Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

US 8,010,562 B2
Filed: 01/25/2010
Issued: 08/30/2011
Est. Priority Date: 12/31/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

a processor for facilitating management of user identities;

a non-transitory memory communicating with the processor,the non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;

facilitating monitoring, by the processor, an account and an identity to verify an integrity of a relationship;

determining, by the processor, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account;

assigning, by the processor, a positive weight for a successful transaction by the identity associated with the account;

assigning, by the processor, a negative weight for an unsuccessful transaction by the identity associated with the account;

assigning, by the processor, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account;

aggregating, by the processor, the positive and negative weights to determine usage history of the identity of the user;

determining, by the processor, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive and negative weights to a probability score;

facilitating, by the processor, periodic confirmation of ownership information from the user;

facilitating maintaining and modifying, by the processor and based on the aggregated positive and negative weights, information relating to the identity; and

allowing or denying, by the processor and using the likelihood, along with a hierarchal scheme of registration, access to the user of different systems associated with the account.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for facilitating the management of user identities includes an ownership component, a registration component, and a servicing component. When a user first desires to access a system using the present invention, the registration component verifies the user'"'"'s ownership of the underlying account by asking a variety of questions. Thereafter, when a user desires to service his account, the user may be re-queried to determine if he is attempting to access the correct information. An authentication and access component provides the functionality to access a system of the present invention. An audit component can be configured to periodically monitor the various accounts to ensure a continued linking between users and accounts.

40 Citations

View as Search Results

22 Claims

1. A system comprising:
- a processor for facilitating management of user identities;
  
  a non-transitory memory communicating with the processor,the non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
  
  facilitating monitoring, by the processor, an account and an identity to verify an integrity of a relationship;
  
  determining, by the processor, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account;
  
  assigning, by the processor, a positive weight for a successful transaction by the identity associated with the account;
  
  assigning, by the processor, a negative weight for an unsuccessful transaction by the identity associated with the account;
  
  assigning, by the processor, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account;
  
  aggregating, by the processor, the positive and negative weights to determine usage history of the identity of the user;
  
  determining, by the processor, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive and negative weights to a probability score;
  
  facilitating, by the processor, periodic confirmation of ownership information from the user;
  
  facilitating maintaining and modifying, by the processor and based on the aggregated positive and negative weights, information relating to the identity; and
  
  allowing or denying, by the processor and using the likelihood, along with a hierarchal scheme of registration, access to the user of different systems associated with the account.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1, further configured to facilitate periodic confirmation of ownership information from the user.
  - 3. The system of claim 1, further configured to facilitate periodic confirmation of the identity information.
  - 4. The system of claim 1, wherein the information from the users comprises biometric information.
  - 5. The system of claim 1, further configured to determine the likelihood a claimed identity is an owner of the account by converting the aggregation of positive and negative weights to a probability score.
  - 6. The system of claim 1, further comprising a servicing component, wherein the servicing component facilitates maintaining and modifying, based on the aggregated positive and negative weights, information relating to the identity and using the likelihood, along with the hierarchal scheme of registration, to allow or deny access to the user of different systems associated with the account.
  - 7. The system of claim 6, wherein the servicing component is further configured to be operated by users.
  - 8. The system of claim 6, wherein the servicing component is further configured to be operated by one or more customer service representatives.
  - 9. The system of claim 1, further comprising an ownership component for facilitating verification of an ownership of an account.
  - 10. The system of claim 1, further comprising an ownership component for facilitating relating the ownership to the identity.
  - 11. The system of claim 1, further comprising an ownership component for facilitating confirming the ownership of a user identifier (id), analyzing ownership data and generating questions to be asked of the user to verify the identity of the user.
  - 12. The system of claim 1, further comprising an ownership component to facilitate confirming the ownership of at least one of a user identifier or an account.
  - 13. The system of claim 1, further comprising an ownership component for analyzing ownership data and generating questions to be asked of a user to verify the identity of the user.
  - 14. The system of claim 1, further comprising a registration component for facilitating gathering information from users and establishing a relationship between the user and the identity.
  - 15. The system of claim 1, further comprising an ownership component for facilitating confirming the ownership of a user identifier (id), analyzing ownership data and generating questions to be asked of the user to identify the user identifier (id) of said user.
  - 16. The system of claim 1, further comprising an ownership component for facilitating confirming the ownership of a user identifier (id), analyzing ownership data, generating questions to be asked of the user to verify the identity of the user and providing new access credentials to the user'"'"'s account.

17. A method for facilitating management of user identities, the method comprising:
- facilitating monitoring, by a computer-based system for the facilitating management of the user identities, an account and an identity to verify an integrity of a relationship between a user and the identity;
  
  determining, by the computer based system, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account;
  
  assigning, by the computer-based system, a positive weight for a successful transaction by the identity associated with the account;
  
  assigning, by the computer-based system, a negative weight for an unsuccessful transaction by the identity associated with the account;
  
  assigning, by the computer-based system, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account;
  
  aggregating, by the computer-based system, the positive weights and negative weights to determine usage history of the identity of the user;
  
  determining, by the computer-based system, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive weights and negative weights to a probability score;
  
  facilitating, by the computer-based system, periodic confirmation of ownership information from the user;
  
  maintaining and modifying, by the computer-based system and based on the aggregated positive weights and negative weights, information relating to the identity; and
  
  allowing or denying, by the computer-based system and using the likelihood along with a hierarchal scheme of registration, access to the user of different systems associated with the account.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, further comprising establishing a relationship between the user and the identity.
  - 19. The method of claim 17, further comprising facilitating monitoring of the account and the identity to verify an integrity of the relationship, including determining a usage history of the identity based on at least one transaction deemed a successful or unsuccessful confirmation of the relationship between the identity and the account.
  - 20. The method of claim 17, further comprising facilitating verification of an ownership of the account and facilitating relating the ownership to the identity.
  - 21. The method of claim 17, further comprising facilitating, using an ownership component of the components, verification of an ownership of the account and facilitating relating the ownership to the identity, wherein the ownership component further facilitates confirming the ownership of a user identifier (id), analyzes ownership data and generates questions to be asked of the user to verify the identity of the user.

22. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions, when executed by a computer-based system for facilitating management of user identities, perform operations comprising:
- facilitating monitoring, by the computer-based system, an account and an identity to verify an integrity of a relationship between a user and the identity;
  
  determining, by the computer-based system, a usage history of the identity based on a transaction being deemed a successful confirmation or unsuccessful confirmation of the relationship between the identity and the account;
  
  assigning, by the computer-based system, a positive weight for a successful transaction by the identity associated with the account;
  
  assigning, by the computer-based system, a negative weight for an unsuccessful transaction by the identity associated with the account;
  
  assigning, by the computer-based system, a negative weight for a particular series of unsuccessful transactions by the identity associated with the account that exceeds an aggregate of individual negative weights of unsuccessful transactions that comprise the particular series of unsuccessful transactions by the identity associated with the account;
  
  aggregating, by the computer-based system, the positive weights and negative weights to determine usage history of the identity of the user;
  
  determining, by the computer-based system, a likelihood a claimed identity is an owner of the account by converting the aggregation of positive weights and negative weights to a probability score;
  
  facilitating, by the computer-based system, periodic confirmation of ownership information from the user;
  
  maintaining and modifying, by the computer-based system and based on the aggregated positive weights and negative weights, information relating to the identity; and
  
  allowing or denying, by the computer-based system and using the likelihood along with a hierarchal scheme of registration, access to the user of different systems associated with the account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Gibbons, Stephen P., Steitz, Philip W., Glazer, Elliott, Shelby, James, Bishop, Fred, Armes, David, Barrett, Michael Richard
Primary Examiner(s)
Truong, Cam Y T

Application Number

US12/692,817
Publication Number

US 20100121882A1
Time in Patent Office

582 Days
Field of Search

None
US Class Current

707/783
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 40/00   Finance; Insurance; Tax str...

Y10S 707/99931   Database or file accessing

Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for implementing and managing an enterprise identity management for distributed security in a computer system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links