METHOD AND SYSTEM FOR INTEROPERABLE IDENTITY AND INTEROPERABLE CREDENTIALS

US 20160063657A1
Filed: 03/04/2015
Published: 03/03/2016
Est. Priority Date: 08/28/2014
Status: Active Application

First Claim

Patent Images

1. A method implemented on a computing device having at least one processor, storage, and a communication platform capable of making a connection to a network for managing identity information of a person at an identity center, the method comprising the steps of:

associating the person with a first set of identity attributes that are verified to be associated with the person;

linking, upon the person being associated with the first set of identity attributes, the person with a first user account at a source entity;

receiving a consent from the person to share one or more attributes of the first user account at the source entity with a receiving entity; and

facilitating the sharing of the one or more attributes of the first user account from the source entity to the receiving entity in accordance with the received consent.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present teaching relates to managing identity information of a person at an identity center. In one example, the person is associated with a first set of identity attributes that are verified to be associated with the person. Upon the person being associated with the first set of identity attributes, the person is linked with a first user account at a source entity. A consent is received from the person to share one or more attributes of the first user account at the source entity with a receiving entity. The sharing of the one or more attributes of the first user account from the source entity to the receiving entity is facilitated in accordance with the received consent.

47 Citations

View as Search Results

20 Claims

1. A method implemented on a computing device having at least one processor, storage, and a communication platform capable of making a connection to a network for managing identity information of a person at an identity center, the method comprising the steps of:
- associating the person with a first set of identity attributes that are verified to be associated with the person;
  
  linking, upon the person being associated with the first set of identity attributes, the person with a first user account at a source entity;
  
  receiving a consent from the person to share one or more attributes of the first user account at the source entity with a receiving entity; and
  
  facilitating the sharing of the one or more attributes of the first user account from the source entity to the receiving entity in accordance with the received consent.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising:
    - associating the person with one or more credentials that are verified to be associated with the person, wherein the one or more credentials are configured to authenticate whether an online user is the person.
  - 3. The method of claim 2, wherein at least one of the one or more credentials is configured to authenticate whether an online user is the person associated with the first user account at the source entity.
  - 4. The method of claim 1, wherein the step of receiving comprises:
    - authenticating an online user to be the person at a level of assurance (LOA) level; and
      
      receiving the consent from the online user when the online user is authenticated to be the person at the LOA level.
  - 5. The method of claim 4, wherein the LOA level is 3 or above.
  - 6. The method of claim 1, wherein the first set of identity attributes includes at least:
    - a first name;
      
      a last name;
      
      a gender; and
      
      a postal code.
  - 7. The method of claim 1, wherein the step of linking comprises:
    - determining, for each of the identity attributes in the first set, whether the first user account includes a corresponding attribute;
      
      evaluating, for each of the identity attributes in the first set, whether the corresponding attribute associated with the first user account has a matching value; and
      
      linking the person with the first user account when each corresponding attribute associated with the first user account matches each of the identity attributes in the first set.
  - 8. The method of claim 1, wherein the step of linking comprises:
    - authenticating an online user to be the person;
      
      enabling the online user, upon the online user being authenticated with success to be the person, to login to the first user account at the source entity; and
      
      linking the person with the first user account at the source entity when the login to the first user account at the source entity is successful.
  - 9. The method of claim 8, wherein enabling the online user to login to the first user account at the source entity comprises:
    - creating a login request based on information related to the authenticated online user;
      
      submitting the login request to the source entity; and
      
      receiving a login response from the source entity.
  - 10. The method of claim 9, wherein the information related to the authenticated online user includes information received from the authenticated online user or information provided by the identity center as associated with the person that the online user is authenticated to as.
  - 11. The method of claim 1, whereinthe consent is directed to a second user account of the receiving entity;
    - andthe second user account is associated with the person.
  - 12. The method of claim 1, wherein the sharing is facilitated by:
    - authenticating an online user to be the person;
      
      receiving, upon successful authentication, a request from the authenticated online user to share at least one of the one or more attributes from the first user account of the source entity associated with the received consent;
      
      creating an access token for accessing the at least one of the one or more attributes from the first user account of the source entity; and
      
      providing the access token to the receiving entity.
  - 13. The method of claim 12, further comprising:
    - receiving, from the receiving entity, a request to access the at least one attribute from the first user account of the source entity;
      
      receiving, from the receiving entity, an access token as associated with the requested at least one attribute associated from the first user account of the source entity;
      
      verifying the validity of the access token with respect to the requested at least one attribute from the first user account of the source entity; and
      
      providing the receiving entity with access to the at least one attribute from the first user account when the access token with respect to the at least one attribute associated with the first user account of the source entity is verified with success.
  - 14. The method of claim 1, wherein the sharing is facilitated by:
    - authenticating an online user to be the person;
      
      receiving, from the authenticated online user, information related to a modification to an attribute associated with the first user account of the source entity and designated to be shared with the receiving entity;
      
      modifying the attribute based on the information to generate a modified attribute; and
      
      providing the receiving entity with access to the to the modified attribute.

15. A non-transitory machine readable medium having information recorded thereon for managing identity information of a person at an identity center, wherein the information, when read by a machine, causes the machine to perform the steps of:
- associating the person with a first set of identity attributes that are verified to be associated with the person;
  
  linking, upon the person being associated with the first set of identity attributes, the person with a first user account at a source entity;
  
  receiving a consent from the person to share one or more attributes of the first user account at the source entity with a receiving entity; and
  
  facilitating the sharing of the one or more attributes of the first user account from the source entity to the receiving entity in accordance with the received consent.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The medium of claim 15, further comprising:
    - associating the person with one or more credentials that are verified to be associated with the person, wherein the one or more credentials are configured to authenticate whether an online user is the person.
  - 17. The medium of claim 15, wherein the step of linking comprises:
    - determining, for each of the identity attributes in the first set, whether the first user account has a corresponding attribute;
      
      evaluating, for each of the identity attributes in the first set, whether the corresponding attribute associated with the first user account has a matching value; and
      
      linking the person with the first user account when each corresponding attribute associated with the first user account matches each of the identity attributes in the first set.
  - 18. The medium of claim 15, wherein the step of linking comprises:
    - authenticating an online user to be the person;
      
      enabling the online user, upon being authenticated with success to be the person, to login to the first user account at the source entity; and
      
      linking the person with the first user account at the source entity when the login to the first user account at the source entity is successful.
  - 19. The medium of claim 15, wherein the sharing is facilitated by:
    - authenticating an online user to be the person;
      
      receiving, upon successful authentication, a request from the authenticated online user to share at least one of the one or more attributes from the first user account of the source entity associated with the received consent;
      
      creating an access token for accessing the at least one of the one or more attributes from the first user account of the source entity; and
      
      providing the access token to the receiving entity.
  - 20. The medium of claim 15, wherein the sharing is facilitated by:
    - authenticating an online user to be the person;
      
      receiving, from the authenticated online user, information related to a modification to an attribute associated with the first user account of the source entity and designated to be shared with the receiving entity;
      
      modifying the attribute based on the information to generate a modified attribute; and
      
      providing the receiving entity with access to the to the modified attribute.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DrFirst.com, Incorported
Original Assignee
DrFirst.com, Incorported
Inventors
Chen, James F., Qian, Chen

Application Number

US14/638,553
Publication Number

US 20160063657A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/45   Structures or tools for the...

G06F 21/46   by designing passwords or c...

G06F 2221/2117   User registration

G06Q 10/00   Administration; Management

G06Q 50/265   Personal security, identity...

H04L 63/0421   Anonymous communication, i....

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 67/60   Scheduling or organising th...

METHOD AND SYSTEM FOR INTEROPERABLE IDENTITY AND INTEROPERABLE CREDENTIALS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR INTEROPERABLE IDENTITY AND INTEROPERABLE CREDENTIALS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links