Platform identity architecture with a temporary pseudonymous identity
First Claim
1. A platform identity client (PIC) device comprising:
- a network interface; and
one or more hardware and/or software logic elements comprising a platform identity client engine operable for;
detecting via the network interface an available network service provided by an operator of a venue;
generating a temporary pseudonymous identity (TPI) comprising direct anonymous attestation to the network service provided by the operator of the venue;
sending the TPI to the available network service via the network interface;
accessing the available network service; and
receiving from the operator of the venue an advertisement or promotion for a good or service provided by the venue, wherein the advertising and promotion is directed to a user of the PIC device temporarily uniquely identified by the TPI, and wherein the TPI is dissociated from personally identifying information about the user.
10 Assignments
0 Petitions
Accused Products
Abstract
In an example, a client-server platform identity architecture is disclosed. The platform identity architecture may be used to enable a venue operator to provide online services and to collect telemetry data and metrics while giving end users greater control over privacy. When entering a compatible venue, the user'"'"'s device generates a signed temporary pseudonymous identity (TPI) in secure hardware or software. Any telemetry uploaded to the venue server includes the signature so that the server can verify that the data are valid. The TPI may have a built-in expiry. The venue server may thus receive useful tracking data during the term of the TPI, while the user is assured that the data are not kept permanently or correlated to personally-identifying information.
-
Citations
23 Claims
-
1. A platform identity client (PIC) device comprising:
-
a network interface; and one or more hardware and/or software logic elements comprising a platform identity client engine operable for; detecting via the network interface an available network service provided by an operator of a venue; generating a temporary pseudonymous identity (TPI) comprising direct anonymous attestation to the network service provided by the operator of the venue; sending the TPI to the available network service via the network interface; accessing the available network service; and receiving from the operator of the venue an advertisement or promotion for a good or service provided by the venue, wherein the advertising and promotion is directed to a user of the PIC device temporarily uniquely identified by the TPI, and wherein the TPI is dissociated from personally identifying information about the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. One or more tangible, non-transitory computer-readable mediums having stored thereon instructions for instructing a processor for providing a platform identity client (PIC) engine operable for:
-
detecting via the network interface an available network service provided by an operator of a venue; generating a temporary pseudonymous identity (TPI), comprising direct anonymous attestation to the network service provided by the operator of the venue; sending the TPI to the available network service via the network interface; accessing the available network service; and receiving from the operator of the venue an advertisement or promotion for a good or service provided by the venue, wherein the advertising and promotion is directed to a user of the PIC device temporarily uniquely identified by the TPI, and wherein the TPI is dissociated from personally identifying information about the user. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A platform identity server comprising:
-
a network interface; and one or more logic elements comprising a platform identity server engine operable for; receiving a connection request from a platform identity client (PIC) over the network interface; negotiating a service policy with the PIC; receiving a temporary pseudonymous identity (TPI) from the PIC, the TPI temporarily uniquely identifying a user of the PIC while being dissociated from personally identifying information about the user; requesting telemetry data from the PIC; receiving telemetry data from the PIC, the telemetry data identifying attributes of the user; and based on the telemetry data, providing to the PIC a targeted advertisement or promotion for a good or service provided by an operator of the platform identity server. - View Dependent Claims (23)
-
Specification