System and method for the light-weight management of identity and related information

US 20050124320A1
Filed: 12/08/2004
Published: 06/09/2005
Est. Priority Date: 12/09/2003
Status: Abandoned Application

First Claim

Patent Images

1. An identity management system, comprising:

a first computer, used by a first actor, that connects over a network to a second computer that manages identity information of a second actor;

the first computer further comprising a software component that generates, on behalf of the first actor, a request for identity information about the second actor, the request being communicated to the second computer over the network, the request further comprising the identity of the first actor and a desired format for the identity information of the second actor to be returned in a response to the identity information request;

the second computer further comprising a request handler that receives the identity information request, a data file containing one or more pieces of information about the identity of the second actor and an authorization file containing information about one or more client groups and which actors are members in each client group, wherein membership in the client group is required to access a piece of identity information associated with that client group; and

wherein the information held by the data file and the authorization file changes dynamically during the operation of the system; and

wherein the request handler automatically generates a response, communicated over the network, containing identity information about the second actor in response to the identity information request based on the contents of the data file and of the authorization file at the time of the identity information request, wherein the response further comprises one or more pieces of identity information, in the requested format, about the second actor based on the client groups in which the first actor is a member.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A distributed system and a method is disclosed for managing, and making available electronically, a plurality of evolving identity and other information of a variety of human and non-human actors, for human and machine use. A computer implemented distributed system and method is also disclosed for managing, and making available electronically, a plurality of evolving identity and other information for a variety of human and non-human actors, for human and machine use.

Citations

24 Claims

1. An identity management system, comprising:
- a first computer, used by a first actor, that connects over a network to a second computer that manages identity information of a second actor;
  
  the first computer further comprising a software component that generates, on behalf of the first actor, a request for identity information about the second actor, the request being communicated to the second computer over the network, the request further comprising the identity of the first actor and a desired format for the identity information of the second actor to be returned in a response to the identity information request;
  
  the second computer further comprising a request handler that receives the identity information request, a data file containing one or more pieces of information about the identity of the second actor and an authorization file containing information about one or more client groups and which actors are members in each client group, wherein membership in the client group is required to access a piece of identity information associated with that client group; and
  
  wherein the information held by the data file and the authorization file changes dynamically during the operation of the system; and
  
  wherein the request handler automatically generates a response, communicated over the network, containing identity information about the second actor in response to the identity information request based on the contents of the data file and of the authorization file at the time of the identity information request, wherein the response further comprises one or more pieces of identity information, in the requested format, about the second actor based on the client groups in which the first actor is a member.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 2. The system of claim 1, wherein the second computer further comprises an identity management application that permits the second actor to create, read, and modify the data file and the authorization file of the second actor.
  - 3. The system of claim 1 further comprising an authentication computer further comprising an authentication process and an authentication data file wherein the request handler generates an authentication request that is received by the authentication process and wherein the authentication process, based on the authentication data file, generates an authentication response that is communicated back to the request handler in order to authenticate the first actor that requests the identity information.
  - 4. The system of claim 1, wherein the first actor and a third actor send the same request to the second computer and wherein the response to the first actor is different from the response to the third actor based on the client group memberships of the first actor and third actor.
  - 5. The system of claim 1 further comprising a third party computer wherein the access to any components of the third party computer is managed by the second computer, without requiring the second actor to login in separately.
  - 6. The system of claim 1, wherein the identity information request is submitted through a Uniform Resource Identifier (URI) that is specific to, under the control of and selected by the second actor.
  - 7. The system of claim 6, wherein the URI is a uniform resource locator (URL) at a domain name selected by the second actor and served by a computer selected by the second actor.
  - 8. The system of claim 1, wherein the response uses Extensible Markup Language (XML) format.
  - 9. The system of claim 1, wherein the response uses Hypertext Markup Language (HTML) format.
  - 10. The system of claim 1, where in the response uses a electronic business card (VCard) format.
  - 11. The system of claim 6, wherein the URI is accessible using Hypertext Transfer Protocol (HTTP).
  - 12. The system of claim 1, wherein the identity information request and the response are encrypted and digitally signed.
  - 13. The system of claim 9, wherein the response further comprises a redirect command using the Hypertext Transfer Protocol (HTTP) protocol to a different Uniform Resource Identifier (URI).
  - 14. The system of claim 1, wherein the authorization file is expressed in Extensible Markup Language (XML).
  - 15. The system of claim 1, wherein the data file is expressed in Extensible Markup Language (XML).
  - 16. The system of claim 1, wherein data file and authorization file are dynamically assembled at the time of the request from external information.
  - 17. The system of claim 1 wherein the one or more pieces of identity information of the second actor further comprises one or more of a given name, middle and last name, a telephone number, an e-mail address, an instant messaging handle, a physical address, a Uniform Resource Identifier (URI), a photograph, a birthday, an organization, a title, a role and a public key.
  - 18. The system of claim 1, wherein the identity information comprises identity information of the members of the second actor'"'"'s social network.
  - 19. The system of claim 1, wherein the identity information comprises the second actor'"'"'s credentials for a plurality of 3^rd-party websites and software applications.
  - 20. The system of claim 1, wherein the identity information comprises the second actor'"'"'s location and presence status.
  - 21. The system of claim 1, wherein the identity information request further comprises a query that identifies the one or more pieces of identity information of the second actor requested by the first actor and wherein the response comprises only the one or more pieces of requested identity information.
  - 22. The system of claim 1 further comprising a plurality of second computers wherein each second computer accepts the same format for identity information requests.
  - 23. The system of claim 1 further comprising a special identity request which causes the second computer to respond with a list of identity requests that it can satisfy.
  - 24. The system of claim 21, wherein the query comprised by the identity request is an XML Path Language (XPath) expression.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
R-Objects Incorporated
Original Assignee
R-Objects Incorporated
Inventors
Ernst, Tammy, Ernst, Johannes

Application Number

US11/008,523
Publication Number

US 20050124320A1
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04M 3/4931 Directory assistance systems

H04M 7/006 Networks other than PSTN/IS...

System and method for the light-weight management of identity and related information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for the light-weight management of identity and related information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links