User-centric consent management system and method
First Claim
1. A method of managing access by a client to user-specific information maintained in connection with a plurality of services offered by a web-services provider and used by a user of said plurality of services, the method comprising:
- maintaining a plurality of items user-specific information in more than one of the plurality of services;
obtaining a plurality of client access requests directed to accessing the plurality of items of user-specific information maintained in the more than one of the plurality of services, said plurality of access requests being translated from a task request that requires the client to access the plurality of items of user-specific information in order to complete the task request;
invoking a consent management system if the client lacks consent to access one of the plurality of items of user-specific information required by the client to complete the task request, said consent management system selectively obtaining consent for the client to access the one of the plurality of items of user-specific information for which the client lacked consent to access; and
filling the plurality of client access requests if the client has permission to access each of the plurality of items of user-specific information in the more than one of the plurality of services.
1 Assignment
0 Petitions
Accused Products
Abstract
In a network computing environment, a user-centric system and method for controlling access to user-specific information maintained in association with a web-services service. When a web-services client desires access to the user-specific information, the client sends a request. The request identifies the reasons/intentions for accessing the desired information. The request is compared to the user'"'"'s existing access permissions. If there is no existing access permission, the request is compared to the user'"'"'s default preferences. If the default preferences permit the requested access, an access rule is created dynamically and the client'"'"'s request is filled, without interrupting the user. If the default preferences do not permit the request to be filled, a consent user interface may be invoked. The consent user interface presents one or more consent options to a party with authority to grant consent, thereby permitting the user to control whether the client'"'"'s access will be filled.
146 Citations
17 Claims
-
1. A method of managing access by a client to user-specific information maintained in connection with a plurality of services offered by a web-services provider and used by a user of said plurality of services, the method comprising:
-
maintaining a plurality of items user-specific information in more than one of the plurality of services;
obtaining a plurality of client access requests directed to accessing the plurality of items of user-specific information maintained in the more than one of the plurality of services, said plurality of access requests being translated from a task request that requires the client to access the plurality of items of user-specific information in order to complete the task request;
invoking a consent management system if the client lacks consent to access one of the plurality of items of user-specific information required by the client to complete the task request, said consent management system selectively obtaining consent for the client to access the one of the plurality of items of user-specific information for which the client lacked consent to access; and
filling the plurality of client access requests if the client has permission to access each of the plurality of items of user-specific information in the more than one of the plurality of services. - View Dependent Claims (2, 3)
-
-
4. A system for controlling access to user-specific information in a network computing environment, the system comprising:
-
a web-services provider providing a service;
a user of the service, the web-services provider maintaining an item of user-specific information associated with the user in a data store associated with the service;
a client of the web-services provider, said client operatively communicating with the user and seeking access to the item of user-specific information;
an access control list associated with the item of user-specific information, said access control list indicating whether consent exists to allow the client to access the item of user-specific information; and
a consent management system for controlling an update of the access control list, said consent management system initiating a consent transaction with a party having authority to grant consent to update the access control list when the access control list indicates that consent does not exist to allow the client to access the item of user-specific information. - View Dependent Claims (5, 6, 7, 8, 9, 10)
-
-
11. A system for controlling access to user-specific information in a network computing environment, said system comprising:
-
a user transmitting a task request;
a web-services provider providing a first service and a second service, said web-services provider maintaining a first of item of user-specific information associated with the user in connection with the first service and a second item of user-specific information associated with the user in connection with the second service, said first and second services requiring consent before allowing access to the first and second items of user-specific information;
a client in digital communication with the user and receiving the task request, said client translating the task request into a first access request and a second access request, said first access request being directed to the first service and seeking access to the first item of user-specific information and said second access request being directed to the second service and seeking access to the second item of user-specific information; and
a consent management system being selectively invoked by the client if the client lacks consent to access the first item of user-specific information, said consent management system identifying a party with authority to grant consent to the client to access the first item of user-specific information and initiating a consent request transaction with the party with authority to grant consent to the client to access the first item of user-specific information, said consent request transaction inviting the party with authority to grant consent to allow the client to access the first item of user-specific information. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification