Secure Data Aggregation While Maintaining Privacy

US 20100083358A1
Filed: 01/12/2009
Published: 04/01/2010
Est. Priority Date: 09/29/2008
Status: Abandoned Application

First Claim

Patent Images

1. A computer implemented method of securely aggregating and managing user related data in an online environment while maintaining privacy of a user, comprising the steps of:

providing access credentials at a client device for each of a plurality of data sources by said user;

transforming said access credentials to an unreadable format at said client device using a public key transmitted by a web server;

storing said transformed access credentials in said unreadable format locally on the client device;

communicating said stored access credentials to said web server by a communicating software agent provided on the client device;

transforming said communicated access credentials from the unreadable format to a readable format at the web server using a private key generated in the web server; and

retrieving said user related data from said data sources by the web server by accessing the data sources using the access credentials in said readable format;

whereby said transformation of the access credentials to the unreadable format and local storage of the access credentials on the client device enhances security and privacy of the user related data during said aggregation and said management of the user related data in said online environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein is a computer implemented method and system that securely aggregates and manages user related data in an online environment while maintaining privacy of a user. The user provides access credentials at a client device for each of multiple data sources. The access credentials are transformed to an unreadable format at the client device using a public key transmitted by a web server. The transformed access credentials in the unreadable format are stored locally on the client device. A communicating software agent on the client device communicates the stored access credentials to the web server. The web server transforms the communicated access credentials to a readable format using a private key and retrieves the user related data by accessing the data sources using the access credentials in the readable format. The web server presents the retrieved user related data to the user in one or more presentation modes.

80 Citations

View as Search Results

25 Claims

1. A computer implemented method of securely aggregating and managing user related data in an online environment while maintaining privacy of a user, comprising the steps of:
- providing access credentials at a client device for each of a plurality of data sources by said user;
  
  transforming said access credentials to an unreadable format at said client device using a public key transmitted by a web server;
  
  storing said transformed access credentials in said unreadable format locally on the client device;
  
  communicating said stored access credentials to said web server by a communicating software agent provided on the client device;
  
  transforming said communicated access credentials from the unreadable format to a readable format at the web server using a private key generated in the web server; and
  
  retrieving said user related data from said data sources by the web server by accessing the data sources using the access credentials in said readable format;
  
  whereby said transformation of the access credentials to the unreadable format and local storage of the access credentials on the client device enhances security and privacy of the user related data during said aggregation and said management of the user related data in said online environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer implemented method of claim 1, further comprising the step of presenting said retrieved user related data to the user in one or more of a plurality of presentation modes in the online environment on receiving a command from the user.
  - 3. The computer implemented method of claim 2, wherein said one or more presentation modes are one or more of summaries of the user related data, graphical representations of the user related data, user related advice based on the user related data, and notifications related to the user related data.
  - 4. The computer implemented method of claim 1, further comprising the step of registering the user in the online environment, wherein the user provides the access credentials after said registration.
  - 5. The computer implemented method of claim 1, further comprising the step of generating an asymmetric key pair unique to the user by the web server prior to said provision of the access credentials by the user, wherein said asymmetric key pair comprises said public key and said private key.
  - 6. The computer implemented method of claim 1, wherein the transformation of the access credentials to the unreadable format comprises encryption of the access credentials using said transmitted public key.
  - 7. The computer implemented method of claim 1, wherein said transformation of the communicated access credentials from the unreadable format to the readable format comprises decryption of the communicated access credentials using said generated private key.
  - 8. The computer implemented method of claim 1, further comprising the step of sanitizing said retrieved user related data to obtain a predefined canonical format and storing the retrieved user related data on the web server, wherein said sanitization comprises stripping the retrieved user related data of sensitive information.
  - 9. The computer implemented method of claim 8, further comprising the step of encrypting said sanitized user related data prior to said storage.
  - 10. The computer implemented method of claim 1, further comprising the step of scheduling automatic communication of the stored access credentials to the web server at predefined intervals of time specified by the user using said communicating software agent on the client device.
  - 11. The computer implemented method of claim 1, further comprising the step of performing transactions with the data sources in the online environment on receiving a transaction command from the user.
  - 12. The computer implemented method of claim 1, further comprising a step of notifying the user if said retrieval of the user related data fails.

13. A computer implemented method of securely aggregating and managing user related data in an online environment while maintaining privacy of a user, comprising the steps of:
- generating an asymmetric key pair unique to said user by a web server, wherein said asymmetric key pair comprises a public key and a private key;
  
  providing access credentials at a client device for each of a plurality of data sources by the user;
  
  encrypting said access credentials at said client device using said public key transmitted by said web server;
  
  storing said encrypted access credentials locally on the client device;
  
  communicating said stored access credentials to the web server by a communicating software agent provided on the client device;
  
  decrypting said communicated access credentials at the web server using said private key generated by the web server; and
  
  retrieving said user related data from said data sources by the web server by accessing the data sources using said decrypted access credentials;
  
  whereby said encryption and local storage of the access credentials on the client device enhances security and privacy of the user related data during said aggregation and said management of the user related data in said online environment.

14. A computer implemented system for securely aggregating and managing user related data in an online environment while maintaining privacy of a user, comprising:
- a client device comprising;
  
  a client side transformation module for transforming access credentials provided by said user to an unreadable format using a public key transmitted by a web server;
  
  a local storage module for locally storing said transformed access credentials in said unreadable format; and
  
  a communicating software agent for communicating said stored access credentials to said web server;
  
  the web server comprising;
  
  a server side transformation module for transforming said communicated access credentials from the unreadable format to a readable format using a private key; and
  
  a data retrieval module for retrieving said user related data from said data sources by accessing the data sources using the access credentials in said readable format.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The computer implemented system of claim 14, wherein said web server further comprises a registration module for registering the user in said online environment.
  - 16. The computer implemented system of claim 14, wherein said web server further comprises a key generation module for generating an asymmetric key pair unique to the user, wherein said asymmetric key pair comprises said public key and said private key.
  - 17. The computer implemented system of claim 14, wherein said client side transformation module transforms the access credentials to the unreadable format by encrypting the access credentials using said transmitted public key.
  - 18. The computer implemented system of claim 14, wherein said server side transformation module transforms the access credentials to the readable format by decrypting the access credentials using said private key.
  - 19. The computer implemented system of claim 14, wherein said communicating software agent comprises a scheduling engine for scheduling automatic communication of the stored access credentials to the web server at predefined intervals of time specified by the user.
  - 20. The computer implemented system of claim 14, wherein said web server further comprises a presentation module for presenting said retrieved user related data to the user in one or more of a plurality of presentation modes in said online environment on receiving a command from the user, wherein said one or more presentation modes are one or more of summaries of the user related data, graphical representations of the user related data, user related advice based on the user related data, and notifications related to the user related data.
  - 21. The computer implemented system of claim 14, wherein said web server further comprises a data sanitization module for sanitizing the retrieved user related data to obtain a predefined canonical format, wherein said data sanitization module strips the retrieved user related data of sensitive information.
  - 22. The computer implemented system of claim 14, wherein said web server further comprises a database for storing the retrieved user related data and sanitized user related data on the web server.
  - 23. The computer implemented system of claim 14, wherein said web server further comprises a transaction module for performing transactions with the data sources in said online environment on receiving a transaction command from the user.
  - 24. The computer implemented system of claim 14, wherein said web server further comprises a notification module for notifying the user if said retrieval of the user related data fails.

25. A computer program product comprising computer executable instructions embodied in a computer-readable medium, wherein said computer program product comprises:
- a first computer parsable program code for generating an asymmetric key pair unique to a user, wherein said asymmetric key pair comprises said public key and a private key;
  
  a second computer parsable program code for enabling said user to provide access credentials at a client device for each of a plurality of data sources;
  
  a third computer parsable program code for transforming said access credentials to an unreadable format at said client device using said public key transmitted by a web server;
  
  a fourth computer parsable program code for storing the transformed access credentials locally on the client device of the user;
  
  a fifth computer parsable program code for communicating said stored access credentials to the web server;
  
  a sixth computer parsable program code for transforming said communicated access credentials from said unreadable format to a readable format at the web server using said private key;
  
  a seventh computer parsable program code for retrieving user related data from said data sources by accessing the data sources using the access credentials in said readable format; and
  
  an eighth computer parsable program code for presenting said retrieved user related data to the user in one or more of a plurality of presentation modes in said online environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Perfios Software Solutions Pvt Ltd.
Original Assignee
Perfios Software Solutions Pvt Ltd.
Inventors
Chakraborty, Debasish, Govindarajan, Velamur Rangachari, Santhosh, Kunnath

Application Number

US12/351,861
Publication Number

US 20100083358A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/33   using certificates

G06F 21/41   where a single sign-on prov...

G06F 21/6263   during internet communicati...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/88   Medical equipments

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 9/32   including means for verifyi...

Secure Data Aggregation While Maintaining Privacy

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

80 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Data Aggregation While Maintaining Privacy

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links