System, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce

US 20060041436A1
Filed: 08/17/2004
Published: 02/23/2006
Est. Priority Date: 08/17/2004
Status: Active Grant

First Claim

Patent Images

1. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:

a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;

b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;

c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;

d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria; and

e. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more users associated with the respective user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, service method, and program product for defining and/or managing entitlements and/or authentication entitlements to resources in a computer networking environment is disclosed. Upon receiving one or more dynamic events, the invention verifies one or more users (a selected user) has (entitlement) attributes that satisfy one or more access criteria to access one or more resources. The invention then permits and/or provides access to one or more resources for the selected user over one or more networks without revealing the identity of the selected user to the resource provider.

24 Citations

View as Search Results

36 Claims

1. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:
- a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;
  
  b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;
  
  c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;
  
  d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria; and
  
  e. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more users associated with the respective user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user.
- View Dependent Claims (12)
- - 12. A system, as in claim 11, where the alert alerts one or more selected users.

2. A resource entitlement computer server (RECS) system having one or more network connections, the system further comprising:
- a. one or more resource data structures having one or more resource identifiers associated with one or more resources, the resources capable of being provided by a provider;
  
  b. one or more event data structures having one or more dynamic event identifiers, the dynamic event identifiers each associated with one or more dynamic event attributes;
  
  c. one or more entitlement data structures associating one or more entitlements with one or more entitlement attributes;
  
  d. an access data structure that associates one or more of the dynamic events, one or more user attributes, and one or more of the resources with one or more access criteria;
  
  e. one or more tracking data structures that associate one or more users with resource use information; and
  
  f. an entitlement process that, upon the occurrence of one of the dynamic events, determines whether one or more of the users associated with the user attributes, being selected users, meet the access criteria for the respective resource, the entitlement process further granting the selected users permission to access the resource without disclosing the identity of the selected user and providing the resource use information to the tracking data structure.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 13)
- - 3. A system, as in claim 2, where the dynamic event values include any one or more of the following:
    - a time of day, a date, a duration of use, a level of access of the resource, a level of availability of the resource, an accident, a reported error, a user request, a number of uses, a number of users accessing the resource, and a policy change.
  - 4. A system, as in claim 2, where the system assigns permission to access the resource only if one or more of the dynamic event values and one or more user attributes of the selected user satisfy the access criteria.
  - 5. A system, as in claim 2, where the system grants permission to access the resource only if the access criteria include one or more dynamic events.
  - 6. A system, as in claim 2, where the resource use information includes one or more of the following:
    - a statistic, a resource use statistic, a user attribute statistic, a number of times the permission is granted, a number of times the permission is granted to one of the users, a duration of grant of permission, a number of times the permission is used, a duration of use of the resource, a level of permission being granted, a level of resource being used, a payment amount, a payment method, and one or more attributes of the user.
  - 7. A system, as in claim 2, where there is a charge for the permission.
  - 8. A system, as in claim 7, where the charge is one or more of the following:
    - a charge for a duration of use of the resource, a charge for a number of times of use of the resource, a charge for a level of resource, a charge for a level of user, and a charge related to one or more of the dynamic events.
  - 9. A system, as in claim 2, where the resource is one or more of the following:
    - a product, a corporate resource, a financial account, a database, a information database, a medical database, a corporate database, an employee corporate benefit database, an employee benefit, a computer application, a right to performance, a right to order from a vendor, an advertisement, an order for a product, a discount on a product, a discount on a service, a subscription, a journal, a security credential, a service for a term, a method of accessing a resource, a document, a financial document, a medical document, a medical record, an educational document, an insurance document, a tax document, a service, a financial service, a tax service, a government service, an accounting service, an insurance service, a health service, a real estate service, an educational service, an engineering service, a consulting service, a corporate service to an employee, an interaction with a third party, a reduced price, an order from a vendor, and one or more contract terms.
  - 10. A system, as in claim 2, where the provider is one or more of the following:
    - a third party, a company, a government, an educational institution, a medical institution, an insurance company, a service provider, a marketing company, and an advertising company.
  - 11. A system, as in claim 2, further comprising a reaction enabling system that provides one or more alerts, the alerts being one or more of the resources.
  - 13. A system, as in claim 2, where the selected user is further provided with a temporary identity and authentication that allow the selected user to access the entitled resources without exposing the identity of the selected user to the resource provider.

14. A method of providing access to a resource to one or more users over one or more networks, the method comprising the steps of:
- a. receiving one or more dynamic events;
  
  b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources, the user attributes being other than a user identity; and
  
  c. granting the selected user permission to access the resource without disclosing the identity of the selected user.

15. A method of providing access to a resource to one or more users over one or more networks, the method comprising the steps of:
- a. receiving one or more dynamic events;
  
  b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to one or more resources;
  
  c. granting the selected user permission to access the resource without disclosing the identity of the selected user to a resource provider; and
  
  d. causing the resource provider to provide one or more of the resources to the user without disclosing the identity of the user to the resource provider.
- View Dependent Claims (16, 17, 18)
- - 16. A method, as in claim 15, where the dynamic events include any one or more of the following:
    - a time of day, a date, a duration of use, a level of access of the resource, a level of availability of the resource, an accident, or a reported error, a user request, a number of uses, a number of users accessing the resource, and a policy change.
  - 17. A method, as in claim 15, further comprising the step of tracking the use of the resources by one or more of the selected users.
  - 18. A method, as in claim 17, where the use is tracked by one or more of the following:
    - a statistic, a resource use statistic, a user attribute statistic, a number of times the permission is granted, a number of times the permission is granted to one of the single users, a duration of grant of permission, a number of times the permission is used, a duration of use of the resource, a level of permission of the resource being granted, a level of resource being used, a payment amount, a payment method, and one or more attributes of the user.

19. A system for providing access to an resource to one or more users over one or more networks, the system comprising:
- a. means for receiving one or more dynamic events;
  
  b. means for verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
  
  c. means for granting the selected user permission to access the resource without disclosing the identity of the selected user.

20. A service method to provide access to an resource for one or more users over one or more networks, the service method comprising the steps of:
- a. receiving one or more dynamic events;
  
  b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
  
  c. granting the selected user permission to access the resource without disclosing the identity of the selected user.

21. A computer program product being a memory medium storing a computer process having the steps of:
- a. receiving one or more dynamic events;
  
  b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to access one or more resources; and
  
  c. providing the selected user permission to access the resource without receiving the identity of the selected user.

22. A computer program product being a memory medium storing a computer process having the steps of:
- a. receiving one or more dynamic events;
  
  b. verifying that one or more of the users, being a selected user, has one or more user attributes that satisfy one or more access criteria to one or more of the resources;
  
  c. providing the selected user permission to access the resource without receiving the identity of the selected user; and
  
  d. tracking the use of one or more of the resources.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 23. A product, as in claim 22, where the tracking captures tracking information that is used to do one or more of the following:
    - provide a cost of the resource, provide a discount for a frequency of use of the resource, provide a cost increase for the frequency of use of the resource, provide for a cost that is payment only for resources used, provide a basis to negotiate new contract terms for use of the resource, determine the extent the resource is being used, determine one or more attributes of the selected users, and determine how often the resource is being used.
  - 24. A product, as in claim 22, where a degree of access to the resource is governed by one or more of the following:
    - an attribute of the dynamic event, a level of the resource provided, one or more attributes of the selected user, one or more resource access methods, one or more resource attributes, one or more resource restrictions.
  - 25. A product, as in claim 22, where a provider entity provides the resource and a permission entity provides permission to access the resource.
  - 26. A product, as in claim 25, where the provider entity is one or more of the following:
    - company providing a service, a company providing a product, a government, a university, a medical institution, an insurance company, a financial company, a consultant, a data provider, a medical data provider, a tax preparation firm, a mutual find firm, a publisher, a proxy for the permission entity, and an information provider.
  - 27. A product, as in claim 25, where the permission entity is one or more of the following:
    - an employer, a union, a membership organization, a university, a government, and a corporation.
  - 28. A product, as in claim 25, where the provider entity grants the permission entity a discount for the resources.
  - 29. A product, as in claim 25, where the permission entity gives the selected user one or more access methods to access the resource from the provider entity.
  - 30. A product, as in claim 29, where the access method is one or more of the following:
    - a set of instructions, a temporary credential, and an access number that can be used a limited number of times.
  - 31. A product, as in claim 25, where the permission entity and the provider entity are the same.
  - 32. A product, as in claim 31, where the same permission entity and provider entity have a contractual relationship with one or more companies to provide resources to the selected users through the company.
  - 33. A product, as in claim 25, where the permission entity has one or more contractual relations with the provider entity to provide the resources to the selected user.
  - 34. A product, as in claim 33, where the permission entity provides the resources to the selected user.
  - 35. A product, as in claim 33, where the provider entity provides the resources to the selected user.
  - 36. A product, as in claim 25, where the resource is one or more of the following:
    - a product, a corporate resource, a financial account, a database, a information database, a medical database, a corporate database, an employee corporate benefit database, a journal, an employee benefit, a computer application, a security credential, a service, a right to performance, or a right to order from a vendor, an advertisement, an order for a product, a discount on a product, a discount on a service, a subscription, a service for a term, a method of accessing a resource, a document, a financial document, a medical document, a medical record, an educational document, an insurance document, a tax document, a service, a financial service, a tax service, a government service, an accounting service, an insurance service, a health service, a real estate service, an educational service, a consulting service, an engineering service, a corporate service to an employee, an interaction with a third party, a reduced price, an order from a vendor, and one or more contract terms.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Tresser, Charles Philippe, Touma, Maroun, Brodie, Carolyn Ann, Wolf, Joel, Wolf, Catherine Gody

Granted Patent

US 7,549,054 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06Q 10/10 Office automation; Time man...

System, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

36 Claims

Specification

Use Cases

Quick Links

Others

System, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

36 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others