Confidential information access via social networking web site

US 20130179953A1
Filed: 03/31/2012
Published: 07/11/2013
Est. Priority Date: 01/08/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a server computing device for a social networking web site from a user via access of the social networking web site, confidential information regarding the user, the confidential information including information regarding the user that the user does not socially share on the social networking web site;

associating, by the server computing device for the social networking web site, the confidential information regarding the user with a user identifier that uniquely identifies the user on the social networking web site;

associating, by the server computing device for the social networking web site, the confidential information regarding the user with an export group identifier corresponding to a type of the confidential information; and

,associating, by the server computing device for the social networking web site, the export group identifier with a password different from a user password the user employs to gain access to the social networking web site,wherein the export group identifier and the password are adapted to be shared by the user to a third party to permit the third party to access the confidential information through the social networking web site.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server computing device for a social networking web site receives from a user, via access of the web site, confidential information regarding the user, including information that the user does not socially share on the web site. The device associates the confidential information with a user identifier that uniquely identifies the user on the web site, and with an export group identifier corresponding to a type of the confidential information. The device associates the export group identifier with a password different from a user password the user employs to access the web site. The device receives, from a third party, a purported user identifier, a purported export group identifier, and a purported password, which the device validates against the user identifier, the export group identifier, and the password. Where validation is successful, the device permits access to the confidential information by the third party.

9 Citations

View as Search Results

17 Claims

1. A method comprising:
- receiving, by a server computing device for a social networking web site from a user via access of the social networking web site, confidential information regarding the user, the confidential information including information regarding the user that the user does not socially share on the social networking web site;
  
  associating, by the server computing device for the social networking web site, the confidential information regarding the user with a user identifier that uniquely identifies the user on the social networking web site;
  
  associating, by the server computing device for the social networking web site, the confidential information regarding the user with an export group identifier corresponding to a type of the confidential information; and
  
  ,associating, by the server computing device for the social networking web site, the export group identifier with a password different from a user password the user employs to gain access to the social networking web site,wherein the export group identifier and the password are adapted to be shared by the user to a third party to permit the third party to access the confidential information through the social networking web site.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - receiving, by the server computing device for the social networking web site from a third party via access of the social networking web site, a purported user identifier, a purported export group identifier, and a purported password;
      
      validating, by the server computing device for the social networking web site, the purported user identifier, the purported export group identifier, and the purported password against the user identifier, the export group identifier, and the password, respectively; and
      
      ,where validation is successful, permitting, by the server computing device for the social networking web site, access to the confidential information regarding the user by the third party.
  - 3. The method of claim 2, wherein permitting access to the confidential information regarding the user by the third party comprises permitting one of:
    - read-only access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve the confidential information but is not permitted to modify or add to the confidential information;
      
      append-only access to the confidential information regarding the user by the third party, such that the third party is permitted to add to the confidential information but is not permitted to retrieve or modify the confidential information;
      
      read-and-append access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve and add to the confidential information but is not permitted to modify the confidential information;
      
      read-and-change access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve and modify the confidential information but is not permitted to add to the confidential information;
      
      read-append-and-change access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve, add to, and modify the confidential information.
  - 4. The method of claim 2, further comprising:
    - associating, by the server computing device for the social networking web site, the export group identifier with a permissible third party type;
      
      authenticating, by the server computing device for the social networking web site, a type of the third party from which the purported user identifier, the purported export group identifier, and the purported password have been received;
      
      after authenticating the type of the third party, continuing to validate the purported user identifier, the purported export group identifier, and the purported password received from the third party, by the server computing device for the social networking web site only where the type of the third party matches the permissible third party type,such that even where the third party has knowledge of the user identifier, the export group identifier, and the password, the third party cannot gain access to the confidential information regarding the user if the type of the third party does not match the permissible third party type.
  - 5. The method of claim 2, wherein receiving the purported user identifier, the purported export group identifier, and the purported password from the third party comprises receiving a secure transaction that includes a markup language form indicating the confidential information being requested,and wherein permitting access to the confidential information regarding the user by the third party comprises populating the markup language form with the confidential information that has been requested and transmitting the markup language form back to the third party.
  - 6. The method of claim 1, wherein the password is specific just to the export group identifier and not to an identity of the third party.
  - 7. The method of claim 1, wherein the password is specific both to the export group identifier and to an identity of the third party.
  - 8. The method of claim 1, wherein the password has a validity period, such that the password is invalid and does not permit access to the confidential information outside of the validity period.
  - 9. The method of claim 1, wherein the password has a maximum number of uses, such that the password is invalid and does not permit access to the confidential information after the password has been used more than the maximum number of uses.

10. A method comprising:
- receiving, by a server computing device for a social networking web site from a third party via access of the social networking web site, a purported user identifier, a purported export group identifier, and a purported password;
  
  validating, by the server computing device for the social networking web site, the purported user identifier, the purported export group identifier, and the purported password against a user identifier, an export group identifier, and a password, respectively,where confidential information regarding a user, including information regarding the user that the user does not socially share on the social networking web site, is associated with the user identifier and with the export group identifier, and the export group identifier is associated with the password,where the user identifier uniquely identifies the user on the social networking web site, the export group identifier corresponds to a type of the confidential information, and the password is different from a user password that the user employs to gain access to the social networking web site; and
  
  ,where validation is successful, permitting, by the server computing device for the social networking web site, access to the confidential information regarding the user by the third party.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, wherein permitting access to the confidential information regarding the user by the third party comprises permitting one of:
    - read-only access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve the confidential information but is not permitted to modify or add to the confidential information;
      
      append-only access to the confidential information regarding the user by the third party, such that the third party is permitted to add to the confidential information but is not permitted to retrieve or modify the confidential information;
      
      read-and-append access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve and add to the confidential information but is not permitted to modify the confidential information;
      
      read-and-change access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve and modify the confidential information but is not permitted to add to the confidential information;
      
      read-append-and-change access to the confidential information regarding the user by the third party, such that the third party is permitted to retrieve, add to, and modify the confidential information.
  - 12. The method of claim 10, further comprising:
    - authenticating, by the server computing device for the social networking web site, a type of the third party from which the purported user identifier, the purported export group identifier, and the purported password have been received,where the export group identifier is associated with a permissible third party type;
      
      after authenticating the type of the third party, continuing to validate the purported user identifier, the purported export group identifier, and the purported password received from the third party, by the server computing device for the social networking web site only where the type of the third party matches the permissible third party type,such that even where the third party has knowledge of the user identifier, the export group identifier, and the password, the third party cannot gain access to the confidential information regarding the user if the type of the third party does not match the permissible third party type.
  - 13. The method of claim 10, wherein receiving the purported user identifier, the purported export group identifier, and the purported password from the third party comprises receiving a secure transaction that includes a markup language form indicating the confidential information being requested,and wherein permitting access to the confidential information regarding the user by the third party comprises populating the markup language form with the confidential information that has been requested and transmitting the markup language form back to the third party.
  - 14. The method of claim 10, wherein the password is specific just to the export group identifier and not to an identity of the third party.
  - 15. The method of claim 10, wherein the password is specific both to the export group identifier and to an identity of the third party.
  - 16. The method of claim 10, wherein the password has a validity period, such that the password is invalid and does not permit access to the confidential information outside of the validity period.
  - 17. The method of claim 10, wherein the password has a maximum number of uses, such that the password is invalid and does not permit access to the confidential information after the password has been used more than the maximum number of uses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Barry A. Kritt, Douglas A. Law, Shawn K. Sremaniak, Thomas S. Mazzeo
Original Assignee
Barry A. Kritt, Douglas A. Law, Shawn K. Sremaniak, Thomas S. Mazzeo
Inventors
Kritt, Barry A., Law, Douglas A., Sremaniak, Shawn K., Mazzeo, Thomas S.

Granted Patent

US 9,210,165 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06Q 50/01   Social networking

H04L 2209/42   Anonymization, e.g. involvi...

H04L 51/52   for supporting social netwo...

H04L 63/04   for providing a confidentia...

H04L 63/083   using passwords cryptograph...

H04L 63/0846   using time-dependent-passwo...

H04L 63/104   Grouping of entities

Confidential information access via social networking web site

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Confidential information access via social networking web site

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links