Common location of user managed authorization

US 9,811,687 B2
Filed: 03/15/2013
Issued: 11/07/2017
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method for managing authorizations to access personal data of a user, the method comprising:

a computer retrieving, from a plurality of web based applications executing on at least one server data processing system, a set of authorizations authorizing the plurality of web based applications to access the personal data of the user, wherein an authorization of the set of authorizations authorizes an application of the plurality of web based applications to access and modify at least a portion of the personal data of the user;

presenting the set of authorizations on a graphical user interface, wherein each authorization of the set of authorizations has an expiration date; and

responsive to receiving a user input indicating a change to a particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications, storing, by the computer, the change to the particular authorization in the set of authorizations for the plurality of web based applications to access the personal data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for managing authorizations to access personal data of a user is disclosed. A computer retrieves a set of authorizations for a plurality of web based applications, wherein an authorization enables an application of the plurality of web based applications to access at least a portion of the personal data of the user. The computer presents the set of authorizations on a graphical user interface. The computer receives a user input indicating a change to a particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications. Responsive to receiving the user input indicating the change to the particular authorization in the set of authorizations, the computer then stores the change to the particular authorization in the set of authorizations for the plurality of web based applications to access the personal data.

22 Citations

View as Search Results

20 Claims

1. A method for managing authorizations to access personal data of a user, the method comprising:
- a computer retrieving, from a plurality of web based applications executing on at least one server data processing system, a set of authorizations authorizing the plurality of web based applications to access the personal data of the user, wherein an authorization of the set of authorizations authorizes an application of the plurality of web based applications to access and modify at least a portion of the personal data of the user;
  
  presenting the set of authorizations on a graphical user interface, wherein each authorization of the set of authorizations has an expiration date; and
  
  responsive to receiving a user input indicating a change to a particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications, storing, by the computer, the change to the particular authorization in the set of authorizations for the plurality of web based applications to access the personal data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein one of the plurality of web based applications is for a first web site and another of the plurality of web based applications is for a second web site, and further comprising:
    - generating, by the computer, a command for making the change to the particular authorization and sending, by the computer, the command to the particular web based application.
  - 3. The method of claim 1, wherein the personal data is maintained on the at least one server data processing system and a copy of the set of authorizations for the plurality of web based applications is maintained at the computer.
  - 4. The method of claim 3, wherein retrieving, by the computer, the set of authorizations from the plurality of web based applications comprises using an application programming interface to transfer a representation of a state of the set of authorizations from the web based applications.
  - 5. The method of claim 2, wherein sending, by the computer, the command to the particular web based application comprises using an application programming interface to make the change to the particular authorization by transferring a representation of the change to the particular web based application.
  - 6. The method of claim 1, wherein presenting the set of authorizations on the graphical user interface comprises:
    - generating, by the computer, the graphical user interface comprising a copy of the set of authorizations.
  - 7. The method of claim 6, wherein the graphical user interface further comprises options for arranging the set of authorizations in the graphical user interface by one or more of an expiration date for each authorization, a domain name of each web based application, and the portion of the personal data.
  - 8. The method of claim 6, wherein the graphical user interface further comprises options for selecting a portion of the set of authorizations in the graphical user interface by one or more of an expiration date for each authorization, a domain name of each web based application, and the portion of the personal data.
  - 9. The method of claim 8 wherein a command for making the change to the particular authorization is selected from one of a command to create the authorization in the web based application, a command to modify the authorization, and a command to delete the authorization, and wherein the change to the particular authorization in the set of authorizations for the particular web based application in the plurality of web based applications is based on the selected portion of the set of authorizations and the selected command.
  - 10. The method of claim 2, wherein the computer is a centralized authorization server, and wherein the particular web based application in the plurality of web based applications is another centralized authorization server.
  - 11. The method of claim 2 wherein the particular authorization corresponds to a previously assigned token for access to modifying the particular authorization, and wherein sending, by the computer, the command to the particular web based application further comprises:
    - sending the previously assigned token corresponding to the particular authorization.

12. An apparatus for managing authorizations to access personal data of a user, the apparatus comprising:
- a processor unit, a memory, and a computer readable storage device;
  
  first program instructions to retrieve, from a plurality of web based applications executing on at least one server data processing system, a set of authorizations authorizing the plurality of web based applications to access the personal data of the user, wherein an authorization of the set of authorizations authorizes an application of the plurality of web based applications to access and modify at least a portion of the personal data of the user;
  
  second program instructions to present the set of authorizations on a graphical user interface, wherein each authorization of the set of authorizations has an expiration date; and
  
  third program instructions to store a change to a particular authorization in the set of authorizations responsive to receiving a user input indicating the change to the particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications, wherein the first program instructions, the second program instructions, and the third program instructions are stored in the computer readable storage device for execution by the processor unit via the memory.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The apparatus of claim 12, wherein one of the plurality of web based applications is for a first web site and another of the plurality of web based applications is for a second web site, and further comprising:
    - fourth program instructions to generate a command for making the change to the particular authorization and send the command to the particular web based application, wherein the fourth program instructions are stored in the computer readable storage device for execution by the processor unit via the memory.
  - 14. The apparatus of claim 12, wherein the personal data is maintained on the at least one server data processing system and a copy of the set of authorizations for the plurality of web based applications is maintained at the computer.
  - 15. The apparatus of claim 14 wherein the first program instructions to retrieve the set of authorizations from the plurality of web based applications comprise program instructions to use an application programming interface to transfer a representation of a state of the set of authorizations from the web based applications, and wherein the program instructions to send the command to the particular web based application comprise program instructions to use the application programming interface to make the change to the particular authorization by transferring a representation of the change to the particular web based application.
  - 16. The apparatus of claim 13 wherein the particular authorization corresponds to a previously assigned token for access to modifying the particular authorization, and wherein the program instructions to send the command to the particular web based application further comprise program instructions to send the previously assigned token corresponding to the particular authorization.

17. A computer program product comprising:
- a computer readable storage device in a data processing system;
  
  a program system running on the data processing system for managing authorizations to access personal data of a user;
  
  program instructions, stored on the computer readable storage device, for retrieving, from a plurality of web based applications executing on at least one server data processing system, a set of authorizations authorizing the plurality of web based applications to access the personal data of the user, wherein an authorization of the set of authorizations authorizes an application of the plurality of web based applications to access and modify at least a portion of the personal data of the user;
  
  program instructions, stored on the computer readable storage device, for presenting the set of authorizations on a graphical user interface, wherein each authorization of the set of authorizations has an expiration date; and
  
  program instructions, stored on the computer readable storage device, responsive to receiving a user input indicating a change to a particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications, for storing the change to the particular authorization in the set of authorizations for the plurality of web based applications to access the personal data.
- View Dependent Claims (18, 19, 20)
- - 18. The computer program product of claim 17, wherein the program system comprises a plurality of programs and wherein one program in the program system running on the data processing system causes another program to be downloaded to the data processing system while managing the authorizations to access the personal data.
  - 19. The computer program product of claim 17, wherein the program instructions are downloaded over a network from a remote data processing system to the computer readable storage device in the data processing system.
  - 20. The computer program product of claim 19, wherein the computer readable storage device in the data processing system is a first computer readable storage device in a server data processing system, and wherein the program instructions are downloaded over the network to the remote data processing system for use in a second computer readable storage device in the remote data processing system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Flavin, Robert A., Robinson, David G., Smith, Andrew B.
Primary Examiner(s)
Dinh, Minh

Application Number

US13/838,609
Publication Number

US 20140283023A1
Time in Patent Office

1,698 Days
Field of Search

726 1, 726 21, 716 4
US Class Current
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 21/604   Tools and structures for ma...

G06F 21/6263   during internet communicati...

Common location of user managed authorization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Common location of user managed authorization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links