User privacy framework

US 8,621,554 B1
Filed: 05/01/2009
Issued: 12/31/2013
Est. Priority Date: 05/01/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for implementing a policy for disclosing information of a first user to a second user, the method comprising:

providing, by a server, a user interface to the first user to create and manage the policy for determining if the second user is allowed access to the information of the first user;

anticipating, by the server, the policy desired by the first user based on location information of the first user for which the policy is created;

based on the anticipation, suggesting, by the server, a policy template;

receiving, at the server, the policy created by the first user,wherein the policy comprises a privacy level and a first rule created by the first user using the user interface,wherein the first rule comprises a condition, andwherein the condition comprises one or more dimensions selected from a plurality of dimensions associated with the second user;

storing the first rule and the privacy level in a rules database;

receiving a request by an application of the second user to view the information of the first user;

evaluating the first rule and the privacy level from the rules database against the request by the application of the second user; and

based on the evaluating, allowing access by the second user to view the information of the first user if the request satisfies the condition of the first rule and the privacy level.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer program product has a computer-readable storage medium having computer program instructions embodied therein for performing a method for implementing a privacy policy for a user. The method may include the user developing rules that determine whether another user (requester) can access information related to the user. The rules may be stored in a database coupled to a server and evaluated when a request is received from the requester to access the information. If a rule is satisfied by the requester, the server can return the information to the requester. The information can be returned at a level of granularity specified by the user in the satisfied rule. A privacy level can be set by the user to allow access to requesters based on the rules or to deny access to any requesters.

25 Citations

View as Search Results

71 Claims

1. A computer-implemented method for implementing a policy for disclosing information of a first user to a second user, the method comprising:
- providing, by a server, a user interface to the first user to create and manage the policy for determining if the second user is allowed access to the information of the first user;
  
  anticipating, by the server, the policy desired by the first user based on location information of the first user for which the policy is created;
  
  based on the anticipation, suggesting, by the server, a policy template;
  
  receiving, at the server, the policy created by the first user,wherein the policy comprises a privacy level and a first rule created by the first user using the user interface,wherein the first rule comprises a condition, andwherein the condition comprises one or more dimensions selected from a plurality of dimensions associated with the second user;
  
  storing the first rule and the privacy level in a rules database;
  
  receiving a request by an application of the second user to view the information of the first user;
  
  evaluating the first rule and the privacy level from the rules database against the request by the application of the second user; and
  
  based on the evaluating, allowing access by the second user to view the information of the first user if the request satisfies the condition of the first rule and the privacy level.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 60, 61, 62, 63, 64, 65, 66, 67, 68)
- - 2. The method according to claim 1, wherein the first rule comprises a first level of resolution selected from a plurality of levels of resolution.
  - 3. The method according to claim 2, wherein the first level of resolution comprises a type of information disclosure if the condition is satisfied.
  - 4. The method of claim 1, further comprising:
    - receiving a modification to the first rule; and
      
      storing the modified first rule in the rules database.
  - 5. The method according to claim 1, further comprising selecting the privacy level from a privacy level group comprising a first level allowing no access to view the information of the first user even if the request satisfies the condition of the first rule and a second level allowing access to view the information of the first user based on the evaluation of the condition of the first rule.
  - 6. The method according to claim 5, wherein the privacy level group further comprises a third level allowing only the first user to access the information of the first user.
  - 7. The method according to claim 5, further comprising:
    - receiving a modification to the privacy level; and
      
      storing the modified privacy level in the rules database.
  - 8. The method according to claim 1, further comprising:
    - receiving at the server a second rule from the first user;
      
      storing the second rule in the rules database;
      
      wherein the second rule comprises another condition;
      
      evaluating the second rule from the rules database to determine if the other condition is satisfied; and
      
      based on the evaluation of the first rule and the second rule, allowing access to view the information of the first user if the second user satisfies the condition of the first rule or the other condition of the second rule.
  - 9. The method according to claim 8, wherein the access to view the information of the first user is based on the intersection of the first rule and the second rule.
  - 10. The method according to claim 8, further comprising:
    - determining if the first rule comprises the other condition;
      
      based on the determining, indexing the first rule and the second rule; and
      
      evaluating either the first rule or the second rule.
  - 11. The method according to claim 8, wherein the second rule comprises a second level of resolution.
  - 12. The method according to claim 11, wherein the second level of resolution comprises a type of location disclosure if the second condition is satisfied.
  - 13. The method according to claim 12, wherein the first level of resolution and the second level of resolution are selected from the group consisting of:
    - a city, a city block, a campus, a building, and no permission.
  - 14. The method according to claim 1, wherein the information of the first user is selected from the group consisting of:
    - a location of employment, a location of residence, a city, a state, and a building.
  - 15. The method according to claim 1, further comprising:
    - storing a system rule in the rules database,wherein the system rule comprises a condition associated with the system rule and a level of resolution associated with the system rule,wherein the system rule is collectively applicable to a plurality of users;
      
      evaluating the system rule to determine if the condition associated with the system rule is satisfied; and
      
      based on the evaluating of the first rule and the system rule, allowing access to view the information of the first user,wherein the system rule is evaluated when a request for information is received for each of the plurality of users.
  - 16. The method according to claim 1, wherein the suggested policy template comprises the first rule having the condition.
  - 17. The method according to claim 1, wherein the first user selects the one or more dimensions from the plurality of dimensions and an element corresponding to each of the one or more dimensions.
  - 18. The method according to claim 1, wherein the application is executing on a computer system that is not associated with the server.
  - 60. The method of claim 1, further comprising receiving the location information of the first user, at the server, from a mobile computing device associated with the first user.
  - 61. The method of claim 1, wherein evaluating the first rule and the privacy level against the request by the application of the second user comprises:
    - evaluating the request against the privacy level; and
      
      based on the privacy level, evaluating the request against the first rule created by the first user,wherein evaluating the request against the first rule created by the first user comprises evaluating the request against the dimension of the condition associated with the first rule.
  - 62. The method of claim 61, wherein the dimension comprises the location information of the first user.
  - 63. The method of claim 61, wherein the dimension comprises a time of request by the second user.
  - 64. The method of claim 61, wherein the dimension comprises an identity of the second user.
  - 65. The method of claim 61, wherein the dimension comprises an application used by the second user.
  - 66. The method of claim 1, further comprising:
    - providing, by the server, a plurality of selectable options comprising at least one of the condition, the rule, the element, the dimension, and the privacy level in the user interface to create the policy.
  - 67. The method of claim 1, further comprising providing, by the server, editing features in the user interface to edit the suggested privacy template to create the policy.
  - 68. The method of claim 66, further comprising choosing at least one of the selectable options to create the policy.

19. A system for implementing a privacy policy, the system comprising:
- a first data storage unit for storing one or more policies,wherein each policy of the one or more policies comprise a privacy level and one or more rules,wherein each rule of the one or more rules each comprises a condition,wherein the condition comprises one or more dimensions selected from a plurality of dimensions, andwherein the condition comprises one or more elements associated with the one or more dimensions selected from a plurality of elements;
  
  a second data storage unit for storing information of a user; and
  
  an authorization server coupled to at least one of the first data storage unit and the second data storage unit and configured to receive a request from a requester for viewing the information of the user and for returning the information of the user if one or more policies are satisfied,wherein the authorization server comprises a processor for evaluating the one or more policies against the request,wherein the authorization server is configured to provide a user interface for allowing the user to develop the one or more policies by providing a plurality of conditions, dimensions, elements and privacy levels for selection by the user and for allowing the user to add, modify, or delete the one or more policies,wherein the authorization server is configured to anticipate the policy desired by the user based on location information of the first user for which the policy is created,wherein the authorization server is configured to suggest a policy template, andwherein the authorization server is configured to receive the policy created by the first user.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 69)
- - 20. The system according to claim 19, wherein the one or more rules specify a level of resolution selected from a plurality of levels of resolution, wherein the information of the user is returned to the requester at a level of resolution specified in the one or more rules.
  - 21. The system according to claim 20, wherein the authorization server provides the plurality of levels of resolutions for selection by the user in the user interface.
  - 22. The system according to claim 19, wherein the authorization server provides the plurality of dimensions for selection by the user in the user interface.
  - 23. The system according to claim 19, wherein the authorization server provides a plurality of elements for selection by the user in the user interface, the plurality of elements corresponding to each of the one or more dimensions.
  - 24. The system according to claim 19, wherein the user interface further comprises one or more policy templates.
  - 25. The system according to claim 19, further comprising a third data storage unit coupled to the authorization server for storing the privacy level for determining if the requester is allowed access to the information of the user.
  - 26. The system according to claim 25, wherein the privacy level comprises a first level allowing no access to view the information of the user or a second level allowing access if any of the one or more rules are satisfied.
  - 27. The system according to claim 26, wherein the privacy level comprises a third level allowing only the user to access the information of the user.
  - 28. The system according to claim 20, wherein the level of resolution of the returned information comprises the resolution at the intersection of the one or more rules.
  - 29. The system according to claim 19, wherein the processor evaluates the one or more rules simultaneously.
  - 30. The system according to claim 19, wherein the processor evaluates the one or more rules sequentially.
  - 31. The system according to claim 19, further comprising an index for indexing the one or more rules based on the condition of each of the one or more rules.
  - 32. The system according to claim 19, wherein the one or more dimensions are selected from the group consisting of:
    - an identity of the requester;
      
      a time of the request by the requester;
      
      andan application used by the requester.
  - 33. The system according to claim 19, wherein the information of the user is selected from the group consisting of:
    - a location of employment, a location of residence, a city, a state, and a building.
  - 34. The system according to claim 20, wherein the level of resolution is selected from the group consisting of:
    - a city, a city block, a campus, a building, and no permission.
  - 35. The system according to claim 19, wherein each of the one or more rules comprises the application used by the requester and an additional dimension selected from the group consisting of the identity of the requester, and the time of the request.
  - 36. The system according to claim 19, wherein each of the one or more rules comprises a dimension selected from the group consisting of the identity of the requester, the time of the request, and the location information of the user.
  - 37. The system according to claim 19, further comprising:
    - a fourth data storage unit coupled to the authorization server for storing one or more system rules;
      
      wherein each of the one or more system rules comprises a condition and a level of resolution associated with the system rule; and
      
      wherein the authorization server processor evaluates each of the one or more system rules when a request is received for each of a plurality of users.
  - 38. The system according to claim 19, wherein the authorization server further comprises a communications module for receiving the request from a computer system not associated with the authorization server.
  - 69. The system according to claim 19, further comprising receiving the location information of the user, at the server, from a mobile computing device of the user.

39. A non-transitory computer readable storage medium having computer readable program code embodied therein for implementing a policy for a first user, the computer readable program code representing instructions to cause a processor to perform operations comprising:
- providing a user interface for allowing the first user to create and manage a condition of a first rule and a privacy level for determining if a second user is allowed access to information of the first user, wherein the condition comprises one or more dimensions selected from a plurality of dimensions; and
  
  anticipating the policy desired by the first user based on location information of the first user for which the policy is created;
  
  suggesting a policy template from a plurality of policy templates based on the anticipation, wherein the suggested policy template is displayed in the user interface;
  
  receiving the first rule and the privacy level;
  
  storing the first rule and the privacy level;
  
  evaluating the first rule and the privacy level against a request from the second user upon receiving the request, wherein the request by the second user is to access the information of the first user; and
  
  permitting access to the second user if the second user satisfies the at least one of the condition of the first rule and the privacy level.
- View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 70, 71)
- - 40. The non-transitory computer readable storage medium according to claim 39, wherein the first rule comprises a level of resolution selected from a plurality of levels of resolution.
  - 41. The non-transitory computer readable storage medium according to claim 40, wherein the level of resolution comprises a type of information disclosure if the condition is satisfied.
  - 42. The non-transitory computer readable storage medium according to claim 39, further comprising computer readable program code for receiving a modification to the first rule.
  - 43. The non-transitory computer readable storage medium according to claim 39, further comprising computer readable program code for establishing the privacy level comprising a first level allowing no access to view the first user'"'"'s location and a second level allowing access based on the first rule.
  - 44. The non-transitory computer readable storage medium according to claim 43, further comprising computer readable program code for receiving a modification to the privacy level.
  - 45. The non-transitory computer readable storage medium according to claim 43, wherein the privacy level is selected from the group consisting of:
    - the first level allowing no access to view the first user'"'"'s information, the second level allowing access based on the first rule, and a third level allowing access only to the first user.
  - 46. The non-transitory computer readable storage medium according to claim 39, further comprising computer readable program code for receiving a second rule associated with allowing the second user to access the information of the first user and a second level of resolution;
    - wherein the second rule comprises a second condition selected from the group consisting of;
      
      an identity of the second user;
      
      a time of the request by the second user;
      
      a location of the first user; and
      
      an application used by the second user;
      
      wherein the access to the second user is denied unless the second user satisfies the second condition;
      
      computer readable program code for storing the second rule;
      
      computer readable program code for evaluating the first rule and evaluating the second rule upon receiving a request to access the location of the first user; and
      
      computer readable program code for permitting access to the second user if the second user satisfies the first condition of the first rule or the second condition of the second rule.
  - 47. The non-transitory computer readable storage medium according to claim 46, wherein the access to view the information of the first user is at the intersection of the first rule and the second rule.
  - 48. The non-transitory computer readable storage medium according to claim 46, wherein evaluating the first rule and evaluating the second rule are performed simultaneously.
  - 49. The non-transitory computer readable storage medium according to claim 46, wherein evaluating the first rule and evaluating the second rule are performed sequentially.
  - 50. The non-transitory computer readable storage medium according to claim 46, further comprising:
    - computer readable code for determining if the first rule comprises the second condition;
      
      computer readable code for indexing the first rule and the second rule based on the determination; and
      
      computer readable code for evaluating only the first rule or the second rule.
  - 51. The non-transitory computer readable storage medium according to claim 39, wherein the one or more dimensions are selected from the group consisting of:
    - an identity of the second user;
      
      a time of the request by the second user;
      
      andan application used by the second user.
  - 52. The non-transitory computer readable storage medium according to claim 40, wherein the level of resolution is selected from the group consisting of:
    - a city, a city block, a campus, a building, and no permission.
  - 53. The non-transitory computer readable storage medium according to claim 39, wherein the first rule comprises the application used by the second user and an additional dimension selected from the group consisting of:
    - the identity of the second user; and
      
      the time of the request by the second user.
  - 54. The non-transitory computer readable storage medium according to claim 39, wherein the first rule comprises a dimension selected from the group consisting of:
    - the identity of the second user; and
      
      the time of the request by the second user.
  - 55. The non-transitory computer readable storage medium according to claim 39, further comprising:
    - computer readable program code for storing a system rule comprising a condition and a level of resolution;
      
      computer readable program code for evaluating the first rule and evaluating the system rule upon receiving a request to access the location information of the first user; and
      
      computer readable program code for permitting access to the second user if the second user satisfies the condition of the first rule or the condition of the system rule.
  - 56. The non-transitory computer readable storage medium according to claim 39, wherein the user interface further comprises one or more policy templates.
  - 57. The non-transitory computer readable storage medium according to claim 39, wherein the user interface further comprises a selectable list of the plurality of dimensions.
  - 58. The non-transitory computer readable storage medium according to claim 39, wherein the user interface further comprises a selectable list of the plurality of elements, each of the plurality of elements corresponding to each of the one or more dimensions.
  - 59. The non-transitory computer readable storage medium according to claim 40, wherein the user interface further comprises a selectable list of the plurality of levels of resolution.
  - 70. The non-transitory computer readable storage medium according to claim 39, further comprising receiving the location information of the first user, at the server, from a mobile computing device of the first user.
  - 71. The non-transitory computer readable storage medium according to claim 39, further comprising a computer readable program code configured to provide the first user a feature to at least add, delete and edit the plurality of selectable options provided in the user interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Chu, Michael, Tam, Chung-Man, Lee, Steve, Jain, Ravi, Yu, Yan, Tsao, Tu, Lambert, Christopher
Primary Examiner(s)
Shaw, Yin-Chen
Assistant Examiner(s)
OLION, BRIAN L

Application Number

US12/434,285
Time in Patent Office

1,705 Days
Field of Search

None
US Class Current

726/1
CPC Class Codes

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

H04L 67/00   Network arrangements or pro...

H04L 67/01   Protocols

H04W 4/21   for social networking appli...

User privacy framework

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

71 Claims

Specification

Solutions

Use Cases

Quick Links

User privacy framework

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

71 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links