Personal information security and exchange tool
DCFirst Claim
1. An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising:
- an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed;
an electronic personal information agent which securely encapsulates entities'"'"' personal information objects and rules governing processing;
a commercial activity dispatcher which handles all incoming transaction requests with said electronic bazaar electronic broker;
a public product database which persistently stores product information processed by said electronic bazaar electronic broker;
a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents;
an advertiser directory which stores and processes orders, product information and order forms as initiated by transaction requests; and
a private activities database which stores advertiser pending orders, inventories, and information necessary to carry out transactions.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Utilization of the E-Metro Community and Personal Information Agents assure an effective and comprehensive agent-rule based command and control of informational assets in a networked computer environment. The concerns of informational privacy and informational self-determination are addressed squarely by the invention affording persons and entities a trusted means to author, secure, search, process, and exchange personal and/or confidential information in a networked computer environment. The formation of trusted electronic communities wherein members command and control their digital persona, exchanging or brokering for value the trusted utility of their informational assets is made possible by the invention. The present invention provides for the trusted utilization of personal data in electronic markets, providing both communities and individuals aggregate and individual rule-based control of the processing of their personal data.
1160 Citations
41 Claims
-
1. An electronic bazaar for the purpose of facilitating electronic commerce by auction comprising:
-
an electronic bazaar electronic broker which securely processes a transaction to ensure that rules are satisfied before a transaction is processed; an electronic personal information agent which securely encapsulates entities'"'"' personal information objects and rules governing processing; a commercial activity dispatcher which handles all incoming transaction requests with said electronic bazaar electronic broker; a public product database which persistently stores product information processed by said electronic bazaar electronic broker; a trusted token processor which stores and processes public keys from said electronic personal information agents and issues and validates trusted tokens presented by said electronic personal information agents; an advertiser directory which stores and processes orders, product information and order forms as initiated by transaction requests; and a private activities database which stores advertiser pending orders, inventories, and information necessary to carry out transactions. - View Dependent Claims (2, 3)
-
-
4. A computer-implemented system for securely asserting and enforcing the informational privacy and informational self-determination rights and responsibilities of an entity by providing secure and private storage as well as secure and private information exchange via trusted processes and cryptographic mechanisms, the computer-implemented system comprising:
-
means to securely store an entity'"'"'s personal information in the form of a self-determining digital persona such that it is accessible only to the entity or trusted processes, said personal information being stored in an encrypted manner; trusted process means for securely and privately exchanging some or all the personal information between entities in a manner so as to prevent access by other processes to the personal information being exchanged as well as to the personal information not being exchanged; wherein said trusted process means bases an exchange of personal information on personal privilege rules of each entity so as to permit an incremental exchange of personal information stored in the entity'"'"'s self-determining digital persona as each individual or set of personal privilege rules are incrementally satisfied; wherein said trusted process means further assures that entities involved in a potential or partially performed exchange are unaware of each other'"'"'s identities unless information concerning their identities is intentionally exchanged, and are unaware of why specific personal privilege rules have failed, if any; and means to assure that any exchanged personal data is delivered to the receiving entity privately in such a manner that the receiving entity can process only that data which the personal privilege rules allow it. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A trusted electronic exchange process operating on a programmable computer system, the process comprising the steps of:
-
receiving, at the computer system, a communication from an originating source, said communication comprising a) a digital certificate binding a public key to the originating source; b) information in the form of information objects relating to said originating source; c) privilege rules associated with said information objects, said privilege rules defining if and under what conditions said information objects may be processed by a receiving electronic entity; and d) one or more interaction instructions collectively defining a set of search criteria; verifying, at the computer system, that said communication was originated by said originating source; securely identifying, at the computer system, and without access to said originating source, home electronic personal information agents that satisfy said search criteria, said home electronic personal information agents encapsulating secured information and privilege rules governing access to said information; securely executing privilege rules encapsulated within the home electronic personal information agents on the information objects from said originating source, so as to determine if the information objects encapsulated within said home electronic personal information agents meet the conditions for further processing; replicating the home electronic personal information agents satisfying said criteria and having at least one information object whose privilege rule has been satisfied, thereby generating a plurality of autonomous electronic personal information agents; and securely dispatching said autonomous electronic personal information agents to the originating source.
-
-
34. A distributed object resource management system for use in a personal security and exchange tool fixed in a computer readable medium, comprising:
-
a messaging subsystem which receives and dispatches electronic autonomous personal information agents, said electronic autonomous personal information agents comprising secured information and rules governing access to said information by other electronic autonomous personal information agents; an electronic broker which securely intermediates between two or more electronic autonomous personal information agents; an interaction processor which processes requests from said electronic autonomous personal information agents through said electronic broker; a rules processor which processes rules from electronic autonomous personal information agents and determines that the rules are satisfied prior to permitting an exchange of information between the electronic autonomous personal information agents; an object repository where the electronic brokers and the electronic personal agents are maintained persistently; and a secure remote method invocation system and messaging system for permitting home electronic personal information agents to communicate with replicated electronic personal information agent counterparts.
-
-
35. An electronic bazaar for the purpose of asserting and enforcing digital rights and responsibilities of participating entities based electronic commerce by auction and direct offer, said digital rights and responsibilities including informational privacy and informational self-determination rights and responsibilities, the electronic bazaar comprising:
-
an electronic personal information agent structure which provides member entity-merchants or entity-buyers to search, interact and collectively bargain collective and individual personal information processing privileges in exchange for value; a plurality of electronic personal information agents, each securely encapsulating personal information objects for a specific entity as well as exchange rules governing processing the personal information objects; an electronic bazaar electronic broker which securely processes transactions to ensure that exchange rules are satisfied before a transaction is processed, the electronic bazaar electronic broker maintaining the privacy of the personal information objects encapsulated within said personal information agents during a processing transaction; a commercial activity dispatcher for handling incoming transaction requests with said electronic bazaar electronic broker; a public product database which persistently stores product information processed by said electronic bazaar electronic broker; and an advertiser directory which stores and processes orders, product information and order forms as initiated by transaction requests; and
a private activities database which stores advertiser pending orders, inventories, and information needed for carrying out transactions. - View Dependent Claims (36, 37, 38)
-
-
39. A computer-implemented system for asserting informational privacy and self-determination rights and responsibilities of network members, comprising:
-
a plurality of electronic entities, each electronic entity comprising secured personal data and exchange rules governing access to said information; and computer-implemented means for providing trusted processing between two interacting electronic entities such that only a trusted process is able to securely access each interacting electronic entity'"'"'s personal data for the purpose of securely computing each entity'"'"'s privilege rules and determining whether an exchange of some or all personal data will occur.
-
-
40. A computer-implemented system for asserting and enforcing transitive trust of information exchange between entities by way of their self-determining digital personas, the computer-implemented system comprising:
-
a plurality of self-determining digital personas, each self-determining digital persona securely encapsulating an entity'"'"'s personal information and privilege rules governing access to said personal information; means for securely determining whether some or all of an entity'"'"'s personal information will be transferred to another entity or entities based upon the privilege rules governing access to the personal information; and means for trusted onward transfer of the personal information to be transferred, said means for trusted onward transfer comprising means for transforming the personal information to be transferred into an automatically created new version of the self-determining digital persona encapsulating both the personal information and privilege rules governing the personal information, and for dispatching the new version of the self-determining digital persona to the receiving entity; wherein a separate new version of the self-determining digital persona is created for each receiving entity; wherein each new version of the self-determining digital persona is capable of acting autonomously but on behalf of the originating self-determining digital persona with ongoing dynamic interactions or negotiations based on its encapsulated privilege rules; and wherein the personal information encapsulated within the new version of the self-determining digital persona can be onwardly transferred only when its encapsulated privilege rules are satisfied.
-
-
41. A computer-implemented system for representing an entity with its securely authored self-determining digital persona which allows assertion and enforcement of the entity'"'"'s informational privacy and self-determination rights and responsibilities within a trusted community network, the computer-implemented system comprising:
-
means for securely authoring and encapsulating personal information electronically as secured personal data in the form of a self-determining digital persona representing informational assets of the entity, the personal information comprising one or more information objects and one or more personal privilege rules governing each information object'"'"'s trusted brokering and its trusted onward utilization, said personal privilege rules comprising computer readable program code and collectively governing whether or not a electronic personal information agent will allow interaction with another electronic personal information agent and whether or not specific personal information will be exchanged with the other electronic personal information agent; means for providing both secure and private storage as well as secure and private information exchange for the entity'"'"'s encapsulated personal information, said means comprising means to securely store the entity'"'"'s personal information such that only the entity or trusted processes have access to it, the information being encrypted using a key which is securely stored and accessible only to secured processes within the computer-implemented system; means to securely exchange some or all of an entity'"'"'s encapsulated personal information with another entity in a manner so as to ensure the encapsulated personal information, whether or not exchanged, is inaccessible to other processes, the exchange being based on the encapsulated personal privilege rules of each entity using a trusted process which securely accesses each interacting entity'"'"'s personal information for the purpose of computing each entity'"'"'s privilege rules, whereby the entities may incrementally exchange an increasing amount of personal information as an increasing number of privilege rules are satisfied; means to ensure that entities involved in an attempted or partially performed exchange are unaware of each other'"'"'s identities unless information concerning their identities is intentionally exchanged; means to ensure that entities involved in an attempted or partially performed exchange are unaware of why specific privilege rules, if any, were not met; and means to assure that any exchanged personal information is delivered as a replicated electronic personal information agent version to the receiving entity privately in such a manner that only the receiving entity can process that information allowed by the other entity'"'"'s personal privilege rules; means for providing trusted information exchange such that an initiating entity may exchange some or all of its personal information with another trusting entity that it has established, in a previous interaction, trust to exchange information at a different location or at a future time; means for asserting and enforcing transitive trust to govern the onward transfer of exchanged personal information, said means for asserting and enforcing transitive trust comprising means to replicate the digital persona in one or more versions, each replicated digital persona encapsulating personal information and privilege rules governing access to the personal information during exchange transactions, and each replicated digital persona capable of interacting autonomously with other entities, but on behalf of the originating entity, with ongoing dynamic interactions or negotiations based on its personal privilege rules; means for encapsulating one or more digital certificates in each replicated digital persona so that any further exchanges of the entity'"'"'s personal information by one of its replicated digital personas is assured to have originated from the entity; and means for corroborating the reliability of the encapsulated personal information objects.
-
Specification