System and method for establishing and monetizing trusted identities in cyberspace with personal data service and user console
First Claim
1. A method providing access to end user-asserted attributes, the method comprising:
- receiving, by an attribute exchange network (AXN) device, a first credential asserted by an end-user to one or more relying parties (RPs);
requesting, by the AXN device, a first location of a first encrypted token associated with the asserted first credential from a database;
acquiring, by the AXN device, the first encrypted token associated with the asserted first credential from the first location;
acquiring, by the AXN device, from the first encrypted token a first set of attributes of the end user, wherein the first set of attributes includes verified attributes and further identifies permissions granted by the end user to the one or more RPs to view attributes selected from the first set of attributes; and
populating, by the AXN device, a web page with the first set of attributes and the permissions granted for each of the one or more RPs to view attributes selected from the first set of attributes.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for establishing and monetizing trusted identities in cyberspace relying upon user opt in. Users request to attain secure IDs for accessing parties that will rely on secure IDs to complete a transaction, for example merchants and service providers (relying parties). The relying parties (RPs) communicate with identity service providers and attribute providers via an Attribute Exchange Network (AXN) in order to obtain verified attributes associated with an entity (end user or user) that wishes to conduct business with the relying party. The relying party makes requests for verified attributes that are important to consummating business transactions for the relying party. Users are informed of requests for attributes on behalf of relying parties and users have the option to verify attributes, and add new attributes that may be useful or required for conducting business with relying parties.
-
Citations
9 Claims
-
1. A method providing access to end user-asserted attributes, the method comprising:
-
receiving, by an attribute exchange network (AXN) device, a first credential asserted by an end-user to one or more relying parties (RPs); requesting, by the AXN device, a first location of a first encrypted token associated with the asserted first credential from a database; acquiring, by the AXN device, the first encrypted token associated with the asserted first credential from the first location; acquiring, by the AXN device, from the first encrypted token a first set of attributes of the end user, wherein the first set of attributes includes verified attributes and further identifies permissions granted by the end user to the one or more RPs to view attributes selected from the first set of attributes; and populating, by the AXN device, a web page with the first set of attributes and the permissions granted for each of the one or more RPs to view attributes selected from the first set of attributes. - View Dependent Claims (2, 3)
-
-
4. An attribute exchange network (AXN) device, comprising:
-
a memory; and a processor coupled to the memory, wherein the processor is configured with processor-executable instructions to perform operations comprising; receiving a first credential asserted by an end-user to one or more relying parties (RPs); requesting from a database a first location of a first encrypted token associated with the asserted first credential; acquiring the first encrypted token associated with the asserted first credential from the first location; acquiring from the first encrypted token a first set of attributes of the end user, wherein the first set of attributes includes verified attributes and further identifies permissions granted by the end user to the one or more RPs to view attributes selected from the first set of attributes; and populating a web page with the first set of attributes and the permissions granted for each of the one or more RPs to view attributes selected from the first set of attributes. - View Dependent Claims (5, 6, 8, 9)
-
-
7. A non-transitory computer readable storage medium having stored thereon processor-executable software instructions configured to cause a processor in an attribute exchange network (AXN) device to perform operations comprising:
-
receiving a first credential asserted by an end-user to one or more relying parties (RPs); requesting from a database a first location of a first encrypted token associated with the asserted first credential; acquiring the first encrypted token associated with the asserted first credential from the first location; acquiring from the first encrypted token a first set of attributes of the end user, wherein the first set of attributes includes verified attributes and further identifies permissions granted by the end user to the one or more RPs to view attributes selected from the first set of attributes; and populating a web page with the first set of attributes and the permissions granted for each of the one or more RPs to view attributes selected from the first set of attributes.
-
Specification