Method for concealing user identities on computer systems through the use of temporary aliases

US 7,930,754 B2
Filed: 01/18/2006
Issued: 04/19/2011
Est. Priority Date: 01/18/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method for concealing a user identification, the computer implemented method comprising:

receiving user input, wherein the user input comprises a user alias;

verifying that the user alias is a valid user alias;

obtaining a user identification associated with the valid user alias from a database comprising a one-way protected mapping of the valid user alias to the user identification, wherein only a trusted privileged process with a decryption key reverse maps the user identification back to the valid user alias, wherein if the valid user alias is compromised the valid user alias is removed without requiring change of the user identification required for permission;

determining whether the valid user alias is one of a plurality of permitted user aliases permitted for one time use in association with the user identification in a database, for connecting in a non-secure environment;

responsive to determining the valid user alias is one of a plurality of permitted user aliases specified for one time use in association with the user identification, discarding the valid user alias from the plurality of permitted user aliases stored in the database;

determining whether there is at least one remaining valid user alias stored as the plurality of permitted user aliases in the database;

responsive to detecting there is at least one remaining valid user alias, marking the next remaining valid user alias from among the plurality of permitted user aliases as the valid user alias; and

responsive to detecting there is not remaining valid user alias, generating an sending an electronic mail message to the user specifying there are no remaining permitted user aliases in the database.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user alias for concealing a user'"'"'s user identification is provided. When signing-on, the user inputs a user alias to a log-in shell. The log-in shell verifies the validity of the user alias. The log-in shell then obtains a user identification associated with the valid user alias.

14 Citations

View as Search Results

17 Claims

1. A computer implemented method for concealing a user identification, the computer implemented method comprising:
- receiving user input, wherein the user input comprises a user alias;
  
  verifying that the user alias is a valid user alias;
  
  obtaining a user identification associated with the valid user alias from a database comprising a one-way protected mapping of the valid user alias to the user identification, wherein only a trusted privileged process with a decryption key reverse maps the user identification back to the valid user alias, wherein if the valid user alias is compromised the valid user alias is removed without requiring change of the user identification required for permission;
  
  determining whether the valid user alias is one of a plurality of permitted user aliases permitted for one time use in association with the user identification in a database, for connecting in a non-secure environment;
  
  responsive to determining the valid user alias is one of a plurality of permitted user aliases specified for one time use in association with the user identification, discarding the valid user alias from the plurality of permitted user aliases stored in the database;
  
  determining whether there is at least one remaining valid user alias stored as the plurality of permitted user aliases in the database;
  
  responsive to detecting there is at least one remaining valid user alias, marking the next remaining valid user alias from among the plurality of permitted user aliases as the valid user alias; and
  
  responsive to detecting there is not remaining valid user alias, generating an sending an electronic mail message to the user specifying there are no remaining permitted user aliases in the database.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer implemented method of claim 1, further comprising:
    - maintaining the association between the valid user alias and the user identification in a database; and
      
      responsive to receiving user input comprising the user identification and not the user alias associated with the database, marking the login with the user input as an attempted unauthorized access.
  - 3. The computer implemented method of claim 1, further comprising:
    - encrypting the valid user alias.
  - 4. The computer implemented method of claim 3, further comprising:
    - utilizing a user password as a key for the encryption.
  - 5. The computer implemented method of claim 1, wherein the user alias is a false credit card number and wherein the user identification is an actual credit card number.
  - 6. The computer implemented method of claim 1, further comprising:
    - receiving the user input in an incoming e-mail, wherein the user alias is an alias e-mail address;
      
      obtaining the user identification comprising an actual e-mail address associated with the valid user alias;
      
      determining whether a time period for the alias e-mail address has expired; and
      
      responsive to the time period for the alias e-mail address not expiring, automatically routing the incoming e-mail to the actual e-mail address.

7. A computer executable program product comprising a tangible non-transitory computer readable storage device for concealing a user identification, wherein the computer usable program code when executed on a computer causes the computer to:
- receive user input, wherein the user input comprises a user alias;
  
  verify that the user alias is a valid user alias;
  
  obtain a user identification associated with the valid user alias from a database comprising a one-way protected mapping of the valid user alias to the user identification, wherein only a trusted privileged process with a decryption key reverse maps the user identification back to the valid user alias, wherein if the valid user alias is compromised the valid user alias is removed without requiring change of the user identification required for permission;
  
  determine whether the valid user alias is one of a plurality of permitted user aliases permitted for one time use in association with the user identification in a database, for connecting in a non-secure environment;
  
  responsive to determining the valid user alias is one of a plurality of permitted user aliases specified for one time use in association with the user identification, discard the valid user alias from the plurality of permitted user aliases stored in the database;
  
  determine whether there is at least one remaining valid user alias stored as the plurality of permitted user aliases in the database;
  
  responsive to detecting there is at least one remaining valid user alias, mark the next remaining valid user alias from among the plurality of permitted user aliases as the valid user alias; and
  
  responsive to detecting there is not remaining valid user alias, generate an sending an electronic mail message to the user specifying there are no remaining permitted user aliases in the database.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The computer program product of claim 7, wherein the computer-readable program when executed on the computer further causes the computer to:
    - maintain the association between the valid user alias and the user identification in a database; and
      
      receive user input comprising the user identification and not the user alias associated with the database, for marking the login with the user input as an attempted unauthorized access.
  - 9. The computer program product of claim 7,wherein the computer-readable program when executed on the computer further causes the computer to:
    - encrypt the valid user alias.
  - 10. The computer program product of claim 7, wherein the computer-readable program when executed on the computer further causes the computer to:
    - utilize a user password as a key for the encryption.
  - 11. The computer program product of claim 7, wherein the computer-readable program when executed on the computer further causes the computer to:
    - utilize a user password as a key for the encryption.
  - 12. The computer program product of claim 7, wherein the user alias is a false credit card number and wherein the user identification is an actual credit card number.
  - 13. The computer program product of claim 7, wherein the computer-readable program when executed on the computer further causes the computer to:
    - receive the user input in an incoming e-mail, wherein the user alias is an alias e-mail address;
      
      obtain the user identification comprising is an actual e-mail address associated with the valid user alias;
      
      determine whether a time period for the alias e-mail address has expired; and
      
      responsive to the time period for the alias e-mail address not expiring, automatically route the incoming e-mail to the actual e-mail address.

14. A data processing system for concealing a user identification, said data processing system comprising:
- a storage device, wherein the storage device stores computer usable program code; and
  
  a processor, wherein the processor executes the computer usable program code to receive user input, wherein the user input comprises a user alias;
  
  to verifythat the user alias is a valid user alias; and
  
  to obtain a user identification associated with the valid user alias from a database comprising a one-way protected mapping of the valid user alias to the user identification, wherein only a trusted privileged process with a decryption key reverse maps the user identification back to the valid user alias, wherein if the valid user alias is compromised the valid user alias is removed without requiring change of the user identification required for permission;
  
  wherein the processor further executes;
  
  computer usable program code for determining whether the valid user alias is one of a plurality of permitted user aliases permitted for one time use in association with the user identification in a database, for connecting in a non-secure environment;
  
  computer usable program code, responsive to determining the valid user alias is one of a plurality of permitted user aliases specified for one time use in association with the user identification, for discarding the valid user alias from the plurality of permitted user aliases stored in the database;
  
  computer usable program code for determining whether there is at least one remaining valid user alias stored as the plurality of permitted user aliases in the database;
  
  computer usable program code, responsive to detecting there is at least one remaining valid user alias for marking the next remaining valid user alias from among the plurality of permitted user aliases as the valid user alias; and
  
  computer usable program code, responsive to detecting there is not remaining valid user alias, for generating an sending an electronic mail message to the user specifying there are no remaining permitted user aliases in the database.
- View Dependent Claims (15, 16, 17)
- - 15. The data processing system of claim 14, wherein the processor further executes computer usable program code for maintaining the association between the valid user alias and the user identification in a database and responsive to receiving user input comprising the user identification and not the user alias associated with the database, for marking the login with the user input as an attempted unauthorized access.
  - 16. The data processing system of claim 14, wherein the valid user alias is one of a plurality of valid user aliases permitted for use in a non-secure environment.
  - 17. The data processing system of claim 14, wherein the user alias is a false credit card number and wherein the user identification is an actual credit card number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Goldberg, Itzhack, Haugh, Julianne Frances
Primary Examiner(s)
Vu; K.
Assistant Examiner(s)
DEBNATH, SUMAN

Application Number

US11/334,663
Publication Number

US 20070169202A1
Time in Patent Office

1,917 Days
Field of Search

726 26- 30, 713/163, 713/184, 713/187, 705/39, 709/206, 709/229
US Class Current

726/26
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/10   specially adapted for elect...

H04L 63/0421   Anonymous communication, i....

H04L 63/0428   wherein the data content is...

Method for concealing user identities on computer systems through the use of temporary aliases

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method for concealing user identities on computer systems through the use of temporary aliases

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links