METHODS AND APPARATUS RELATED TO TRANSMISSION OF CONFIDENTIAL INFORMATION TO A RELYING ENTITY

US 20100122315A1
Filed: 11/10/2008
Published: 05/13/2010
Est. Priority Date: 11/10/2008
Status: Active Grant

First Claim

Patent Images

1. A processor-readable medium storing code representing instructions that when executed by a processor cause the processor to:

define a domain of confidential information associated with a subject entity based on a confidential information category selected from a plurality of confidential information categories by a relying entity;

provide to the relying entity a set of predefined queries associated with the domain of confidential information; and

define at least a portion of a request for confidential information from the domain of confidential information based on at least one predefined query selected from the set of predefined queries by the relying entity.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method includes defining a request for confidential information from a domain of confidential information based on an input from a relying entity. The domain of confidential information can be associated with a subject entity. A response to the request can be defined at an information provider. The method can also include sending the response to the relying entity when the response has been approved by the subject entity.

53 Citations

View as Search Results

35 Claims

1. A processor-readable medium storing code representing instructions that when executed by a processor cause the processor to:
- define a domain of confidential information associated with a subject entity based on a confidential information category selected from a plurality of confidential information categories by a relying entity;
  
  provide to the relying entity a set of predefined queries associated with the domain of confidential information; and
  
  define at least a portion of a request for confidential information from the domain of confidential information based on at least one predefined query selected from the set of predefined queries by the relying entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The processor-readable medium of claim 1, wherein at least a portion of the plurality of confidential information categories are hierarchically related.
  - 3. The processor-readable medium of claim 1, wherein the at least one predefined query includes a first predefined query associated with a first privacy level, the request is defined based on a second predefined query associated with a second privacy level different than the first privacy level.
  - 4. The processor-readable medium of claim 1, further storing code representing instructions that when executed by a processor cause the processor to:
    - define a response to the request based on a preference defined by the subject entity.
  - 5. The processor-readable medium of claim 1, further storing code representing instructions that when executed by a processor cause the processor to:
    - define a response to the request; and
      
      send the response to the request to the subject entity; and
      
      receive approval of the response from the subject entity.
  - 6. The processor-readable medium of claim 1, further storing code representing instructions that when executed by a processor cause the processor to:
    - define a response to the request; and
      
      send the response to the request to the subject entity; and
      
      trigger a negotiation of the response based on at least a portion of the response being disapproved by the subject entity.
  - 7. The processor-readable medium of claim 1, wherein at least a portion of the domain of confidential information has been updated based on an update policy defined by the subject entity.
  - 8. The processor-readable medium of claim 1, wherein the at least one predefined query is associated with a privacy level,the processor-readable medium further storing code representing instructions that when executed by a processor cause the processor to:
    - define a response to the request based on a comparison of the privacy level with a privacy level threshold defined by the subject entity.
  - 9. The processor-readable medium of claim 1, further storing code representing instructions that when executed by a processor cause the processor to:
    - receive a response to the request from the subject entity; and
      
      send at least a portion of the confidential information from the domain of confidential information to the relying entity based on the response.
  - 10. The processor-readable medium of claim 1, wherein the set of predefined queries is selected from a plurality of predefined queries based on at least one of a trust-level value or an entity-type value associated with the relying entity.
  - 11. The processor-readable medium of claim 1, further storing code representing instructions that when executed by a processor cause the processor to:
    - authenticate an identity of the subject entity; and
      
      authenticate an identity of the relying entity.
  - 12. The processor-readable medium of claim 1, wherein the request is defined based on a customized query defined by the relying entity.
  - 13. The processor-readable medium of claim 1, wherein the confidential information includes at least one of financial information, medical information, or personal information.

14. A method, comprising:
- receiving a trust-level value and an entity-type value associated with a relying entity;
  
  determining, based on the trust-level value and the entity-type value, that the relying entity has authorization to request confidential information from a domain of confidential information, the domain of confidential information being associated with a subject entity; and
  
  defining at least a portion of a request for the confidential information based on a predefined query selected by the relying entity from a set of predefined queries, the set of predefined queries being related to the domain of confidential information.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 15. The method of claim 14, wherein the predefined query is included in the set of predefined queries based on content included in the domain of confidential information.
  - 16. The method of claim 14, further comprising:
    - sending the request to the subject entity; and
      
      receiving an indicator from the subject entity that the predefined query has been denied.
  - 17. The method of claim 14, wherein the predefined query is a first predefined query, the defining includes defining the request based on a second predefined query selected by the relying entity from the set of predefined queries,the method further comprising:
    - receiving an indicator from the subject entity that the second predefined query has been denied; and
      
      sending to the relying entity a response to the first predefined query based on the confidential information.
  - 18. The method of claim 14, wherein the predefined query is a first predefined query, the defining includes defining the request based on a second predefined query selected by the relying entity from the set of predefined queries, the second predefined query is associated with the domain of confidential information.
  - 19. The method of claim 14, further comprising:
    - sending the request to the subject entity; and
      
      sending an indicator to the relying entity in response to the predefined query being denied by the subject entity.
  - 20. The method of claim 14, wherein the determining includes determining based on a confidential information category selected by the relying entity.
  - 21. The method of claim 14, wherein each predefined query from the set of predefined queries is ordered based on a privacy level.
  - 22. The method of claim 14, wherein the defining is based on an identity of the subject entity.
  - 23. The method of claim 14, wherein the set of predefined queries are included in a request template.

24. A method, comprising:
- receiving a response policy from a subject entity;
  
  providing a plurality of predefined queries associated with a domain of confidential information to a relying entity based on the response policy, the domain of confidential information being associated with the subject entity; and
  
  defining at least a portion of a request for confidential information from the domain of confidential information based on a predefined query when the predefined query is selected from the plurality of predefined queries by the relying entity.
- View Dependent Claims (25, 26)
- - 25. The method of claim 24, further comprising:
    - triggering an information provider to send at least a portion of the confidential information from the domain of confidential information, the information provider being selected by the subject entity.
  - 26. The method of claim 24, wherein the providing includes providing based on at least one of a trust-level value or an entity-type value associated with the relying entity.

27. A method, comprising:
- defining a request for confidential information from a domain of confidential information based on an input from a relying entity, the domain of confidential information being associated with a subject entity;
  
  defining a response to the request at an information provider; and
  
  sending the response to the relying entity when the response has been approved by the subject entity.
- View Dependent Claims (28, 29, 30, 31)
- - 28. The method of claim 27, further comprising:
    - receiving an indicator that the subject entity has disapproved of at least a portion of the response; and
      
      modifying the response in response to the indicator.
  - 29. The method of claim 27, wherein the domain of confidential information is defined based on a selection by the relying entity.
  - 30. The method of claim 27, wherein the response is a first response,the method further comprising:
    - receiving an update policy defined by the subject entity;
      
      sending an update request to at least one of the subject entity or the relying party based on the update policy;
      
      receiving a second response different from the first response in response to the update policy; and
      
      modifying at least a portion of the domain of confidential information based on the second response.
  - 31. The method of claim 27, wherein the response is a first response,the method further comprising:
    - receiving an update policy defined by the subject entity; and
      
      sending to a subject entity a request for authorization to transmit an update request to the relying party based on the update policy.

32. A method, comprising:
- defining a proposed response to a predefined query selected by a relying entity, the proposed response being defined based on confidential information associated with an individual;
  
  authenticating an identity of the individual; and
  
  sending the proposed response to the relying entity in response to the proposed response being approved by the individual and based on the authenticating.
- View Dependent Claims (33, 34, 35)
- - 33. The method of claim 32, wherein the proposed response is defined based on a response policy associated with the individual.
  - 34. The method of claim 32, wherein the authenticating includes authenticating based on a credential-owner authentication information associated with the individual
  - 35. The method of claim 32, further comprising:
    - authenticating a credential associated with the individual based on credential-issuer validation information associated with the credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jeff Stollman
Original Assignee
Jeff Stollman
Inventors
STOLLMAN, JEFF

Granted Patent

US 8,464,313 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 2221/2145   Inheriting rights or proper...

G06F 2221/2149   Restricted operating enviro...

H04L 63/105   Multiple levels of security

METHODS AND APPARATUS RELATED TO TRANSMISSION OF CONFIDENTIAL INFORMATION TO A RELYING ENTITY

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

53 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND APPARATUS RELATED TO TRANSMISSION OF CONFIDENTIAL INFORMATION TO A RELYING ENTITY

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links