Single universal authentication system for internet services
First Claim
1. A process for an authentication and form-filling system that is transparent to users in a computer environment, comprising the steps of:
- providing a trusted server;
receiving an authentication token from a third party site;
the trusted server authenticating said third party site as a partner site; and
the trusted server filling in user registration forms from said third party site with a user'"'"'s information if said third party site is a partner;
providing a user database;
wherein said user database contains user personal information;
wherein said form filling step looks up the user'"'"'s information from said user database;
wherein said user database contains user filter preferences, said filter preferences defining what user information is allowed to be released and under the conditions of any release of information;
wherein said form filling step uses the user'"'"'s filter preferences from said user database to determine what information is entered into said third party'"'"'s form; and
wherein said form filling step fills in information that the user has deemed to be a low security risk if said third party is not a partner.
10 Assignments
0 Petitions
Accused Products
Abstract
A single universal authentication system for Internet services provides a trusted server that is activated when a user clicks on the login or helper button on a third party'"'"'s site, which submits a request to the trusted server. The client properly identifies itself to the trusted server through pre-authorization techniques such as cookies, logging on, or going through the AOL service wherein the service knows the user'"'"'s identity. The trusted server sends a user/site specific authentication token to the third party, initiating the authentication process with the third party which checks to see that the authentication token is valid and sends its own authentication token back to the trusted server. The trusted server verifies from its partner database that the third party'"'"'s authentication token is valid. If it is valid, then the trusted server fills in the third party'"'"'s form using the information from the user database and filtering the information through a filter that contains the user preferences concerning his personal information and then returns the form to the third party. The trusted server can fill in fields of a form from an unknown third party that the user feels are not threats to his security. The user is then queried as to whether the information can be released. The filter tells the system which information that the user feels is a low security threat.
21 Citations
36 Claims
-
1. A process for an authentication and form-filling system that is transparent to users in a computer environment, comprising the steps of:
-
providing a trusted server; receiving an authentication token from a third party site; the trusted server authenticating said third party site as a partner site; and the trusted server filling in user registration forms from said third party site with a user'"'"'s information if said third party site is a partner; providing a user database; wherein said user database contains user personal information; wherein said form filling step looks up the user'"'"'s information from said user database; wherein said user database contains user filter preferences, said filter preferences defining what user information is allowed to be released and under the conditions of any release of information; wherein said form filling step uses the user'"'"'s filter preferences from said user database to determine what information is entered into said third party'"'"'s form; and wherein said form filling step fills in information that the user has deemed to be a low security risk if said third party is not a partner. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for an authentication and form-filling system that is transparent to users in a computer environment, comprising the steps of:
-
providing a trusted server; receiving an authentication token from a third party site; authenticating said third party site as a partner site; and the trusted server filling in user registration forms from said third party site with a user'"'"'s information if said third party site is a partner; providing a user database, wherein said user database contains user personal information; wherein said form filling step looks up the user'"'"'s information from said user database; wherein said user database contains user filter preferences, said filter preferences defining what user information is allowed to be released and under the conditions of any release of information; wherein said form filling step uses the user'"'"'s filter preferences from said user database to determine what information is entered into said third party'"'"'s form; wherein said form filling step fills in information that the user has deemed to be a low security risk if said third party is not a partner. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A process for an authentication and form-filling system that is transparent to users in a computer environment, comprising the steps of:
-
providing a trusted server; receiving an authentication token from a third party site; the trusted server authenticating said third party site as a partner site; the trusted server filling in user registration forms from said third party site with a user'"'"'s information if said third party site is a partner; and sending said user registration forms to the user; wherein the user approves a registration form before forwarding said registration form to said third party. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for an authentication and form-filling system that is transparent to users in a computer environment, comprising the steps of:
-
providing a trusted server; receiving an authentication token from a third party site; authenticating said third party site as a partner site; and the trusted server filling in user registration forms from said third party site with a user'"'"'s information if said third party site is a partner; sending said user registration forms to the user; and wherein the user approves a registration form before forwarding said registration form to said third party. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification