Method and system for user-determined attribute storage in a federated environment
First Claim
1. A method for managing user attribute information within a data processing system, the method comprising:
- receiving a request message at an attribute information provider from a service provider that is attempting to retrieve user attribute information for a user, wherein the request message identifies one or more requested user attributes, wherein the attribute information provider is a service provider that maintains user attribute information for the user; and
requesting user input by the attribute information provider prior to sending a response message from the attribute information provider to the service provider, wherein the user input comprises a value that indicates a retrieval condition on subsequent requests while retrieving user attribute information for the user.
4 Assignments
0 Petitions
Accused Products
Abstract
A system is presented for facilitating management of user attribute information at one or more attribute information providers (AIPs), which can manage the user'"'"'s attribute information in accordance with user-selected or administratively-determined options, including options that are stored in attribute release policies and/or dynamically determined during a transaction. E-commerce service providers (ECSPs), such as online banks or merchants, also maintain a relationship with an AIP such that the ECSP can trust the user attribute information that is provided by the AIP on behalf of the user. The user can complete transactions that require user attribute information at any ECSP without having to have previously established a relationship with that particular ECSP. If the ECSP has a relationship with one of the user'"'"'s AIPS, then the user will be able to direct the ECSP to an AIP when the ECSP needs user attribute information to complete a transaction for the user.
47 Citations
72 Claims
-
1. A method for managing user attribute information within a data processing system, the method comprising:
-
receiving a request message at an attribute information provider from a service provider that is attempting to retrieve user attribute information for a user, wherein the request message identifies one or more requested user attributes, wherein the attribute information provider is a service provider that maintains user attribute information for the user; and
requesting user input by the attribute information provider prior to sending a response message from the attribute information provider to the service provider, wherein the user input comprises a value that indicates a retrieval condition on subsequent requests while retrieving user attribute information for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for managing user attribute information within a data processing system, the method comprising:
-
receiving from a user a request for a resource at a service provider;
determining a set of one or more attribute information providers that are associated with the user, wherein an attribute information provider is a service provider that maintains user attribute information for the user;
sending a request message to a first attribute information provider in the set of one or more attribute information providers in order to retrieve user attribute information for the user;
receiving a response message from the first attribute information provider; and
determining that the response message comprises a control flag from the first attribute information provider, wherein the control flag indicates a retrieval condition on subsequent requests from the service provider to attribute information providers while retrieving user attribute information for the user. - View Dependent Claims (14, 15, 16)
-
-
17. A data processing system for managing user attribute information, the data processing system comprising:
-
means for receiving a request message at an attribute information provider from a service provider that is attempting to retrieve user attribute information for a user, wherein the request message identifies one or more requested user attributes, wherein the attribute information provider is a service provider that maintains user attribute information for the user; and
means for requesting user input by the attribute information provider prior to sending a response message from the attribute information provider to the service provider, wherein the user input comprises a value that indicates a retrieval condition on subsequent requests while retrieving user attribute information for the user. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A data processing system for managing user attribute information, the data processing system comprising:
-
means for receiving from a user a request for a resource at a service provider;
means for determining a set of one or more attribute information providers that are associated with the user, wherein an attribute information provider is a service provider that maintains user attribute information for the user;
means for sending a request message to a first attribute information provider in the set of one or more attribute information providers in order to retrieve user attribute information for the user;
means for receiving a response message from the first attribute information provider; and
means for determining that the response message comprises a control flag from the first attribute information provider, wherein the control flag indicates a retrieval condition on subsequent requests from the service provider to attribute information providers while retrieving user attribute information for the user. - View Dependent Claims (30, 31, 32)
-
-
33. A computer program product in a computer readable medium for managing user attribute information in a data processing system, the computer program product comprising:
-
means for receiving a request message at an attribute information provider from a service provider that is attempting to retrieve user attribute information for a user, wherein the request message identifies one or more requested user attributes, wherein the attribute information provider is a service provider that maintains user attribute information for the user; and
means for requesting user input by the attribute information provider prior to sending a response message from the attribute information provider to the service provider, wherein the user input comprises a value that indicates a retrieval condition on subsequent requests while retrieving user attribute information for the user. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. A computer program product in a computer readable medium for managing user attribute information in a data processing system, the computer program product comprising:
-
means for receiving from a user a request for a resource at a service provider;
means for determining a set of one or more attribute information providers that are associated with the user, wherein an attribute information provider is a service provider that maintains user attribute information for the user;
means for sending a request message to a first attribute information provider in the set of one or more attribute information providers in order to retrieve user attribute information for the user;
means for receiving a response message from the first attribute information provider; and
means for determining that the response message comprises a control flag from the first attribute information provider, wherein the control flag indicates a retrieval condition on subsequent requests from the service provider to attribute information providers while retrieving user attribute information for the user. - View Dependent Claims (46, 47, 48)
-
-
49. A method for managing user information within a data processing system, the method comprising:
-
receiving from a client a request for a resource at a service provider;
in response to a determination that the service provider does not have a set of one or more identifiers of attribute information providers that was previously associated with the client or a user of the client;
selecting a set of one or more identifiers of attribute information providers, wherein each of the attribute information providers is a service provider that maintains user attribute information for the user; and
sending an attribute information retrieval request message to a user-specified attribute information provider from the service provider. - View Dependent Claims (50, 51, 52, 53, 54, 55, 56)
-
-
57. An apparatus for managing user information, the apparatus comprising:
-
means for receiving from a client a request for a resource at a service provider;
means for selecting a set of one or more identifiers of attribute information providers in response to a determination that the service provider does not have a set of one or more identifiers of attribute information providers that was previously associated with the client or a user of the client, wherein each of the attribute information providers is a service provider that maintains user attribute information for the user; and
means for sending an attribute information retrieval request message to a user-specified attribute information provider from the service provider. - View Dependent Claims (58, 59, 60, 61, 62, 63, 64)
-
-
65. A computer program product in a computer readable medium for managing user information in a data processing system, the computer program product comprising:
-
means for receiving from a client a request for a resource at a service provider;
means for selecting a set of one or more identifiers of attribute information providers in response to a determination that the service provider does not have a set of one or more identifiers of attribute information providers that was previously associated with the client or a user of the client, wherein each of the attribute information providers is a service provider that maintains user attribute information for the user; and
means for sending an attribute information retrieval request message to a user-specified attribute information provider from the service provider. - View Dependent Claims (66, 67, 68, 69, 70, 71, 72)
-
Specification