Access control protocol for user profile management
First Claim
1. In an electronic device, a method, comprising the steps of:
- providing a user profile holding information regarding a user;
establishing a first set of permissions for the user profile, wherein said first set of permissions specifies who may access the user profile;
establishing a second set of permissions for a selected sub-division of the user profile, wherein said second set of permissions specifies who may access the sub-division; and
wherein in order for a party to access the selected sub-division, the party must be specified by the first set of permissions as having access to the user profile and must be specified by the second set of permissions as having access to the selected sub-division.
6 Assignments
0 Petitions
Accused Products
Abstract
A customer profile access protocol with flexible access control capabilities is provided. The protocol facilitates secure and privacy enabled access to user profile data. The user profile data may be accessed by clients, such as other users, service providers and system administrators. The user profile data may be used by service providers and system administrators. The user profile data may be used by service providers to customize services provided to users. Permissions that control profile access may be established under user control. The user may specify different permissions for different grains of information within the user profile. For example, a first set of permissions may be associated with the entire user profile whereas a second set of permissions may be associated with a particular field in the user profile. Clients may be grouped such that permissions may be associated with a single group or combinations of groups specified by algebraic set operators.
-
Citations
26 Claims
-
1. In an electronic device, a method, comprising the steps of:
-
providing a user profile holding information regarding a user;
establishing a first set of permissions for the user profile, wherein said first set of permissions specifies who may access the user profile;
establishing a second set of permissions for a selected sub-division of the user profile, wherein said second set of permissions specifies who may access the sub-division; and
wherein in order for a party to access the selected sub-division, the party must be specified by the first set of permissions as having access to the user profile and must be specified by the second set of permissions as having access to the selected sub-division. - View Dependent Claims (2, 3, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19)
-
- 4. The method of claim 4, wherein at least one party is granted read access to the user profile, indicating that the party may read information in the user profile.
-
16. A method, comprising the steps of:
-
providing user profiles that hold information regarding users and are accessible via a network;
specifying groups of service providers for providing services to the users, each group containing a set of service providers; and
granting access permission for authorized information in a selected user profile to a selected one of the groups so that the service providers in the selected group may access the authorized information.
-
-
20. In an electronic device, a method, comprising the steps of:
-
providing a user profile having various fields, wherein at least one of said fields has associated permissions;
setting the permissions relative to a given service provider so as to prevent access to at least one selected field and grant access to at least one given field in the user profile so as to support an anonymous transaction between the given service provider and the user by withholding an identity of the user. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. In an electronic device, a method, comprising the steps of:
-
providing a user profile holding information regarding a user in fields;
providing a protocol that enables the getting and setting of the following;
(i) fields in the user profile;
(ii) access permissions for the fields in the user profile;
(iii) members of groups that have access permissions to selected ones of the fields in the user profile;
(iv) group access permissions that specify access information regarding groups;
(v) permissions access permissions that specify permissions for the access permissions; and
(vi) a schema definition for the user profile.
-
Specification