Preference editor to facilitate privacy controls over user identities
First Claim
1. A system, comprising at least one processor programmed to provide:
- an identity selector configured to provide a selection of at least one user identity from a plurality of user identities for a single user; and
a privacy preference editor configured to generate at least one privacy preference relative to the one or more of the selected user identities;
wherein the privacy preference editor is configured to selectively associate the at least one privacy preference to at least one information card;
wherein the identity selector retrieves and determines which of the at least one information card satisfy identity requirements of a security policy, enables the user to select one of the at least one information card determined to satisfy the security policy, and requests an issuance of a security token from an identity provider, in reference to the at least one information card selected by the user;
wherein the privacy preference editor is configured for generating at least one user-authored privacy preference ruleset; and
based on the at least one generated user-authored privacy preference ruleset that is used by a privacy engine to evaluate the acceptability of a relying party'"'"'s privacy policy.
4 Assignments
0 Petitions
Accused Products
Abstract
A privacy preference editor enables a user to institute privacy preferences relative to user identity information on a card-based and category-based basis. An identity selector furnishes information cards representative of user identities. The editor allows the user to set a privacy preference for each information card. Any proposed disclosure of an information card invokes its corresponding privacy preference. In turn, an agent engine evaluates the invoked privacy preference against the privacy policy of a relying party seeking the card information. The editor also permits the user to create information categories, populate the categories with a group of relevant user identity attributes, and set a privacy preference to the category. In this way, a category-specific privacy preference can be invoked by using the attribute required by the security policy as an index to the appropriate categorized group where the required attribute resides.
-
Citations
20 Claims
-
1. A system, comprising at least one processor programmed to provide:
-
an identity selector configured to provide a selection of at least one user identity from a plurality of user identities for a single user; and a privacy preference editor configured to generate at least one privacy preference relative to the one or more of the selected user identities; wherein the privacy preference editor is configured to selectively associate the at least one privacy preference to at least one information card; wherein the identity selector retrieves and determines which of the at least one information card satisfy identity requirements of a security policy, enables the user to select one of the at least one information card determined to satisfy the security policy, and requests an issuance of a security token from an identity provider, in reference to the at least one information card selected by the user; wherein the privacy preference editor is configured for generating at least one user-authored privacy preference ruleset; and based on the at least one generated user-authored privacy preference ruleset that is used by a privacy engine to evaluate the acceptability of a relying party'"'"'s privacy policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
providing, by an identity selector, at least one indication of at least one user identity of a plurality of user identities for a single user; and generating at least one privacy preference, by a privacy preference editor, relative to the at least one indication of at least one user identity, using the determination; wherein the privacy preference editor is configured to selectively associate the at least one privacy preference to at least one information card; wherein the identity selector retrieves and determines which of the at least one information card satisfy identity requirements of a security policy, enables the user to select one of the at least one information card determined to satisfy the security policy, and requests an issuance of a security token from an identity provider, in reference to the at least one information card selected by the user; wherein the privacy preference editor is configured for generating at least one user-authored privacy preference ruleset; and based on the at least one generated user-authored privacy preference ruleset that is used by a privacy engine to evaluate the acceptability of a relying party'"'"'s privacy policy. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having computer-executable instructions for execution by at least one processor, that, when executed, cause the at least one processor to:
-
receive a privacy preference specification relative to an indication of at least one user identity of a plurality of user identities for a single user; and generate at least one privacy preference relative to the at least one indication of at least one user identity; associate the at least one privacy preference to at least one information card; retrieve and determine which of the at least one information card satisfy identity requirements of a security policy, enables the user to select one of the at least one information card determined to satisfy the security policy, and requests an issuance of a security token in reference to the at least one information card selected by the user; generate at least one user-authored privacy preference ruleset; and based on the at least one generated user-authored privacy preference ruleset that is used by a privacy engine to evaluate the acceptability of a relying party'"'"'s privacy policy. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification