portion of the online child user identity profile data based upon the at least one policy profile rule;
  
  the at least one policy profile rule is to be set via the at least one first remote client computing device; and
  
  the at least one server is to determine, based upon the at least one policy profile rule, which information contained in the online child user identity profile data is to be used by the at least one server to establish a public profile for the child user.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The at least one server of claim 22, wherein:
    - the at least one access control rule is capable of comprising white/black list information.
  - 24. The at least one server of claim 22, wherein:
    - the at least one online server-provided service comprises a plurality of online services that are to be provided, at least in part, by a plurality of remote servers.
  - 25. The at least one server of claim 22, wherein:
    - the at least one access control rule is also capable of being based at least in part upon time of day related restrictions.
  - 26. The at least one server of claim 22, wherein:
    - the at least one server is to serve, at least in part, as a cloud-computing broker with respect to the at least one online server-provided service.
  - 27. The at least one server of claim 22, wherein:
    - the at least one first remote client computing device and/or at least one second remote client computing device comprise at least one game-related client consumer electronic device.
  - 28. The at least one server of claim 22, wherein:
    - the at least one first remote client computing device and the at least one second remote client computing device each comprise;
      
      a desktop computer;
      
      a workstation;
      
      a laptop computer;
      
      a notebook computer;
      
      a tablet computer;
      
      a smartphone;
      
      a distributed computing system;
      
      a multiprocessor system;
      
      a consumer electronic device;
      
      a smart television; and
      
      /ora smart appliance.

29. One or more servers to be used in association with one or more server-provided online services, one or more first remote client computing devices associated with a parent user, and one or more second remote client computing devices associated with a child user, the one or more servers comprising:
- communication circuitry to permit communication via an Internet network, when the one or more servers are in operation, with the one or more first remote client computing devices and the one or more second remote client computing devices;
  
  one or more processors; and
  
  storage to store instructions that when executed by the one or more processors permit the at least one server to be configured to perform operations comprising;
  
  storing online child user identity profile data at the one or more servers, the online child user identity profile data identifying, at least in part, the child user;
  
  processing policy data provided via the one or more first remote client computing devices, the policy data being to indicate policy rules to be implemented, at least in part, via the one or more servers to control, at least in part, usage of the one or more online server-provided services by the child user via the one or more second remote client computing devices; and
  
  processing request data from the one or more second remote client computing devices, the request data indicating, at least in part, one or more requests by the child user to use the one or more online server-provided services;
  
  wherein;
  
  the one or more servers are to generate email notification data to be provided, at least in part, via the Internet network and the one or more first remote client computing devices, the notification data being to notify, at least in part, the parent user of the one or more requests and of the usage of the one or more online server-provided services by the child user;
  
  determination of whether the one or more requests are to be granted is to be based at least in part upon whether the one or more requests are in accordance with the policy rules;
  
  in response, at least in part, to authorization confirmation data to be provided, at least in part, via the Internet and the one or more first remote client computing devices, the one or more servers are to permit granting of the one or more requests, the authorization confirmation data being to indicate that the granting of the one or more requests are authorized by the parent user;
  
  the policy rules comprise;
  
  one or more policy profile rules to be used by the one or more servers in determining whether to permit, at least in part, online sharing of the child user profile data with other users in association with the one or more server-provided services;
  
  one or more access control rules that are to be used in determining whether to permit, at least in part, the usage of the one or more online server-provided services by the child user, the one or more access control rules being based at least in part upon one or more restrictions related to network searching; and
  
  at least one purchase policy rule indicating at least one online purchase transaction parameter to be used by the at least one server in determining whether to notify the parent user and request purchase authorization from the parent user of a requested online purchase transaction by the child user that satisfies the at least one online purchase transaction parameter, the at least one server to prevent the requested online purchase transaction from being completed unless the purchase authorization is received from the parent user;
  
  the one or more servers are to monitor and restrict the online sharing of one or more portions of the online child user identity profile data based upon the one or more policy profile rules;
  
  the one or more policy profile rules are to be set via the one or more first remote client computing devices; and
  
  the one or more servers are to determine, based upon the one or more policy profile rules, which information contained in the online child user identity profile data is to be used by the one or more servers to establish a public profile for the child user.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. The one or more servers of claim 29, wherein:
    - the one or more access control rules are capable of comprising white/black list information.
  - 31. The one or more servers of claim 29, wherein:
    - the one or more online server-provided services comprises a plurality of online services that are to be provided, at least in part, by a plurality of remote servers.
  - 32. The one or more servers of claim 29, wherein:
    - the one or more access control rules are also capable of being based at least in part upon time of day related restrictions.
  - 33. The one or more servers of claim 29, wherein:
    - the one or more servers are to serve, at least in part, as a cloud-computing broker with respect to the one or more online server-provided services.
  - 34. The one or more servers of claim 29, wherein:
    - the one or more first remote client computing devices and/or one or more second remote client computing devices comprise one or more game-related client consumer electronic devices.
  - 35. The one or more servers of claim 29, wherein:
    - the one or more first remote client computing devices and the one or more second remote client computing devices each comprise;
      
      a desktop computer;
      
      a workstation;
      
      a laptop computer;
      
      a notebook computer;
      
      a tablet computer;
      
      a smartphone;
      
      a distributed computing system;
      
      a multiprocessor system;
      
      a consumer electronic device;
      
      a smart television; and
      
      /ora smart appliance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Nayshtut, Alex, Ben-Shalom, Omer, Li, Hong
Primary Examiner(s)
Chen, Shin-Hon (Eric)

Application Number

US15/477,867
Publication Number

US 20170324743A1
Time in Patent Office

855 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/629   to features or functions of...

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2149   Restricted operating enviro...

H04L 63/083   using passwords cryptograph...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 63/205   involving negotiation or de...

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

H04W 12/37   Managing security policies ...

Supervised online identity

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Supervised online identity

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links