USER AGENT TO EXERCISE PRIVACY CONTROL MANAGEMENT IN A USER-CENTRIC IDENTITY MANAGEMENT SYSTEM
First Claim
1. In a combination including an identity manager and a user agent system, the combination for use in an environment including at least one security policy having requirements and at least one privacy policy, the identity manager configured to manage a plurality of user identities and to determine whether any user identity satisfies the security policy requirements, the user agent system comprising:
- storage including at least one privacy preference relative to at least one user identity;
an editor means, responsive to user selections indicating at least one preference-related input relating to at least one user identity, for generating at least one privacy preference using the user selections;
means for supplying the at least one generated privacy preference to the storage for storage therein; and
an engine means, operatively connected to the storage, for evaluating at least one privacy preference against a privacy policy obtained from the environment.
3 Assignments
0 Petitions
Accused Products
Abstract
A client-side user agent operates in conjunction with an identity selector to institute and exercise privacy control management over user identities managed by the identity selector. The user agent includes the combination of a privacy enforcement engine, a storage of rulesets expressing user privacy preferences, and a preference editor. The editor enables the user to direct the composition of privacy preferences relative to user identities. The preferences can be applied to individual cards and to categorized groups of attributes. The engine evaluates the proper rulesets against the privacy policy of a service provider. The privacy preferences used by the engine are determined on the basis of specifications in a security policy indicating the attribute requirements for claims that purport to satisfy the security policy.
108 Citations
20 Claims
-
1. In a combination including an identity manager and a user agent system, the combination for use in an environment including at least one security policy having requirements and at least one privacy policy, the identity manager configured to manage a plurality of user identities and to determine whether any user identity satisfies the security policy requirements, the user agent system comprising:
-
storage including at least one privacy preference relative to at least one user identity; an editor means, responsive to user selections indicating at least one preference-related input relating to at least one user identity, for generating at least one privacy preference using the user selections; means for supplying the at least one generated privacy preference to the storage for storage therein; and an engine means, operatively connected to the storage, for evaluating at least one privacy preference against a privacy policy obtained from the environment. - View Dependent Claims (2, 3, 4, 5)
-
-
6. In a combination including an identity manager and a user agent, the combination for use in an environment including at least one security policy having requirements and at least one privacy policy, the identity manager configured to manage a plurality of user identities and to determine whether any user identity satisfies the security policy requirements, a method, comprising:
-
the user agent providing at least one privacy preference relative to at least one user identity; the user agent receiving user selections indicating at least one privacy preference-related input pertaining to at least one user identity; the user agent generating at least one privacy preference, using the user selections; the user agent furnishing the at least one generated privacy preference to the providing step; and the user agent evaluating at least one privacy preference against a privacy policy obtained from the environment. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. In a user environment including an identity manager and a user agent system, the user environment for use in an operating environment including at least one security policy having requirements and at least one privacy policy, the identity manager configured to manage a plurality of user identities and to determine whether any user identity satisfies the security policy requirements, a computer-readable medium having computer-executable instructions for execution by a processor, that, when executed, cause the processor to:
-
provide, via the user agent, at least one privacy preference relative to at least one user identity; receive, via the user agent, user selections indicating at least one privacy preference-related input pertaining to at least one user identity; generate, via the user agent, at least one privacy preference, using the user selections; furnish, via the user agent, the at least one generated privacy preference to the provide operation; and evaluate, via the user agent, at least one privacy preference against a privacy policy obtained from the environment. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification