Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

US 7,660,795 B2
Filed: 11/17/2003
Issued: 02/09/2010
Est. Priority Date: 12/31/2002
Status: Active Grant

First Claim

Patent Images

1. A computing system for facilitating management of user identities, the system comprising:

a processor;

a memory coupled to the processor for storing an executable program, the program including a plurality of components, the components including;

a registration component for facilitating gathering information from users and establishing a relationship between a user and an identity;

an ownership component for facilitating verification of an ownership of an account and facilitating relating the ownership to the identity, wherein the ownership component further facilitates confirming the ownership of a user identifier (id), analyzes ownership data and generates questions to be asked of the user to verify the identity of the user;

an audit component for;

facilitating monitoring the account and the identity to verify an integrity of the relationship, including determining a usage history of the identity based on at least one transaction deemed a successful or unsuccessful confirmation of the relationship between the identity and the account,assigning a positive weight for a successful transaction by the identity associated with the account,assigning a negative weight for an unsuccessful transaction by the identity associated with the account,assigning a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that make up the particular series of unsuccessful transactions by the identity associated with the account,aggregating the positive and negative weights to determine usage history of the identity of the user,determining a likelihood a claimed identity is an owner of said account by converting the aggregation of positive and negative weights to a probability score,wherein the audit component further facilitates periodic confirmation of ownership information from the user; and

a servicing component for facilitating maintaining, modifying, based on the aggregated positive and negative weights, information relating to the identity and using the likelihood with a hierarchal scheme of registration to allow or deny access to the user of different systems associated with the account.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for facilitating the management of user identities includes an ownership component, a registration component, and a servicing component. When a user first desires to access a system using the present invention, the registration component verifies the user'"'"'s ownership of the underlying account by asking a variety of questions. Thereafter, when a user desires to service his account, the user may be re-queried to determine if he is attempting to access the correct information. An authentication and access component provides the functionality to access a system of the present invention. An audit component can be configured to periodically monitor the various accounts to ensure a continued linking between users and accounts.

Citations

6 Claims

1. A computing system for facilitating management of user identities, the system comprising:
- a processor;
  
  a memory coupled to the processor for storing an executable program, the program including a plurality of components, the components including;
  
  a registration component for facilitating gathering information from users and establishing a relationship between a user and an identity;
  
  an ownership component for facilitating verification of an ownership of an account and facilitating relating the ownership to the identity, wherein the ownership component further facilitates confirming the ownership of a user identifier (id), analyzes ownership data and generates questions to be asked of the user to verify the identity of the user;
  
  an audit component for;
  
  facilitating monitoring the account and the identity to verify an integrity of the relationship, including determining a usage history of the identity based on at least one transaction deemed a successful or unsuccessful confirmation of the relationship between the identity and the account,assigning a positive weight for a successful transaction by the identity associated with the account,assigning a negative weight for an unsuccessful transaction by the identity associated with the account,assigning a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that make up the particular series of unsuccessful transactions by the identity associated with the account,aggregating the positive and negative weights to determine usage history of the identity of the user,determining a likelihood a claimed identity is an owner of said account by converting the aggregation of positive and negative weights to a probability score,wherein the audit component further facilitates periodic confirmation of ownership information from the user; and
  
  a servicing component for facilitating maintaining, modifying, based on the aggregated positive and negative weights, information relating to the identity and using the likelihood with a hierarchal scheme of registration to allow or deny access to the user of different systems associated with the account.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computing system of claim 1 wherein:
    - said servicing component is further configured to be operated by users.
  - 3. The computing system of claim 1 wherein:
    - said servicing component is further configured to be operated by one or more customer service representatives.
  - 4. The computing system of claim 1 wherein said audit component is configured to facilitate periodic confirmation of identity information.
  - 5. The computing system of claim 1 wherein said information from said users comprises biometric information.

6. A method for facilitating management of user identities, the method comprising:
- storing, using a processor of a computer, an executable program in a memory, the program including a plurality of components;
  
  facilitating gathering information from users and establishing a relationship between a user and an identity;
  
  facilitating, using an ownership component of the components, verification of an ownership of an account and facilitating relating the ownership to the identity, wherein the ownership component further facilitates confirming the ownership of a user identifier (id), analyzes ownership data and generates questions to be asked of the user to verify the identity of the user;
  
  facilitating monitoring the account and the identity to verify an integrity of the relationship, including determining a usage history of the identity based on at least one transaction deemed a successful or unsuccessful confirmation of the relationship between the identity and the account,assigning a positive weight for a successful transaction by the identity associated with the account,assigning a negative weight for an unsuccessful transaction by the identity associated with the account,assigning a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that make up the particular series of unsuccessful transactions by the identity associated with the account,aggregating the positive and negative weights to determine usage history of the identity of the user,determining a likelihood a claimed identity is an owner of said account by converting the aggregation of positive and negative weights to a probability score,facilitating periodic confirmation of ownership information from the user, andmaintaining, modifying, based on the aggregated positive and negative weights, information relating to the identity and using the likelihood with a hierarchal scheme of registration to allow or deny access to the user of different systems associated with the account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LSI Logic Corporation (Broadcom, Inc.), Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Shelby, James, Armes, David, Steitz, Philip W., Bishop, Fred, Gibbons, Stephen P., Barrett, Michael Richard, Glazer, Elliot
Primary Examiner(s)
Truong, Cam Y T

Application Number

US10/716,251
Publication Number

US 20040139050A1
Time in Patent Office

2,276 Days
Field of Search

707/1, 707/100
US Class Current

707/783
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 40/00   Finance; Insurance; Tax str...

Y10S 707/99931   Database or file accessing

Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links