Auditable privacy policies in a distributed hierarchical identity management system
First Claim
Patent Images
1. A method of obtaining user information, the method comprising:
- receiving, at a server through a data network from a device associated with a user, a request for access to a service;
transmitting, from the server through the data network to the device associated with the user, a request for the user information;
receiving, at the server through the data network from the device associated with the user, a location identifier associated with a network location where the user information can be obtained;
providing, from the server through the data network to the device associated with the user, a communication including a session identifier and a link to the network location where the user information can be obtained;
receiving, at the server through the data network from the device associated with the user, the user information and the session identifier;
correlating, at the server, based on the session identifier, the user information to the request for the user information; and
fulfilling, by the server, based on the received user information, the request for access to the service.
5 Assignments
0 Petitions
Accused Products
Abstract
A set of methods, and systems, for enabling the audit tracking of user agreement with policies, such as privacy policies in an authenticated fashion is disclosed herein. The method and system make use of third party signatures of privacy policies to show user approval of the policy as it pertains to released data.
-
Citations
20 Claims
-
1. A method of obtaining user information, the method comprising:
-
receiving, at a server through a data network from a device associated with a user, a request for access to a service; transmitting, from the server through the data network to the device associated with the user, a request for the user information; receiving, at the server through the data network from the device associated with the user, a location identifier associated with a network location where the user information can be obtained; providing, from the server through the data network to the device associated with the user, a communication including a session identifier and a link to the network location where the user information can be obtained; receiving, at the server through the data network from the device associated with the user, the user information and the session identifier; correlating, at the server, based on the session identifier, the user information to the request for the user information; and fulfilling, by the server, based on the received user information, the request for access to the service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A storage medium, comprising hardware and/or a memory, storing instructions that, when executed by a computing system, cause the computing system to perform operations for obtaining user information, the operations comprising:
-
receiving, at a server through a data network from a device associated with a user, a request for access to a service; transmitting, from the server through the data network to the device associated with the user, a request for the user information; receiving, at the server through the data network from the device associated with the user, a location identifier associated with a network location where the user information can be obtained; providing, from the server through the data network to the device associated with the user, a communication including a session identifier and a link to the network location where the user information can be obtained; receiving, at the server through the data network from the device associated with the user, the user information and the session identifier; correlating, at the server, based on the session identifier, the user information to the request for the user information; and fulfilling, by the server, based on the received user information, the request for access to the service. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for obtaining user information, the system comprising:
-
one or more processors; and a memory storing executable instructions that, when executed by the one or more processors, cause the one or more processors to perform operations for obtaining user information, the operations comprising; receiving, at a server through a data network from a device associated with a user, a request for access to a service; transmitting, from the server through the data network to the device associated with the user, a request for the user information; receiving, at the server through the data network from the device associated with the user, a location identifier associated with a network location where the user information can be obtained; providing, from the server through the data network to the device associated with the user, a communication including a session identifier and a link to the network location where the user information can be obtained; receiving, at the server through the data network from the device associated with the user, the user information and the session identifier; correlating, at the server, based on the session identifier, the user information to the request for the user information; and fulfilling, by the server, based on the received user information, the request for access to the service. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification