FACILITATING USER-CENTRIC IDENTITY MANAGEMENT

US 20150312257A1
Filed: 04/25/2014
Published: 10/29/2015
Est. Priority Date: 04/25/2014
Status: Active Grant

First Claim

Patent Images

1. One or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising:

prior to accessing one or more resources stored in association with an identity provider, providing an indication from a service provider to a user device that access to the one or more resources is to be provided to a service provider; and

communicating with the identity provider to access the one or more resources.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention provide systems, methods, and computer storage media for facilitating user-centric identity management. In this regard, various aspects of identity management are designed to be more transparent to users to bolster user assurance with respect to “behind-the-scenes” procedures of identity management. Generally, indications of data flow between service providers, identity providers, and/or user devices can be provided to the user device for presentation to the user. As a result, visual representations of data flow, notifications of data flow, or the like, can be presented to the user to expose various aspects of identity management. In some embodiments, users may be able to control aspects of identity management, for example, by confirming or preventing data flow between providers.

Citations

20 Claims

1. One or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising:
- prior to accessing one or more resources stored in association with an identity provider, providing an indication from a service provider to a user device that access to the one or more resources is to be provided to a service provider; and
  
  communicating with the identity provider to access the one or more resources.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The one or more computer storage media of claim 1, wherein the identity provider manages identity information for a plurality of users.
  - 3. The one or more computer storage media of claim 1, wherein the service provider provides at least one service to the user device.
  - 4. The one or more computer storage media of claim 1, wherein the identity provider and the service provider are associated with different organizations.
  - 5. The one or more computer storage media of claim 1 further comprising providing to the user device a scope of the one or more resources that are to be accessed.
  - 6. The one or more computer storage media of claim 1, wherein the one or more resources comprise user data associated with a user of the user device.
  - 7. The one or more computer storage media of claim 1 further comprising using an access token to obtain access to the one or more resources.
  - 8. The one or more computer storage media of claim 1 further comprising:
    - obtaining the one or more resources; and
      
      providing an indication to the user device that the one or more resources have been received by the service provider.
  - 9. The one or more computer storage media of claim 1, wherein the indication that access to the one or more resources is to be provided to the service provider enables a user to confirm the provision of the one or more resources from the identity provider to the service provider.
  - 10. The one or more computer storage media of claim 1, wherein the indication that access to the one or more resources is to be provided to the service provider enables a user to prevent the provision of the one or more resources from the identity provider to the service provider.

11. A computerized method comprising:
- in accordance with a first communication between a service provider that provides a service to a user device and a third-party identity provider that authorizes access to resources associated with a user of the user device, providing an indication of the first communication to the user device to expose the first communication between the service provider and the third-party identity provider to the user of the user device; and
  
  in accordance with a second communication between the service provider and the third-party identity provider, providing an indication of the second communication to the user device to expose the second communication between the service provider and the third-party identity provider to the user of the user device,wherein the first communication and the second communication between the service provider and the third-party identity provider facilitate access to one or more resources stored in association with the third-party identity provider being provided to the service provider.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, wherein one of the first communication or the second communication between the service provider and the third-party identity provider comprises a request for an access token.
  - 13. The method of claim 11, wherein one of the first communication or the second communication between the service provider and the third-party identity provider comprises provision of an access token.
  - 14. The method of claim 11, wherein one of the first communication or the second communication between the service provider and the third-party identity provider comprises a request for access to the one or more resources.
  - 15. The method of claim 11, wherein one of the first communication or the second communication between the service provider and the third-party identity provider comprises communication of the one or more resources.
  - 16. The method of claim 11, wherein the indication of the first communication and the indication of the second communication are provided by the service provider to the user device.

17. A system comprising:
- one or more processors; and
  
  one or more computer storage media storing computer-useable instructions that, when used by the one or more processors, cause the one or more processors to;
  
  communicate data to a user device for use in rendering a visual representation of at least a portion of a data flow between the user device, a service provider, and an identity provider, wherein the service provider provides a service to the user device and the identity provider authenticates a user of the user device and authorizes the service provider to access resources stored in association with the identity provider; and
  
  communicate to the user device an indication of a set of one or more resources provided to or to be provided to the service provider from the identity provider in accordance with the identity provider authorizing access to the service provider.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the visual representation includes at least a representation of the user device, the service provider, and the identity provider.
  - 19. The system of claim 17, wherein the indication of the set of the one or more resources comprises images, videos, media, social network posts, user profile data, or a combination thereof.
  - 20. The system of claim 17 further comprising access a data store that includes a mapping of the identity provider to a resource scope to identify the set of the one or more resources provided to or to be provided to the service provider from the identity provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
ANTIPA, DAMIEN, SANSO, ANTONIO

Granted Patent

US 11,297,059 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/10 for controlling access to d...

FACILITATING USER-CENTRIC IDENTITY MANAGEMENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

FACILITATING USER-CENTRIC IDENTITY MANAGEMENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links