Online repository for personal information and access of information stored therein

US 9,864,877 B1
Filed: 12/20/2014
Issued: 01/09/2018
Est. Priority Date: 01/07/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for sharing a first party'"'"'s personal information with a second party authorized by the first party by transmitting the first party'"'"'s personal information from a server computer system operated by a service provider, said server computer system including a database, the method comprising the steps by the server computer system:

establishing an account for the first party;

assigning an identifier to the first party;

receiving the first party'"'"'s personal information, said first party'"'"'s personal information comprising at least one of a plurality of information objects;

associating at least one of a plurality of security levels with each information object at any granularity, thereby enabling access to individually selected portions of the first party'"'"'s personal information by individual receiving parties;

storing in the database the first party identifier, the information object and the security level assigned to the information object;

receiving a request, said request comprising at least the first party identifier;

in response to the request, selecting a first portion of the first party'"'"'s personal information objects that could be transmitted to a second party;

retrieving from the database the selected first portion of the first party'"'"'s personal information objects;

securely transmitting the retrieved first portion of the first party'"'"'s personal information objects to the second party;

obtaining a second party identifier;

if the second party is not authorized to receive the first portion of the first party'"'"'s personal information objects, recording the second party identifier;

rejecting the second party'"'"'s request for information; and

maintaining a record of unauthorized requests for information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first party'"'"'s personal information is stored in a secure online database with security levels associated at granular level. A second party'"'"'s request to access the first party'"'"'s personal information is verified and a portion of the first party'"'"'s personal information is sent to the second party based on the second party'"'"'s request meeting certain conditions or criteria.

Citations

20 Claims

1. A method for sharing a first party'"'"'s personal information with a second party authorized by the first party by transmitting the first party'"'"'s personal information from a server computer system operated by a service provider, said server computer system including a database, the method comprising the steps by the server computer system:
- establishing an account for the first party;
  
  assigning an identifier to the first party;
  
  receiving the first party'"'"'s personal information, said first party'"'"'s personal information comprising at least one of a plurality of information objects;
  
  associating at least one of a plurality of security levels with each information object at any granularity, thereby enabling access to individually selected portions of the first party'"'"'s personal information by individual receiving parties;
  
  storing in the database the first party identifier, the information object and the security level assigned to the information object;
  
  receiving a request, said request comprising at least the first party identifier;
  
  in response to the request, selecting a first portion of the first party'"'"'s personal information objects that could be transmitted to a second party;
  
  retrieving from the database the selected first portion of the first party'"'"'s personal information objects;
  
  securely transmitting the retrieved first portion of the first party'"'"'s personal information objects to the second party;
  
  obtaining a second party identifier;
  
  if the second party is not authorized to receive the first portion of the first party'"'"'s personal information objects, recording the second party identifier;
  
  rejecting the second party'"'"'s request for information; and
  
  maintaining a record of unauthorized requests for information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising the step of:
    - verifying the second user based on one or more criteria from;
      
      (a) a description of information accessible using an authorization key, (b) an expiration time for an authorization key, (c) a security level of the second user, (d) security level of a device used by the second user, (e) a security level of a password of the second user, (f) type of device used by the second user, (g) identity of device used by the second user, (h) Internet address from which the second user accessed the server computer, (i) time of day when the second user accessed the server computer, or (j) day of week when the second user accessed the server computer.
  - 3. The method of claim 1, further comprising the step of:
    - formatting the selected first portion of the first party'"'"'s personal information objects in a manner suitable to the second user'"'"'s client computer.
  - 4. The method of claim 1, further comprising the steps of:
    - receiving one or more features of the second user'"'"'s client computer, andsending the selected first portion of the first party'"'"'s personal information objects to the second user'"'"'s client computer in accord with the one or more features of the second user'"'"'s client computer.
  - 5. The method of claim 1, wherein the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects in accordance with one or more access parameters configurable by the server computer system.
  - 6. The method of claim 5, wherein the one or more access parameters includes a predetermined period of time (T) during which the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects.
  - 7. The method of claim 5, wherein the one or more access parameters includes a predetermined number of times (N) the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects.
  - 8. The method of claim 1, wherein the request to receive the first party'"'"'s personal information objects is accompanied by an authorization key, wherein the authorization key includes encoded attributes that specify one or more scopes of authorization.
  - 9. The method of claim 8, wherein the one or more scopes of authorization includes a designation of the first party'"'"'s personal information objects accessible by the second party.
  - 10. The method of claim 8, wherein the one or more scopes of authorization includes a set of operations permitted by the second party with respect to the selected portion of the first party'"'"'s personal information objects.

11. A server computer system comprising:
- one or more processors;
  
  one or more processor readable storage devices having processor readable code embodied on said one or more processor readable storage devices, the processor readable code being configured to instruct the one or more processors to;
  
  establish an account for the first party;
  
  assign an identifier to the first party;
  
  receive the first party'"'"'s personal information, said first party'"'"'s personal information comprising at least one of a plurality of information objects;
  
  associate at least one of a plurality of security levels with each information object at any granularity, thereby enabling access to individually selected portions of the first party'"'"'s personal information by individual receiving parties;
  
  store in the database the first party identifier, the information object and the security level assigned to the information object;
  
  receive a request, said request comprising at least the first party identifier;
  
  in response to the request, select a first portion of the first party'"'"'s personal information objects that could be transmitted to a second party;
  
  retrieve from the database the selected first portion of the first party'"'"'s personal information objects;
  
  securely transmit the retrieved first portion of the first party'"'"'s personal information objects to the second party;
  
  obtain a second party identifier;
  
  if the second party is not authorized to receive the first portion of the first party'"'"'s personal information objects, record the second party identifier;
  
  reject the second party'"'"'s request for information; and
  
  maintain a record of unauthorized requests for information.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The server computer system of claim 11, wherein the processor readable code is further configured to instruct the one or more processors to:
    - verify the second user based on one or more criteria from;
      
      (a) a description of information accessible using an authorization key, (b) an expiration time for an authorization key, (c) a security level of the second user, (d) security level of a device used by the second user, (e) a security level of a password of the second user, (f) type of device used by the second user, (g) identity of device used by the second user, (h) Internet address from which the second user accessed the server computer, (i) time of day when the second user accessed the server computer, or (j) day of week when the second user accessed the server computer.
  - 13. The server computer system of claim 11, wherein the processor readable code is further configured to instruct the one or more processors to:
    - format the selected first portion of the first party'"'"'s personal information objects in a manner suitable to the second user'"'"'s client computer.
  - 14. The server computer system of claim 11, wherein the processor readable code is further configured to instruct the one or more processors to:
    - receive one or more features of the second user'"'"'s client computer, andsend the selected first portion of the first party'"'"'s personal information objects to the second user'"'"'s client computer in accord with the one or more features of the second user'"'"'s client computer.
  - 15. The server computer system of claim 11, wherein the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects in accordance with one or more access parameters configurable by the server computer system.
  - 16. The server computer system of claim 15, wherein the one or more access parameters includes a predetermined period of time (T) during which the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects.
  - 17. The server computer system of claim 15, wherein the one or more access parameters includes a predetermined number of times (N) the second party is enabled to access the selected first portion of the first party'"'"'s personal information objects.
  - 18. The server computer system of claim 11, wherein the request to receive the first party'"'"'s personal information objects is accompanied by an authorization key, wherein the authorization key includes encoded attributes that specify one or more scopes of authorization.
  - 19. The server computer system of claim 18, wherein the one or more scopes of authorization includes a designation of the first party'"'"'s personal information objects accessible by the second party.
  - 20. The server computer system of claim 18, wherein the one or more scopes of authorization includes a set of operations permitted by the second party with respect to the selected portion of the first party'"'"'s personal information objects.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Web 2.0 Technologies LLC
Original Assignee
Pennar Software Corporation
Inventors
Chaganti, Naren, Chaganti, Sitapathi Rao, Chaganti, Damayanti
Primary Examiner(s)
Lanier, Benjamin E

Application Number

US14/578,362
Time in Patent Office

1,116 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/62   Protecting access to data v...

G06F 21/6245   Protecting personal data, e...

G06F 21/6272   by registering files or doc...

G06Q 30/0613   Third-party assisted

G06Q 50/14   Travel agencies

G16H 10/60   for patient-specific data, ...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04L 67/306   User profiles

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Online repository for personal information and access of information stored therein

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Online repository for personal information and access of information stored therein

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links