User-directed privacy control in a user-centric identity management system

US 8,793,757 B2
Filed: 05/27/2009
Issued: 07/29/2014
Est. Priority Date: 05/27/2008
Status: Active Grant

First Claim

Patent Images

1. In an environment including at least one service provider each associated with a respective privacy policy, a system comprising:

at least one hardware processor programmed to provide an identity manager programmed to manage a plurality of user identities of an individual user, the plurality of user identities pertaining to the individual user and describing different sets of personal information of the individual user, and to select one or more of the user identities of the user that satisfy a set of identity requirements of a security policy obtained from the environment;

a plurality of privacy preferences relative to at least one user identity of the plurality of user identities of the user;

a privacy engine operatively associated with the plurality of privacy preferences, the privacy engine programmed to evaluate one or more privacy preferences of the one or more selected user identities of the user against a privacy policy obtained from the environment to determine which of the selected user identities satisfy the at least one privacy preference, the privacy engine further programmed to present the evaluation of the selected user identities to the user; and

a policy editor programmed to process a privacy policy from the environment, generate a reduced version thereof, and supply the reduced privacy policy as the privacy policy used by the privacy engine in performing the evaluation.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An identity management system incorporates privacy management processes that enable the user to exercise privacy controls over the disclosure of user identity information within the context of an authentication process. A combination includes an identity selector, a privacy engine, and a ruleset. The identity selector directs the release of a user identity in the form of a security token to satisfy the requirements dictated by a security policy. Prior to release of the user identity, the engine conducts a privacy enforcement process that examines the privacy policy of the service provider and determines if it is acceptable. The engine evaluates a ruleset against the privacy policy. A preference editor enables the user to construct, in advance, the ruleset, which embodies the user'"'"'s privacy preferences regarding the disclosure of identity information. Based on the evaluation results, the user can either approve or disapprove the privacy policy, and so decide whether to proceed with disclosure of the user identity.

Citations

18 Claims

1. In an environment including at least one service provider each associated with a respective privacy policy, a system comprising:
- at least one hardware processor programmed to provide an identity manager programmed to manage a plurality of user identities of an individual user, the plurality of user identities pertaining to the individual user and describing different sets of personal information of the individual user, and to select one or more of the user identities of the user that satisfy a set of identity requirements of a security policy obtained from the environment;
  
  a plurality of privacy preferences relative to at least one user identity of the plurality of user identities of the user;
  
  a privacy engine operatively associated with the plurality of privacy preferences, the privacy engine programmed to evaluate one or more privacy preferences of the one or more selected user identities of the user against a privacy policy obtained from the environment to determine which of the selected user identities satisfy the at least one privacy preference, the privacy engine further programmed to present the evaluation of the selected user identities to the user; and
  
  a policy editor programmed to process a privacy policy from the environment, generate a reduced version thereof, and supply the reduced privacy policy as the privacy policy used by the privacy engine in performing the evaluation.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the privacy engine is programmed to:
    - (1) receive an indication specifying at least one user identity that satisfies requirements of the security policy, (2) obtain the privacy preference for each specified user identity, and (3) use at least one obtained privacy preference in the evaluation operation.
  - 3. The system of claim 1, further comprises:
    - a privacy editor programmed to provide at least one categorized group of user identity attributes, and to determine a privacy preference for each category.
  - 4. The system of claim 3, further comprises:
    - the identity manager is programmed to receive from the service provider environment the security policy having requirements specifying required attributes; and
      
      the privacy engine is programmed to identify at least one category referencing the required attributes, and for using the privacy preference of at least one identified category in the evaluation operation.
  - 5. The system of claim 1, further comprises:
    - the plurality of user identities includes at least one information card.
  - 6. The system of claim 5, further comprises:
    - the identity manager is programmed to receive from the service provider environment the security policy, and for determining whether the at least one information card satisfy the security policy requirements; and
      
      the privacy engine is programmed to use, in the evaluation operation, the privacy preference of the at least one information card determined to satisfy the security policy requirements.
  - 7. The system of claim 1, wherein the privacy engine is programmed to receive from the identity manager an indication of at least one user identity, and to conduct the evaluation using at least one privacy preference of any user identity specified in the indication.

8. In an environment including at least one service provider each associated with a respective privacy policy, a method, comprising:
- managing a plurality of user identities of an individual user, the plurality of user identities pertaining to the individual user and describing different sets of personal information of the individual user, by an identity manager programmed to manage the plurality of user identities of the user including selecting one or more of the user identities of the user that satisfy a set of identity requirements of a security policy obtained from the environment;
  
  providing a plurality of privacy preferences relative to at least one user identity;
  
  evaluating, by a privacy engine, one or more privacy preferences of the one or more selected user identities of the user against a privacy policy obtained from the environment to determine which of the selected user identities satisfy the at least one privacy preference;
  
  presenting the evaluation of the selected user identities to the user; and
  
  processing, by a policy editor, a privacy policy from the environment, generating a reduced version thereof, and supplying the reduced privacy policy as the privacy policy used by the privacy engine in performing the evaluation.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, further comprises:
    - receiving from the environment the security policy having requirements;
      
      processing the security policy to determine whether any of the user identities satisfies the security policy requirements; and
      
      the evaluating further includes using the privacy preference of any user identity determined to satisfy the security policy requirements.
  - 10. The method of claim 8, further comprises:
    - providing at least one categorized group of user identity attributes; and
      
      determining a privacy preference for each category.
  - 11. The method of claim 10, further comprises:
    - receiving from the environment the security policy having requirements specifying required attributes;
      
      identifying at least one category referencing the required attributes; and
      
      the evaluating further includes using the privacy preference of at least one identified category in the evaluation operation.
  - 12. The method of claim 9, further comprises:
    - the providing further includes providing at least one information card.
  - 13. The method of claim 12, further comprises:
    - receiving from the environment the security policy;
      
      processing the security policy to determine whether the at least one information card satisfy the security policy requirements; and
      
      the evaluating further includes using the privacy preference of the at least information card determined to satisfy the security policy requirements.
  - 14. The method of claim 8, further comprises:
    - obtaining an indication of at least one user identity; and
      
      the evaluating further includes using at least one privacy preference of any user identity specified in the indication.

15. In an environment including at least one service provider each associated with a respective privacy policy, a non-transitory computer-readable medium having computer-executable instructions for execution by a processor, that, when executed, cause the processor to:
- manage a plurality of user identities of an individual user, the plurality of user identities pertaining to the individual user and describing different sets of personal information of the individual user, and to select one or more of the user identities of the user that satisfy a set of identity requirements of a security policy obtained from the environment;
  
  provide a plurality of privacy preferences relative to at least one user identity of the plurality of user identities of the user;
  
  evaluate one or more privacy preferences of the one or more selected user identities of the user against a privacy policy obtained from the environment to determine which of the selected user identities satisfy the at least one privacy preference;
  
  present the evaluation of the selected user identities to the user; and
  
  process, by a policy editor, a privacy policy from the environment, generate a reduced version thereof, and supply the reduced privacy policy as the privacy policy used by the privacy engine in performing the evaluation.
- View Dependent Claims (16, 17, 18)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the instructions further cause the processor to:
    - receive from the environment a security policy having requirements;
      
      process the security policy to determine whether any of the user identities satisfies the security policy requirements; and
      
      cause the evaluation operation to use the privacy preference of any user identity determined to satisfy the security policy requirements.
  - 17. The non-transitory computer-readable medium of claim 15, wherein the instructions further cause the processor to:
    - provide at least one categorized group of user identity attributes;
      
      determine a privacy preference for each category;
      
      receive from the environment a security policy having requirements specifying required attributes;
      
      identify at least one category referencing the required attributes; and
      
      cause the evaluation operation to use the privacy preference of at least one identified category.
  - 18. The non-transitory computer-readable medium of claim 15, wherein the instructions further cause the processor to:
    - provide at least one information card;
      
      receive from the environment a security policy having requirements;
      
      process the security policy to determine whether the at least information card satisfy the security policy requirements; and
      
      cause the evaluation operation to use the privacy preference of the at least one information card determined to satisfy the security policy requirements.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
Open Invention Network LLC
Inventors
Ahn, Gail-Joon
Primary Examiner(s)
Gelagay, Shewaye

Application Number

US12/472,505
Publication Number

US 20090300715A1
Time in Patent Office

1,889 Days
Field of Search

None
US Class Current

726/1
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/604   Tools and structures for ma...

G06F 21/6245   Protecting personal data, e...

G06F 21/6263   during internet communicati...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 67/01   Protocols

User-directed privacy control in a user-centric identity management system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

User-directed privacy control in a user-centric identity management system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links