Reverse Mapping Method and Apparatus for Form Filling
First Claim
Patent Images
1. A method for downloading a user'"'"'s profile in a reverse mapping form fill application without challenging said user with a higher level of authentication, comprising the steps of:
- encrypting said user profile with a user specific symmetric key, stored in a user database; and
storing said encrypted profile on said user'"'"'s system after a first time said user authenticates with a higher-level authentication from said system.
7 Assignments
0 Petitions
Accused Products
Abstract
In the presently preferred embodiment of the invention, every time a user submits a form the client software tries to match the submitted information with the stored profile of that user. If a match is discovered, the program tags the field of the recognized data with a corresponding type. The resulting profile can be used after that to help all subsequent users to fill the same form.
36 Citations
8 Claims
-
1. A method for downloading a user'"'"'s profile in a reverse mapping form fill application without challenging said user with a higher level of authentication, comprising the steps of:
-
encrypting said user profile with a user specific symmetric key, stored in a user database; and storing said encrypted profile on said user'"'"'s system after a first time said user authenticates with a higher-level authentication from said system.
-
-
2. A method for downloading a user'"'"'s profile in a reverse mapping form fill application without challenging said user with a higher level of authentication, comprising the step of:
-
using less than every character from said user profile when downloading said user profile; wherein only a subset of said user profile is potentially revealed, while sufficient confidence is obtained in said user profile to generate a reverse mapping.
-
-
3. A method for maintaining privacy with regard to a user'"'"'s profile in a reverse mapping form fill application, comprising the steps of:
-
generating a large, random number token at a server, said server signing said token with a certificate, and storing said token persistently on said user'"'"'s system a first time said user authenticates with a second level password; flagging said user to prevent issuing of multiple tokens for a same user; wherein the random number used in said token assures that real user identities are not traceable; and wherein communications are identifiable for unique users without knowing an actual identity of said users themselves. - View Dependent Claims (4)
-
-
5. An apparatus for downloading a user'"'"'s profile in a reverse mapping form fill application without challenging said user with a higher level of authentication, comprising:
-
a module for encrypting said user profile with a user specific symmetric key, stored in a user database; and a memory storing said encrypted profile on said user'"'"'s system after a first time said user authenticates with a higher-level authentication from said system.
-
-
6. An apparatus for downloading a user'"'"'s profile in a reverse mapping form fill application without challenging said user with a higher level of authentication, comprising:
-
a module for using less than every character from said user profile when downloading said user profile; wherein only a subset of said user profile is potentially revealed, while sufficient confidence is obtained in said user profile to generate a reverse mapping.
-
-
7. An apparatus for maintaining privacy with regard to a user'"'"'s profile in a reverse mapping form fill application, comprising:
-
a pseudo-random number generator for generating a large, random number token at a server; a module associated with said server for signing said token with a certificate; a memory for storing said token persistently on said user'"'"'s system a first time said user authenticates with a second level password; a module for flagging said user to prevent issuing of multiple tokens for a same user; wherein the random number used in said token assures that real user identities are not traceable; and wherein communications are identifiable for unique users without knowing an actual identity of said users themselves. - View Dependent Claims (8)
-
Specification