Enhanced privacy protection in identification in a data communication network
First Claim
1. A method for enhanced privacy protection in identification in a data communications network, the method comprising:
- enrolling for a service on said data communications network;
receiving a randomized identifier (ID) in response to said enrolling;
storing said randomized ID; and
using said randomized ID to obtain services on said data communications network.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for enhanced privacy protection in identification in a data communications network includes enrolling for a service on the data communications network, receiving a randomized identifier (ID) in response to the enrolling, storing the randomized ID and using the randomized ID to obtain services on the data communications network. An apparatus for obtaining a service on a data communications network includes an enrollment authority configured to accept an enrollment request. The enrollment authority is further configured to return enrollment results in response to the enrollment request. The enrollment results include user data and the enrollment results may be used obtaining a service from a service provider.
-
Citations
11 Claims
-
1. A method for enhanced privacy protection in identification in a data communications network, the method comprising:
-
enrolling for a service on said data communications network;
receiving a randomized identifier (ID) in response to said enrolling;
storing said randomized ID; and
using said randomized ID to obtain services on said data communications network.
-
-
2. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for enhanced privacy protection in identification in a data communications network, the method comprising:
-
enrolling for a service on said data communications network;
receiving a randomized identifier (ID) in response to said enrolling;
storing said randomized ID; and
using said randomized ID to obtain services on said data communications network.
-
-
3. An apparatus for enhanced privacy protection in identification in a data communications network, the apparatus comprising:
-
means for enrolling for a service on said data communications network;
means for receiving a randomized identifier (ID) in response to said enrolling;
means for storing said randomized ID; and
means for using said randomized ID to obtain services on said data communications network.
-
-
4. An apparatus for enhanced privacy protection in identification in a data communications network, the apparatus comprising:
a smart card configured to store a randomized ID obtained in response to enrolling for a service on said data communications network, said smart card further configured to release said randomized ID to obtain services on said data communications network.
-
5. A memory for storing data for access by an application program being executed on a data processing system, comprising:
a data structure stored in said memory, said data structure including;
credential data; and
an authority peer group ID that identifies an entity that provided data authentication for said credential, said entity comprising a one or more network servers in a data communications network, one of said one or more network servers providing data authentication for said credential;
a cryptogram provided by said entity and used to authenticate said credential data.
-
6. A method for obtaining a service on a data communications network, the method comprising:
-
presenting an authority on said data communications network with user data and a credential request; and
receiving a credential in response to said credential request, said credential comprising;
a randomized identifier;
credential user data; and
an indication of the credential user data verification performed by said authority in response to said credential request.
-
-
7. A method for obtaining a service on a data communications network, the method comprising:
-
presenting an authority on said data communications network with a logon request;
receiving a kerberos ticket in response to said user authentication data, said ticket comprising a randomized user ID; and
using said kerberos ticket to obtain services from one or more service provider on said data communications network.
-
-
8. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for obtaining a service on a data communications network, the method comprising:
-
presenting an authority on said data communications network with a logon request;
receiving a kerberos ticket in response to said user authentication data, said ticket comprising a randomized user ID; and
using said kerberos ticket to obtain services from one or more service provider on said data communications network.
-
-
9. An apparatus for obtaining a service on a data communications network, the apparatus comprising:
-
means for presenting an authority on said data communications network with a logon request;
means for receiving a kerberos ticket in response to said user authentication data, said ticket comprising a randomized user ID; and
means for using said kerberos ticket to obtain services from one or more service provider on said data communications network.
-
-
10. An apparatus for obtaining a service on a data communications network, the apparatus comprising:
an enrollment authority configured to accept an enrollment request, said enrollment authority further configured to return enrollment results in response to said enrollment request, said enrollment results comprising user data, said enrollment results for use in obtaining a service from a service provider.
-
11. An apparatus for obtaining a service on a data communications network, the apparatus comprising:
a service provider configured to accept a service request and enrollment results obtained from an enrollment authority, said service provider capable of communicating with said authority to verify said enrollment results, said service provider configured to provide said service based upon said enrollment results and a response from said enrollment authority.
Specification