Identity-centric data access
First Claim
1. In a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, a method for one of the plurality of applications to operate on data related to the identity, the method comprising the following:
- an act of identifying a data structure that represents data that is to be operated on, the data being associated with the identity, the data structure being in accordance with a data format recognized by the service and the plurality of applications;
an act of constructing a network message in accordance with a message format that is recognized by the service, the network message representing a request to perform the operation on the data structure, the network message identifying the data structure by identifying the identity; and
an act of dispatching the network message to the service.
2 Assignments
0 Petitions
Accused Products
Abstract
A model for accessing data in an identity-centric manner. An identity may be a user, a group of users, or an organization. Instead of data being maintained on an application-by-application basis, the data associated with a particular identity is stored by one or more data services accessible by many applications. The data is stored in accordance with a schema that is recognized by a number of different applications and the data service. When a user is to perform an operation on the identity'"'"'s data, the corresponding application generates a message that has a structure that is recognized by the data service. The message represents a request to perform an operation on the data structure corresponding to the identity. The data service receives and interprets the message. If authorized, the data service then performs the operation.
176 Citations
54 Claims
-
1. In a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, a method for one of the plurality of applications to operate on data related to the identity, the method comprising the following:
-
an act of identifying a data structure that represents data that is to be operated on, the data being associated with the identity, the data structure being in accordance with a data format recognized by the service and the plurality of applications;
an act of constructing a network message in accordance with a message format that is recognized by the service, the network message representing a request to perform the operation on the data structure, the network message identifying the data structure by identifying the identity; and
an act of dispatching the network message to the service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. In a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, a method for one of the plurality of applications to operate on data related to the identity, the method comprising the following:
-
an act of determining that data associated with the identity is to be operated on;
a step for formulating a request to operate on the data via a structured network message that identifies the identity; and
an act of dispatching the network message to the service. - View Dependent Claims (23, 25, 26, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 49, 50, 51)
-
-
24. A computer program product for use in a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, the computer program product for implementing a method for one of the plurality of applications to operate on data related to the identity, the computer program product comprising one or more computer-readable media having stored thereon the following:
-
computer-executable instructions for identifying a data structure that represents data that is to be operated on, the data being associated with the identity, the data structure being in accordance with a data format recognized by the service and the plurality of applications;
computer-executable instructions for constructing a network message in accordance with a message format that is recognized by the service, the network message representing a request to perform the operation on the data structure, the network message identifying the data structure by identifying the identity; and
computer-executable instructions for causing the network message to be dispatched to the service.
-
-
27. In a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, a method for the service facilitating access of the plurality of applications to data related to the identity, the method comprising the following:
-
an act of receiving a network message from one of the plurality of applications, the network message structured in accordance with a message format that is recognized by the service, the network message representing a request to operate on a data structure associated with the identity, the data structure being structured in accordance with a data format recognized by the service and the plurality of applications;
an act of interpreting the network message in light of the message format to thereby extract an identification of the identity and an identification of the data structure; and
an act of performing the requested operation on the data structure using the data format.
-
-
48. A computer-program product for use in a computer environment including a plurality of applications that operate on data related to an identity, the computer environment also including a service that maintains data associated with the identity, the computer program product for implementing a method for the service facilitating access of the plurality of applications to data related to the identity, the computer program product comprising one or more computer-readable media having stored thereon the following:
-
computer-executable instructions for detecting the receipt of a network message from one of the plurality of applications, the network message structured in accordance with a message format that is recognized by the service, the network message representing a request to operate on a data structure associated with the identity, the data structure being structured in accordance with a data format recognized by the service and the plurality of applications;
computer-executable instructions for interpreting the network message in light of the message format to thereby extract an identification of the identity and an identification of the data structure; and
computer-executable instructions for performing the requested operation on the data structure using the data format.
-
-
52. A computer network that facilitates access to identity-centric data, the computer network comprising the following:
-
a plurality of applications that operate on data related to an identity, each of the plurality of applications configured to determine that data associated with the identity is to be operated on, identify a data structure that represents the data associated with the identity, construct a network message in accordance with a message structure recognized by the plurality of applications, the network message representing a request to perform the operation on the data structure, the network message identifying the data structure by identifying the identity, and configured to dispatch the network message to the service; and
a plurality of services that maintain data associated with the identity, each of the plurality of applications configured to detect the receipt of the network message from one of the plurality of applications, interpret the network message in light of the message format to thereby extract an identification of the identity and an identification of the data structure, and perform the requested operation on the data structure using the data format.
-
-
53. A method for providing identity-centric data to one or more applications, the method including at least the following acts:
-
storing identity-centric data relating to multiple identities in a data store associated with a data service;
receiving various requests from the applications for identity-centric data relating to at least some of the identities; and
providing the requested data to the requesting applications in response to their requests.
-
-
54. A method for accessing identity-centric data via a data service which maintains identity-centric data relating to user identities, the method comprising:
-
requesting identity-centric data relating to one or more of the user identities from the data service, and receiving the requested data from the data service.
-
Specification