Method and system for consumer based access control for identity information

US 10,387,980 B1
Filed: 06/06/2016
Issued: 08/20/2019
Est. Priority Date: 06/05/2015
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for access control for identity information requests, the method comprising:

configuring specific policies for a policy engine in an identity service entity in a Joint Identity and Information Service Network (JIISN) server framework which manages a plurality of identity service entities, wherein the specific policies may include real-time notification, real-time authorization, lock for duration of time and identifiers proving the identity of the authorizing party including contextual factors of the authorizing party;

configuring the JIISN for detection and verification of identity information requests against an active directory of the plurality of identity service entities and wherein the JIISN server framework includes at least one of the plurality of identity service entities who have been opted in by an identity information owner for notification, multi factor authentication and authorization of at least one of the identity information requests and wherein the at least one of the plurality of identity service entities has a real time authorization plug-in for communicating with a real time authorization server;

receiving at the at least one of the plurality of identity service entities the at least one identity information request from a requesting entity which confirms a unique identification and reference identity of the identity information owner;

processing and analyzing for abnormalities the at least one identity information request in the JIISN server framework;

computing the required action based on the specific policies;

communicating with the real time authorization server which identifies an authorizing party based on the specific policies and communicates with the authorizing party in real time through an out of band notification; and

receiving an authorization or decline of the at least one identity information request from the real time authorization server forwarded from the authorizing party.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer implemented system and method for a consumer based access control for identity information. The method and system involve receiving at an identity organization a request for registration and verification of the identity information and configuring a specific user selected policy for notification and authorization of such identity requests of a desired (or intended) identity service (or plurality of services) associated with the targeted user identification. Next, processing the request in a Joint Identity Information Service Network (JIISN) server framework for the detection and verification of a request against an active directory of users or organizations who have opted in for notification; computing the required action based on the configuration of the policies in one of the group consisting of: a JISN policy engine and a user remote mobile control system; communicating with a real time authorization server (e.g., eGuardian™) which in part identifies the registered authorizing party including delivering notification for the identity services requested by the user based on the JISN policy engine setting through the agency or organization Identity System Service (e.g., It'"'"'sMe™ service) and alternatively user mobile rules; automatic rejection (or lock down of the Identity or data), automatic approval or real time authorization delivering the request authorization through a secure communication network back to a joint identity network service comprised of a plurality of government or private identity and credit report services; and determining if a user is to be verified using a second or multi factor authenticating service.

91 Citations

View as Search Results

18 Claims

1. A computer implemented method for access control for identity information requests, the method comprising:
- configuring specific policies for a policy engine in an identity service entity in a Joint Identity and Information Service Network (JIISN) server framework which manages a plurality of identity service entities, wherein the specific policies may include real-time notification, real-time authorization, lock for duration of time and identifiers proving the identity of the authorizing party including contextual factors of the authorizing party;
  
  configuring the JIISN for detection and verification of identity information requests against an active directory of the plurality of identity service entities and wherein the JIISN server framework includes at least one of the plurality of identity service entities who have been opted in by an identity information owner for notification, multi factor authentication and authorization of at least one of the identity information requests and wherein the at least one of the plurality of identity service entities has a real time authorization plug-in for communicating with a real time authorization server;
  
  receiving at the at least one of the plurality of identity service entities the at least one identity information request from a requesting entity which confirms a unique identification and reference identity of the identity information owner;
  
  processing and analyzing for abnormalities the at least one identity information request in the JIISN server framework;
  
  computing the required action based on the specific policies;
  
  communicating with the real time authorization server which identifies an authorizing party based on the specific policies and communicates with the authorizing party in real time through an out of band notification; and
  
  receiving an authorization or decline of the at least one identity information request from the real time authorization server forwarded from the authorizing party.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the at least one identity information request is for one of the following:
    - a school member identification;
      
      a club member identification;
      
      a Social Security Number;
      
      an Employee Identification Number (EIN);
      
      a Driver License;
      
      a Passport Number;
      
      a credit report;
      
      a health identification; and
      
      a student identification.
  - 3. The method of claim 1 wherein the specific policies may further include at least one of the following:
    - automatic authorization and automatic rejection.
  - 4. The method of claim 1, wherein the identifiers may further include at least two of the following:
    - user pin code, passwords, biometric, and habits.
  - 5. The method of claim 1 wherein the configuration of the specific policies are set by a remote mobile control system.
  - 6. The method of claim 1 wherein the policy engine of the JIISN server framework manages each of the specific policies for each of the identity service entities and for each identity information owner identity.
  - 7. The method of claim 1 wherein the policy engine can report the failed versus successful identity information request attempts to the identity information owner.
  - 8. The method of claim 1 wherein the at least one identity information request results in identity information verification requested by one of the plurality of identity service entities serving another of the plurality of identity services entities.
  - 9. The method of claim 1 wherein the at least one identity information request results in identity information verification requested by one of the plurality of identity service entities serving a second identity service entity located outside the JIISN server framework.

10. A computer implemented method for access control for data commodity transfer requests, the method comprising:
- configuring specific policies for a policy engine in an identity service entity of a Joint Identity and Information Service Network (JIISN) server framework which manages a plurality of identity service entities, wherein the specific policies may include real-time notification, real-time authorization, lock for duration of time and identifiers proving the identity of the authorizing party including contextual factors of the authorizing party;
  
  configuring the JIISN for detection and verification of data commodity requests against an active directory of the plurality of identity service entities, wherein the JIISN server framework includes at least one of the plurality of identity service entities who have been opted in by a data commodity owner for notification, multi factor authentication and authorization of at least one of the data commodity requests and wherein the at least one of the plurality of identity service entities has a real time authorization plug-in for communicating with a real time authorization server;
  
  receiving at the at least one of the plurality of service entities the at least one data commodity request from a requesting entity which confirms a unique identification and reference identity of the data commodity owner;
  
  processing and analyzing for abnormalities the at least one data commodity request in the JIISN server framework;
  
  computing the required action based on the specific policies;
  
  communicating with the real time authorization server which identifies an authorizing party based on the specific policies and communicates with the authorizing party in real time through an out of band notification; and
  
  receiving an authorization or decline of the at least one data commodity request from the real time authorization server forwarded from the authorizing party.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10 wherein the at least one data commodity request is for one of the following:
    - a school member identification;
      
      a club member identification;
      
      a Social Security Number;
      
      an Employee Identification Number (EIN);
      
      a Driver License;
      
      a Passport Number;
      
      a credit report;
      
      a health identification; and
      
      a student identification.
  - 12. The method of claim 10 wherein the specific policies may further include at least one of the following:
    - automatic authorization and automatic rejection.
  - 13. The method of claim 10 wherein the identifiers may further include at least two of the following:
    - user pin code, passwords, biometric, and habits.
  - 14. The method of claim 10 wherein the configuration of the specific policies are set by a remote mobile control system.
  - 15. The method of claim 10 wherein the policy engine of the JIISN server framework manages each of the specific policies for each of the plurality of identity service entities and for each data commodity owner.
  - 16. The method of claim 10 wherein the policy engine can report the failed versus successful data commodity request attempts to the data commodity owner.
  - 17. The method of claim 10 wherein the at least one data commodity request results in identity information verification requested for data commodity transfer by one of the plurality of identity service entities serving another one of the plurality of identity service entities.
  - 18. The method of claim 10 wherein the at least one data commodity request results in identity information verification requested for data commodity transfer by one of the plurality of identity service entities serving a second identity service entity located outside the JIISN server framework.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SecureAuth Incorporated
Original Assignee
Acceptto Corporation
Inventors
Shahidzadeh, Nahal, Akkary, Haitham
Primary Examiner(s)
Ebersman, Bruce I

Application Number

US15/174,989
Time in Patent Office

1,170 Days
Field of Search

705 37
US Class Current
CPC Class Codes

G06Q 40/02   Banking, e.g. interest calc...

G06Q 40/123   Tax preparation or submission

G06Q 50/265   Personal security, identity...

H04L 63/068   using time-dependent keys, ...

H04L 63/08   for authentication of entit...

H04L 63/0861   using biometrical features,...

H04L 63/10   for controlling access to d...

H04L 63/108   when the policy decisions a...

H04L 63/18   using different networks or...

H04L 63/20   for managing network securi...

Method and system for consumer based access control for identity information

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

91 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for consumer based access control for identity information

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

91 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links