Privacy preferences roaming and enforcement
First Claim
1. In a distributed network comprising a number of service providers and a number of clients communicatively coupled to each other via a network, wherein a number of users are registered with said service providers through said clients, each of the users having a single set of privacy preferences, a method for propagating a user'"'"'s privacy preferences from a service to a browser comprising the steps of:
- signing up, by a user, a service provider via a browser without privacy;
returning, by said service provider, a set of default privacy preferences to said browser;
accessing, by the user, a service consumer site;
sending the user a user prompt for response;
modifying, by the user, said privacy preferences; and
returning said modified privacy preferences to said browser as a response.
8 Assignments
0 Petitions
Accused Products
Abstract
The invention comprises a system and method for management of Web users'"'"' privacy preferences. In the distributed system, a Web user has a single set of privacy preferences. The single set of privacy preferences and any of its modifications are propagated among Web browsers and Web services. The user'"'"'s own privacy preferences are enforced at Web services based on the requester'"'"'s privacy policies.
-
Citations
19 Claims
-
1. In a distributed network comprising a number of service providers and a number of clients communicatively coupled to each other via a network, wherein a number of users are registered with said service providers through said clients, each of the users having a single set of privacy preferences, a method for propagating a user'"'"'s privacy preferences from a service to a browser comprising the steps of:
-
signing up, by a user, a service provider via a browser without privacy;
returning, by said service provider, a set of default privacy preferences to said browser;
accessing, by the user, a service consumer site;
sending the user a user prompt for response;
modifying, by the user, said privacy preferences; and
returning said modified privacy preferences to said browser as a response. - View Dependent Claims (2, 3, 4)
-
-
5. In a distributed network comprising a number of Web service providers and a number of clients communicatively coupled to each other via the Internet, wherein a number of users are registered with said Web service providers through said clients, each of the users having a single set of privacy preferences, a method for propagating a user'"'"'s privacy preferences from a Web browser to Web services comprising the steps of:
-
signing up, by a user, a Web service provider (WSP) via a browser with P3P private preferences;
requesting, by said WSP, said privacy preferences from said browser;
sending, by said browser, said privacy preferences to said WSP;
recording, by said browser, said WSP'"'"'s URL; and
acknowledging, by said WSP, receipt of said privacy preferences. - View Dependent Claims (6, 7)
-
-
8. In a distributed network comprising a number of Web service providers and a number of clients communicatively coupled to each other via the Internet, wherein a number of users are registered with said Web service providers through said clients, each of the users having a single set of privacy preferences, a method for enforcing a user'"'"'s privacy preferences at Web services based on a service requester'"'"'s P3P policies comprising the steps of:
-
(a) accessing, by the user, a Web service consumer site (WSC);
(b) sending, by said WSC, a service request to a Web service provider (WSP);
(c) classifying, by said WSP, the user'"'"'s data in terms of P3P categories;
(d) checking whether said WSP needs to update its cache of said WSC'"'"'s P3P policies;
(e) if the check result in step (d) is yes, then updating said WSC'"'"'s P3P policies in said WSP'"'"'s cache and continuing with step (f);
(f) if the check result in step (d) is no, then identifying said WSC'"'"'s P3P policies based on the data included in the service request;
(g) evaluating the user'"'"'s privacy preferences against said WSC'"'"'s P3P policies;
(h) checking whether said WSC'"'"'s P3P policies exclude the user'"'"'s privacy preferences;
(i) if the check result of the step (h) is no, then replying, by said WSP, to said WSC;
(j) if the check result in the step (h) is yes, prompting the user via said WSC for permission; and
(k) sending the user'"'"'s preference changes back from said WSP to said browser via HTTP response header for the user'"'"'s response. - View Dependent Claims (9, 10, 11)
-
-
12. An apparatus for propagating a user'"'"'s privacy preferences from Web service to Web browser, comprising:
-
at least one Web site;
at least one client, said at least one client and said at least one Web site being communicatively coupled to each other via the Internet;
wherein a number of users registered with said Web service providers through said at least one client, each of the users having a single set of privacy preferences;
wherein when a user signs up a Web service provider (WSP) via a browser without P3P private preferences, said WSP returns a set of default privacy preferences to said browser;
wherein the user modifies the default privacy preferences;
wherein said WSP returns the modified privacy preferences to said browser as HTTP response; and
wherein said browser updates with the modified privacy preferences. - View Dependent Claims (13)
-
-
14. An apparatus for propagating a user'"'"'s privacy preferences from a Web browser to Web services, comprising:
-
at least one Web site;
at least one client, said at least one client and said at least one Web site being communicatively coupled to each other via the Internet;
wherein a number of users registered with said Web service providers through said at least one client, each of the users having a single set of privacy preferences;
wherein when a user signs up a Web service provider (WSP) via a browser with P3P private preferences, said privacy preferences are copied to said WSP;
wherein said browser records the URL of each Web site which receives a copy of said privacy preferences;
wherein when said privacy preferences are modified in said browser, said browser propagates the modified privacy preferences to each Web site whose URL is recorded in said browser. - View Dependent Claims (15)
-
-
16. An apparatus for enforcing a user'"'"'s privacy preferences at Web services based on a service requester'"'"'s P3P policies, comprising:
-
at least two Web sites;
at least one client, said at least one client and said at least two Web sites being communicatively coupled to each other via the Internet;
wherein a number of users registered with said Web service providers through said at least one client, each of the users having a single set of privacy preferences;
wherein when a user accesses a Web service consumer site (WSC) which in turn sends a service request to a Web service provider (WSP), said WSP classifies the user'"'"'s data in terms of P3P categories;
wherein said WSP updates its cache of said WSC'"'"'s P3P policies when necessary;
wherein said WSP identifies said WSC'"'"'s P3P policies based on the data included in the service request and evaluates the user'"'"'s preferences against said WSC'"'"'s P3P policies;
wherein if said WSC'"'"'s P3P policies exclude the user'"'"'s privacy preferences, then said WSP prompts the user directly or indirectly via said WSC for permission and sends the user'"'"'s preference changes back to said browser via HTTP response header for the user'"'"'s response. - View Dependent Claims (17, 18, 19)
-
Specification