Secure user-information repository server accessible through a communications network

US 20020108057A1
Filed: 12/13/2000
Published: 08/08/2002
Est. Priority Date: 12/13/2000
Status: Abandoned Application

First Claim

Patent Images

1. An information server system providing for the secure and selective communication of information from a user account over a network to a client system remote from said information server system, wherein a client account is established on said information server system to support secure identification of said client system, wherein said server system includes:

a) a storage system providing for the storage of user data selectable by reference and a user data profile identifying by reference a first sub-set of said user data accessible by said client; and

b) a processor system providing for the access of said user data in response to a data access request received from a user system on behalf of said client system, wherein said request includes an identification of said client account sufficient to enable a secure identification of said client system and is associated with an identification of said user account sufficient to enable a secure identification of said user system, wherein said request includes an identification of user data by reference, wherein said processor system provides a second sub-set of said user data corresponding to said identification of user data by reference constrained by said user data profile.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A repository server system stores confidential user-information for selective distribution, on behalf of a user to third-party server systems to enable autonomous form data fill-in of form fields having third-party server defined data formats. A database stores the confidential user-information data in named data fields. A repository server processor is coupleable to the database to access the confidential user-information. The processor is coupleable to a communications network to receive a form data request from a form served by the third-party server. The form data request includes a predefined selective mapping of named form fields relative to the named data fields. The processor operates over the selective mapping to access the confidential user-information data and produce instances of the confidential user-information data corresponding to the defined data formats of the named form fields. A form data response, then returned, contains the confidential user-information data corresponding to the defined data formats of the named form fields.

64 Citations

View as Search Results

35 Claims

1. An information server system providing for the secure and selective communication of information from a user account over a network to a client system remote from said information server system, wherein a client account is established on said information server system to support secure identification of said client system, wherein said server system includes:
- a) a storage system providing for the storage of user data selectable by reference and a user data profile identifying by reference a first sub-set of said user data accessible by said client; and
  
  b) a processor system providing for the access of said user data in response to a data access request received from a user system on behalf of said client system, wherein said request includes an identification of said client account sufficient to enable a secure identification of said client system and is associated with an identification of said user account sufficient to enable a secure identification of said user system, wherein said request includes an identification of user data by reference, wherein said processor system provides a second sub-set of said user data corresponding to said identification of user data by reference constrained by said user data profile.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The information server system of claim 1 wherein said request is provided by said client system to said user system for selectable issuance by said user system.
  - 3. The information server system of claim 2 wherein said storage system stores a plurality of said user data profiles and wherein said processor system provides for the evaluation of said request to select a pre-defined profile corresponding to said client system to determine said second sub-set of said user data.
  - 4. The information server system of claim 3 wherein said second sub-set of user data is returned in a response to said client system for the benefit of said client system.
  - 5. The information server system of claim 4 wherein said response includes said second sub-set of user data and said identification of user data by reference.
  - 6. The information server system of claim 1 wherein said identification of user data by reference identifies user data solicited by said client system from the user of said user system and wherein said second sub-set of user data is a selectively automated predefined conditional response to said request.
  - 7. The information server system of claim 6 wherein said processor system conditionally provides for independent network interactions with said user system intervening between receipt of said request and provision of said second sub-set of user data.
  - 8. The information server system of claim 7 wherein said independent interactions with said user system conditionally includes a network interaction to obtain a confirmation to allow provision of said second sub-set of user data in response to said request.
  - 9. The system of claim 8 wherein said independent interactions with said user system conditionally includes a network interaction to obtain supplementary user data encompassed by said identification of user data by reference, wherein said supplementary user data is stored by said storage system.

10. A repository server for storing confidential user-information for access through a communications network by requesters, said repository server being coupleable to said communications network to process network requests for confidential user-information stored in a secure database, said repository server selectively providing confidential user-information in response to a defined network request, said defined network request including identifiers of a requestor account and a user account validly established with said repository server and an identifier of the names and value-form of the confidential user-information requested, wherein said user account includes a requestor profile defining an accessible scope of confidential user-information providable to a pre-determined requester, said repository server being selectively responsive to said defined network request to provide confidential user-information dependent on said equester profile and the confidential user-information stored with respect to said user account.
- View Dependent Claims (11, 12, 13, 15, 16, 17, 18, 19)
- - 11. The repository server of claim 10 wherein said requestor account contains a requestor-type identifier defining a permissible scope of confidential user-information requestable and wherein said repository server is further selectively responsive to said defined network request to provide confidential user-information dependent on said requestor-type identifier.
  - 12. The repository server of claim 11 wherein said requestor-type identifier is assigned by said repository server.
  - 13. The repository server of claim 10 and 11 wherein said repository server is further selectively responsive to said defined network request to provide for the storage of confidential user-information dependent on said requester profile.
  - 15. The repository server system of claim 14 wherein the selective release of said constrained subset is conditioned on the secure identification of said requesting computer system.
  - 16. The repository server system of claim 15 wherein said access profile further includes rules establishing restrictions on the use of said constrained subset by said requesting computer system.
  - 17. The repository server system of claim 16 wherein said access profile defines restrictions based on any combination of time, value, and amount for any combination of said first and second secure identifications.
  - 18. The repository server system of claim 17 wherein said identification within said access profile identifies said requesting computer indirectly.
  - 19. The repository server system of claim 17 wherein said database stores a plurality of said access profiles with respect to said corresponding user account.

14. A repository server system provided on a communications network to securely store and selectively provide confidential user information to a requesting computer system, wherein the requesting computer system provides for the specification of the requested information to be passed by a user computer system to said repository server system, wherein said specification includes a first secure identification of said requesting computer system and a first identification of user confidential information by reference, said repository server system comprising:
- a database first storing confidential user information by reference within a corresponding user account and second storing an access profile with respect to said corresponding user account wherein said access profile includes an identification of said requesting computer system and a second identification of confidential user information by reference; and
  
  a processor providing for the receipt of said specification, wherein said processor obtains a second secure identification of said user computer in connection with said specification, wherein said processor selectively releases a constrained subset of said confidential user information defined by the intersection of said first and second identifications.

20. A repository server system that operates to selectively provide confidential user information on behalf of a user to a client computer system, where a user data request form is supplied by said client computer system to a user computer system for data entry and wherein said repository server system provides for a data-request control to be associated with said user data request form on said user computer system, said repository server system comprising:
- a) a repository database storing confidential user information in a user account for a user; and
  
  b) a processor system, coupled to said repository database and coupleable to said user computer system, responsive to an activation of said data-request control to autonomously obtain a secure identification of said client computer system, a specification of confidential user information requested, and a secure identification of said user from said user computer system, said processor system providing said confidential user information identified by said specification, subject to an authorization, to provide said confidential user information in response to said activation of said data-request control.
- View Dependent Claims (21, 22, 23, 24, 25, 27, 28, 29, 30, 31)
- - 21. The repository server system of claim 20 wherein said authorization is storable in said user account.
  - 22. The repository server system of claim 21 wherein said processor system obtains said authorization from said user.
  - 23. The repository server system of claim 20 wherein said repository database stores an access profile associated with said user account and wherein said access profile stores information qualifying access to said confidential user information based on said secure identification of said client computer system including said authorization.
  - 24. The repository server system of claim 23 wherein said processor system is responsive to said access profile and to said confidential user information to obtain said authorization and said confidential user information identified by said specification from said user.
  - 25. The repository server system of claim 24 wherein said processor system operates to obtain said authorization and said confidential user information identified by said specification from said user prior to providing said confidential user information in response to said activation of said data-request control.
  - 27. The method of claim 26 further comprising the step of said repository server system requiring said user computer system to provide a secure identification of said user in connection with said request.
  - 28. The method of claim 27 wherein said third determining step determines said response set of confidential user information as an intersection of said confidential user information stored by said repository server, said user confidential information accessible by said client computer system as determined from said predefined profile, and said defined set of confidential user information.
  - 29. The method of claim 28 further comprising an optional step of obtaining additional confidential user information from said user subsequent to receiving said request and prior to returning said response set, wherein said additional confidential user information is within said defined set of confidential user information.
  - 30. The method of claim 29 wherein said response set of confidential user information is returned subject to an authorization to release said response set to said client computer system and wherein said authorization is optionally obtained by said repository server from said predefined profile.
  - 31. The method of claim 30 wherein said authorization is optionally obtained from said user.

26. A method of providing confidential user information from a secure repository server to a client computer system on behalf of the user of a user computer system, said method comprising the steps of:
- a) providing, by said client computer system, a request for confidential user information to said repository server, where such confidential user information is stored in a user account by said repository server system, wherein said request identifies a defined set of confidential user information requested in response to said request;
  
  b) qualifying said request by said repository server system including i) first determining that said request includes a secure identification of said client computer system, ii) second determining a predefined profile, out of a set of predefined profiles stored by said repository server in correspondence with said user account, that includes an identification of said client computer system, and iii) third determining an response set of confidential user information, subject to said predefined profile; and
  
  c) returning said response set of confidential user information to said client computer system.

32. A method of providing confidential user information in a controlled manner to a client computer system on behalf of the user of a user computer system, said method comprising the steps of:
- a) providing said user computer system with a Web page form request for confidential user information, said Web page form including a data-request control;
  
  b) sending to a repository server, in response to the activation of said data-request control, a request including an identification of client requested information for completing said Web page form;
  
  c) qualifying said request by said repository server including i) securely verifying the identity of said client computer system and of said user; and
  
  ii) determining a profile defined set of confidential user information available for access from said repository server based on the identity of said client computer system; and
  
  d) returning a qualified set of confidential user information, wherein said qualified set of confidential user information is the subset of confidential user information that is within said identification of client requested information and within said profile defined set of confidential user information.
- View Dependent Claims (33, 34)
- - 33. The method of claim 32 wherein said data-request control embeds said identification of client requested information.
  - 34. The method of claim 33 wherein said identification of client requested information references a specification of client requested information stored by said repository server.

35. The method of wherein said step of qualifying said request includes the step of accessing said specification of client requested information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Propel Software Corporation (GlobalPOPs, Inc.)
Original Assignee
Propel Software Corporation (GlobalPOPs, Inc.)
Inventors
Zhanhong Wu, Jackie, Kline, Charles, Kirsch, Steven T., Rose, William W., Natarajan, Satish, Wyllie, Russell D.

Application Number

US09/738,458
Publication Number

US 20020108057A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

Secure user-information repository server accessible through a communications network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Secure user-information repository server accessible through a communications network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links