Arrangement and a method relating to protection of end user data
First Claim
1. An arrangement for protection of end user personal profile data in a communication system including a number of end user stations and a number of service/information/content providers or holding means holding end user personal profile data, comprising:
- an intermediate proxy server supporting a first communication protocol for end user station communication;
means for providing published certificates;
a personal profile data protection server supporting a second communication protocol for communication with the intermediary proxy server and a third communication protocol for communication with one of said service/information/content providers, said personal profile data protection server further comprises an application programming interface (API) allowing service/information/content provider queries/interactions, and storing means for storing of end user specific data and end user personal profile data; and
wherein the intermediary proxy server further comprises means for verifying the genuinity of a certificate requested over said second communication protocol from the personal profile protection server against a published certificate and in that the service/information content server can request, via the API, personal profile data and in that personal profile data is delivered according to end user preferences or in such a manner that there is no association between the actual end user and the personal profile data of the end user.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to an arrangement (and a method) for protection of end user personal profile data in a communication system comprising a number of end user stations and a number of service/information/content providers or holding means holding end user personal profile data. It comprises an intermediate proxy server supporting a first communication protocol for end user station communication and comprising means for providing published certificates, a personal profile data protection server supporting a second communication protocol for communication with the intermediary proxy server and a third communication protocol for communication with a service/information/content provider, and an application programming interface (API) allowing service/information/content provider queries/interactions, and comprising storing means for storing of end user specific data and end user personal profile data. The intermediary proxy server comprises means for verifying the genuinity of a certificate requested over said second communication protocol from the personal profile protection server against a published certificate and the service/information/content server can request, via the API, personal profile data and personal profile data is delivered according to end user preferences or in such a manner that there is no association between the actual end user and the personal profile data of the end user.
-
Citations
32 Claims
-
1. An arrangement for protection of end user personal profile data in a communication system including a number of end user stations and a number of service/information/content providers or holding means holding end user personal profile data, comprising:
-
an intermediate proxy server supporting a first communication protocol for end user station communication;
means for providing published certificates;
a personal profile data protection server supporting a second communication protocol for communication with the intermediary proxy server and a third communication protocol for communication with one of said service/information/content providers, said personal profile data protection server further comprises an application programming interface (API) allowing service/information/content provider queries/interactions, and storing means for storing of end user specific data and end user personal profile data; and
wherein the intermediary proxy server further comprises means for verifying the genuinity of a certificate requested over said second communication protocol from the personal profile protection server against a published certificate and in that the service/information content server can request, via the API, personal profile data and in that personal profile data is delivered according to end user preferences or in such a manner that there is no association between the actual end user and the personal profile data of the end user. - View Dependent Claims (2, 5, 7, 8, 9, 11, 12, 13, 14, 15, 16, 17, 20, 21, 22)
-
-
3-4. -4. (canceled)
-
6. (canceled)
-
10. (canceled)
-
18-19. -19. (canceled)
-
23. A method for protection of end user personal profile data in a communication system with a number of end user stations and a number of service/information/content providers, comprising the steps of:
-
registering a certificate for an end user personal profile protection server with a trusted third party, providing a request for the certificate from an intermediary proxy server in communication with an end user station using a first communication protocol, to the protection server over a second communication protocol, providing a response from the protection server to the intermediary server, verifying, in the intermediary proxy server that the certificate is genuine, thereby belonging to the respective protection server and is registered with the trusted third party, after confirmation that the protection server/certificate is genuine, allowing the service provider having acquired the protection server to retrieve end user data and personal profile data according to policy setting and end user privacy level over an Application Programming Interface and a third communication protocol. - View Dependent Claims (24, 25, 29, 30, 31, 32)
-
-
26-28. -28. (canceled)
Specification