System for managing transactional data

US 10,509,921 B2
Filed: 05/31/2017
Issued: 12/17/2019
Est. Priority Date: 05/31/2017
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a plurality of transaction storage devices, each transaction storage device of the plurality of transaction storage devices comprising a data store configured to;

receive, from a first entity, a request to push a detailed transaction corresponding to a secure identifier,wherein the secure identifier is generated, using an encoding function, from a user identifier of a user,wherein the detailed transaction identifies at least one selected from a group consisting of products and services received by the user from the first entity;

validate the detailed transaction using metadata from the first entity; and

store the detailed transaction based on a first determination to trust the first entity after validating the detailed transaction;

an access controller configured to;

perform the first determination by applying a first security rule corresponding to a type of the secure identifier to the request to push the detailed transaction; and

determine, based on the first security rule indicating that an identity check should be performed, whether the number of entries corresponding to the first entity in a greylist exceeds a threshold; and

a registry configured to store at least the first security rule.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system may include transaction storage devices. Each transaction storage device may include a data store configured to receive, from a first entity, a request to push a detailed transaction corresponding to a secure identifier. The secure identifier may be generated, using an encoding function, from a user identifier of a user. The data store may be further configured to store the detailed transaction based on a first determination to trust the first entity. The system may further include an access controller configured to perform the first determination by applying a first security rule corresponding to a type of the secure identifier to the request to push the detailed transaction, and a registry configured to store at least the first security rule.

20 Citations

13 Claims

1. A system, comprising:
- a plurality of transaction storage devices, each transaction storage device of the plurality of transaction storage devices comprising a data store configured to;
  
  receive, from a first entity, a request to push a detailed transaction corresponding to a secure identifier,wherein the secure identifier is generated, using an encoding function, from a user identifier of a user,wherein the detailed transaction identifies at least one selected from a group consisting of products and services received by the user from the first entity;
  
  validate the detailed transaction using metadata from the first entity; and
  
  store the detailed transaction based on a first determination to trust the first entity after validating the detailed transaction;
  
  an access controller configured to;
  
  perform the first determination by applying a first security rule corresponding to a type of the secure identifier to the request to push the detailed transaction; and
  
  determine, based on the first security rule indicating that an identity check should be performed, whether the number of entries corresponding to the first entity in a greylist exceeds a threshold; and
  
  a registry configured to store at least the first security rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the access controller is further configured to:
    - determine, based on the first security rule indicating that an identity check should be performed, whether the first entity is listed in a whitelist.
  - 3. The system of claim 1, wherein the registry is further configured to:
    - receive, from the user, a request to register a universal resource identifier (URI) of a first data store with the secure identifier; and
      
      store the URI of the first data store with the secure identifier.
  - 4. The system of claim 3, wherein the registry is further configured to:
    - receive, from a second entity, a request to lookup a data store registered with the secure identifier;
      
      retrieve the URI of the first data store in response to the request to lookup the data store; and
      
      transmit the URI of the first data store to the second entity, based on a second determination to trust the second entity, wherein the second determination comprises applying a second security rule corresponding to the type of the secure identifier to the request to lookup the data store, wherein the second determination is performed by the access controller.
  - 5. The system of claim 4, wherein the second security rule indicates that challenge-based access control should be performed, wherein performing the second determination further comprises:
    - generating a series of challenges in response to a series of requests received from the second entity;
      
      transmitting each challenge of the series of challenges to the second entity in response to the corresponding request of the series of requests;
      
      receiving a result from the second entity in response to the challenge; and
      
      determining whether the result is correct.
  - 6. The system of claim 5, wherein performing the challenge-based access control is based on the number of requests received from the second entity exceeding a predetermined minimum value and not exceeding a predetermined maximum value within a predetermined time interval.
  - 7. The system of claim 1, further comprising:
    - a service provider configured to provide the request to push the detailed transaction to the data store when the access controller trusts the service provider.

8. A method, comprising:
- receiving, from a first entity, a request to push a detailed transaction corresponding to a secure identifier,wherein the secure identifier is generated, using an encoding function, from a user identifier of a user,wherein the detailed transaction identifies at least one selected from a group consisting of products and services received by the user from the first entity;
  
  validate the detailed transaction using metadata from the first entity;
  
  storing the detailed transaction based on a first determination to trust the first entity after validating the detailed transaction, wherein the first determination comprises applying a first security rule corresponding to a type of the secure identifier to the request to push the detailed transaction; and
  
  determining, based on the first security rule indicating that an identity check should be performed, whether the number of entries corresponding to the first entity in a greylist exceeds a threshold.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, wherein the first determination further comprises:
    - determining, based on the first security rule indicating that an identity check should be performed, whether the first entity is listed in a whitelist.
  - 10. The method of claim 8, further comprising:
    - receiving a request to register a universal resource identifier (URI) to a first data store with the secure identifier; and
      
      storing the URI of the first data store with the secure identifier.
  - 11. The method of claim 10, further comprising:
    - receiving, from a second entity, a request to lookup a data store registered with the secure identifier;
      
      retrieving the URI of the first data store in response to the request to lookup the data store; and
      
      transmitting the URI of the first data store to the second entity, based on a second determination to trust the second entity, wherein the second determination comprises applying a second security rule corresponding to the type of the secure identifier to the request to lookup the data store.
  - 12. The method of claim 11, wherein the second security rule indicates that challenge-based access control should be performed, wherein the second determination further comprises:
    - generating a series of challenges in response to a series of requests received from the second entity;
      
      transmitting each challenge of the series of challenges to the second entity in response to the corresponding request of the series of requests;
      
      receiving a result from the second entity in response to the challenge; and
      
      determining whether the result is correct.
  - 13. The method of claim 12, wherein performing the challenge-based access control is based on the number of requests received from the second entity exceeding a predetermined minimum value and not exceeding a predetermined maximum value within a predetermined time interval.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Kunjachan, George Chiramattel, Arya, Amit, Vogel, Peter Allen
Primary Examiner(s)
Poltorak, Piotr

Application Number

US15/610,542
Publication Number

US 20180349643A1
Time in Patent Office

930 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 21/6245   Protecting personal data, e...

G06F 21/6263   during internet communicati...

G06Q 20/047   using payment protocols inv...

G06Q 20/3827   Use of message hashing

G06Q 20/383   Anonymous user system

G06Q 20/385   using an alias or single-us...

G06Q 20/389   Keeping log of transactions...

G06Q 20/405   Establishing or using trans...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 63/101   Access control lists [ACL]

H04L 63/205   involving negotiation or de...

System for managing transactional data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

20 Citations

13 Claims

Specification

Use Cases

Quick Links

Others

System for managing transactional data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

13 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others