System, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce
First Claim
1. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:
- a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;
b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;
c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;
d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria; and
e. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more users associated with the respective user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, method, service method, and program product for defining and/or managing entitlements and/or authentication entitlements to resources in a computer networking environment is disclosed. Upon receiving one or more dynamic events, the invention verifies one or more users (a selected user) has (entitlement) attributes that satisfy one or more access criteria to access one or more resources. The invention then permits and/or provides access to one or more resources for the selected user over one or more networks without revealing the identity of the selected user to the resource provider.
24 Citations
36 Claims
-
1. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:
-
a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;
b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;
c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;
d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria; and
e. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more users associated with the respective user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user. - View Dependent Claims (12)
-
-
2. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:
-
a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;
b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;
c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;
d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria;
e. one or more tracking data structures that associate one or more users with resource use information; and
f. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more of the users associated with the user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user and providing the resource use information to the tracking data structure. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 13)
-
-
14. A method of providing access to a resource to one or more users over one or more networks, the method comprising the steps of:
-
a. receiving one or more dynamic events;
b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources, the user attributes being other than a user identity; and
c. granting the selected user permission to access the resource without disclosing the identity of the selected user.
-
-
15. A method of providing access to a resource to one or more users over one or more networks, the method comprising the steps of:
-
a. receiving one or more dynamic events;
b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to one or more resources;
c. granting the selected user permission to access the resource without disclosing the identity of the selected user to a resource provider; and
d. causing the resource provider to provide one or more of the resources to the user without disclosing the identity of the user to the resource provider. - View Dependent Claims (16, 17, 18)
-
-
19. A system for providing access to an resource to one or more users over one or more networks, the system comprising:
-
a. means for receiving one or more dynamic events;
b. means for verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
c. means for granting the selected user permission to access the resource without disclosing the identity of the selected user.
-
-
20. A service method to provide access to an resource for one or more users over one or more networks, the service method comprising the steps of:
-
a. receiving one or more dynamic events;
b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
c. granting the selected user permission to access the resource without disclosing the identity of the selected user.
-
-
21. A computer program product being a memory medium storing a computer process having the steps of:
-
a. receiving one or more dynamic events;
b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
c. providing the selected user permission to access the resource without receiving the identity of the selected user.
-
-
22. A computer program product being a memory medium storing a computer process having the steps of:
-
a. receiving one or more dynamic events;
b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to one or more of the resources;
c. providing the selected user permission to access the resource without receiving the identity of the selected user; and
d. tracking the use of one or more of the resources. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification