Methods and apparatus for providing privacy-preserving global customization

US 20020133500A1
Filed: 01/23/2002
Published: 09/19/2002
Est. Priority Date: 06/13/2000
Status: Active Grant

First Claim

Patent Images

1. A method for use in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the method comprising the steps of:

providing one or more mechanisms for enabling at least one of the user and one or more of the entities to control which entities in the distributed data network have access to information generated in association with the user'"'"'s activity on the distributed data network; and

customizing content to be received by the user in accordance with at least a portion of the accessible information.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques and infrastructure are provided for supporting global customization. The invention enables persona profiles of user information to be maintained, and such persona profiles to be accessed by merchants. Via the persona abstraction, users control what information is grouped into a persona profile, and can selectively enable a merchant to read one of these profiles. The infrastructure of the invention employs a persona server that assists users in managing their personae. The infrastructure of the invention separates this from the profile databases at which persona profile information is stored, to eliminate any single point at which different persona profiles can be tied to the same user. Since merchants also have privacy concerns, the infrastructure of the invention provides a data protection model based on tainting, by which merchants can limit how the information they contribute can be exposed.

141 Citations

51 Claims

1. A method for use in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the method comprising the steps of:
- providing one or more mechanisms for enabling at least one of the user and one or more of the entities to control which entities in the distributed data network have access to information generated in association with the user'"'"'s activity on the distributed data network; and
  
  customizing content to be received by the user in accordance with at least a portion of the accessible information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the step of providing the one or more control mechanisms for the user comprises the step of enabling the user to specify two or more roles within which the user may perform activities on the distributed data network.
  - 3. The method of claim 2, further wherein the two or more roles have two or more profiles respectively associated therewith.
  - 4. The method of claim 3, further wherein the two or more profiles are substantially unlinkable.
  - 5. The method of claim 4, wherein the substantial unlinkability of the profiles substantially prevents an entity from learning about the user'"'"'s activity at another entity, when the user conducts activities at the different entities in the different roles.
  - 6. The method of claim 2, wherein the roles are specified in accordance with at least one dedicated server located in the distributed data network.
  - 7. The method of claim 1, wherein at least one of the one or more entities are merchants operating on the distributed data network.
  - 8. The method of claim 1, wherein the step of providing the one or more control mechanisms for the one or more entities comprises the step of enabling the one or more entities to specify which other entities are able to access information that the one or more entities learned in association with the user conducting activities with the one or more entities.
  - 9. The method of claim 8, further wherein the one or more entities are enabled to specify which other entities are able to access information derived from original information that the one or more entities learned in association with the user conducting activities with the one or more entities.
  - 10. The method of claim 9, wherein the one or more entities are enabled to specify a degree of information derivation in accordance with which other entities may be able to access the information.
  - 11. The method of claim 10, wherein the one or more entities are enabled to group the other entities into one or more classes wherein each class has a degree of information derivation associated therewith.
  - 12. The method of claim 1, wherein the one or more entities access the information in accordance with one or more dedicated databases located in the distributed data network.
  - 14. The method of claim 13, wherein the access credentials comprise rights by which the entity may access the information.
  - 15. The method of claim 14, wherein the access rights comprise at least one of information read rights, information insert rights and information delete rights.
  - 16. The method of claim 14, wherein the access credentials further comprise an identifier of the entity to which the access credentials are being issued.
  - 17. The method of claim 14, wherein the access credentials further comprise an expiration time specifying a duration of the access rights.
  - 18. The method of claim 14, wherein the access credentials further comprise a digital signature on the access credentials.
  - 19. The method of claim 18, wherein the access credentials further comprise a public key matching a private key by which the access credentials have been digitally signed.
  - 20. The method of claim 13, wherein the maintaining step further comprises prompting the user to specify a new role or an existing role within which the user may perform activities on the distributed data network

13. A method for use in accordance with at least one server in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the method comprising the steps of:
- maintaining two or more user-specified policies respectively associated with two or more roles within which the user may perform activities on the distributed data network; and
  
  issuing access credentials associated with the user-specified policies to one or more entities that seek to access information generated in association with the user'"'"'s activity on the distributed data network so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

21. A method for use in accordance with one or more databases in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the method comprising the steps of:
- storing information that the one or more entities learn in association with the user conducting activities with the one or more entities; and
  
  enabling the one or more entities to specify which other entities are able to access the stored information so as to customize content to be received by the user in accordance with at least a portion of the accessible information.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 30, 31, 32, 33, 34, 35, 36, 38, 39, 40, 41, 42, 43, 44, 46, 47, 48, 49)
- - 22. The method of claim 21, wherein the information that the one or more entities learn in association with the user conducting activities with the one or more entities comprises at least one of original information and information derived from the original information.
  - 23. The method of claim 21, wherein the enabling step further comprises enabling the one or more entities to specify one or more taint classes for portions of the stored information.
  - 24. The method of claim 23, wherein a given taint class corresponds to an affinity an entity has to collaborate with entities in the given taint class.
  - 25. The method of claim 23, wherein at least portions of the information are respectively stored as records, wherein each record has stored in association therewith a data structure comprising at least one of an accumulated taint strength, a set of taint classes, and pointers to one or more original records from which this record was derived.
  - 26. The method of claim 25, wherein an entity is not permitted to read a record derived from an original record if the entity is not a member of a specified taint class and there is a path of a given length or less from the derived record to the original record.
  - 27. The method of claim 21, further comprising the step of applying a scoring function to portions of the stored information to which a given entity has access.
  - 28. The method of claim 27, wherein results of the scoring function indicate the relevance of the portions of the stored information to one or more content customization decisions to be made by the given entity.
  - 30. The apparatus of claim 29, wherein the access credentials comprise rights by which the entity may access the information.
  - 31. The apparatus of claim 30, wherein the access rights comprise at least one of information read rights, information insert rights and information delete rights.
  - 32. The apparatus of claim 30, wherein the access credentials further comprise an identifier of the entity to which the access credentials are being issued.
  - 33. The apparatus of claim 30, wherein the access credentials further comprise an expiration time specifying a duration of the access rights.
  - 34. The apparatus of claim 30, wherein the access credentials further comprise a digital signature on the access credentials.
  - 35. The apparatus of claim 34, wherein the access credentials further comprise a public key matching a private key by which the access credentials have been digitally signed.
  - 36. The apparatus of claim 29, wherein the at least one processor is further operative to prompt the user to specify a new role or an existing role within which the user may perform activities on the distributed data network
  - 38. The apparatus of claim 37, wherein the information that the one or more entities learn in association with the user conducting activities with the one or more entities comprises at least one of original information and information derived from the original information.
  - 39. The apparatus of claim 37, wherein the enabling operation further comprises enabling the one or more entities to specify one or more taint classes for portions of the stored information.
  - 40. The apparatus of claim 39, wherein a given taint class corresponds to an affinity an entity has to collaborate with entities in the given taint class.
  - 41. The apparatus of claim 39, wherein at least portions of the information are respectively stored as records, wherein each record has stored in association therewith a data structure comprising at least one of an accumulated taint strength, a set of taint classes, and pointers to one or more original records from which this record was derived.
  - 42. The apparatus of claim 41, wherein an entity is not permitted to read a record derived from an original record if the entity is not a member of a specified taint class and there is a path of a given length or less from the derived record to the original record.
  - 43. The apparatus of claim 37, wherein the at least one processor is further operative to apply a scoring function to portions of the stored information to which a given entity has access.
  - 44. The apparatus of claim 43, wherein results of the scoring function indicate the relevance of the portions of the stored information to one or more content customization decisions to be made by the given entity.
  - 46. The apparatus of claim 45, wherein the at least one server is a virtual server.
  - 47. The apparatus of claim 45, wherein the user system comprises a browser program for requesting and receiving content.
  - 48. The apparatus of claim 45, wherein the one or more entity servers host merchant sites which a user may selectively visit in accordance with the user system.
  - 49. The apparatus of claim 45, wherein the distributed data network is the Internet.

29. Apparatus for use in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the apparatus comprising:
- at least one processor operative to;
  
  (i) maintain two or more user-specified policies respectively associated with two or more roles within which the user may perform activities on the distributed data network; and
  
  (ii) issue access credentials associated with the user-specified policies to one or more entities that seek to access information generated in association with the user'"'"'s activity on the distributed data network so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

37. Apparatus for use in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the apparatus comprising:
- at least one processor operative to;
  
  (i) store information that the one or more entities learn in association with the user conducting activities with the one or more entities; and
  
  (ii) enable the one or more entities to specify which other entities are able to access the stored information so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

45. Apparatus for use in a distributed data network wherein a user system may request and receive content from one or more servers associated with entities in the distributed data network, the apparatus comprising:
- at least one server in the distributed data network operative to;
  
  (i) maintain two or more user-specified policies respectively associated with two or more roles within which the user system may perform activities on the distributed data network; and
  
  (ii) issue access credentials associated with the user-specified policies to one or more entity servers that seek to access information generated in association with the user system'"'"'s activity on the distributed data network so as to customize content to be received by the user system in accordance with at least a portion of the accessible information; and
  
  one or more databases in the distributed data network operative to;
  
  (i) store information that the one or more entity servers learn in association with the user conducting activities with the one or more entities; and
  
  (ii) enable the one or more entities to specify which other entities are able to access the stored information so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

50. An article of manufacture for use in accordance with at least one server in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the article comprising a machine readable medium containing one or more programs which when executed implement the steps of:
- maintaining two or more user-specified policies respectively associated with two or more roles within which the user may perform activities on the distributed data network; and
  
  issuing access credentials associated with the user-specified policies to one or more entities that seek to access information generated in association with the user'"'"'s activity on the distributed data network so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

51. An article of manufacture for use in accordance with one or more databases in a distributed data network wherein a user may request and receive content from one or more entities in the distributed data network, the article comprising a machine readable medium containing one or more programs which when executed implement the steps of:
- storing information that the one or more entities learn in association with the user conducting activities with the one or more entities; and
  
  enabling the one or more entities to specify which other entities are able to access the stored information so as to customize content to be received by the user in accordance with at least a portion of the accessible information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia of America Corporation (Nokia Corporation)
Original Assignee
Lucent Technologies, Inc. (Nokia Corporation)
Inventors
Jakobsson, Bjorn Markus, Jai, Ben, Reiter, Michael Kendrick, Arlein, Robert M., Monrose, Fabian

Granted Patent

US 7,107,269 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/102
CPC Class Codes

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/6263   during internet communicati...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2141   Access rights, e.g. capabil...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/06   Buying, selling or leasing ...

G06Q 30/0621   Item configuration or custo...

H04L 63/0428   wherein the data content is...

H04L 63/102   Entity profiles

H04L 67/02   based on web technology, e....

H04L 67/306   User profiles

H04L 67/53   using third party service p...

H04L 67/535   Tracking the activity of th...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Y10S 707/99939   Privileged access

Methods and apparatus for providing privacy-preserving global customization

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

141 Citations

51 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for providing privacy-preserving global customization

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

141 Citations

51 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links