Methods and systems for secure and reliable identity-based computing
First Claim
1. A system for establishing trustworthy, isolated, purposeful computing sessions based, at least in part, upon resource, and resource at least one of stakeholder human and stakeholder human agent, identity information sets, such system comprising:
- one or more computing arrangements, including at least one processor, for use in providing at least one of one or more standardized (a) resources, and (b) specifications, that enable trustworthy, isolated, purposeful computing sessions, each comprising (a) an operating arrangement including at least one of a secure virtual machine, and a secure, other isolated sandbox, and (b) one or more resource arrangements that operate on such operating arrangement, and wherein each of such trustworthy, isolated, purposeful computing sessions operates at least in part in accordance with one or more user purpose fulfillment specifications,wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable specifying standardized, interoperably interpretable resource identity information one or more sets for each resource instance, such information one or more sets each comprising at least in part;
(i) an identifier for such resource instance, and (ii) such resource instance'"'"'s associated attribute, information one or more sets,wherein at least a portion of such resource identity information one or more sets enables (i) identifying one or more resources for one or more trustworthy, isolated, purposeful computing sessions, and (ii) formulating one or more specifications for at least one of one or more secure virtual machines, and one or more secure, other isolated sandboxes, for such one or more trustworthy, isolated, purposeful computing sessions, in accordance with respective user purpose fulfillment specification information sets,wherein such trustworthy, isolated, purposeful computing sessions operate in accordance with respective standardized and interoperably interpretable session purposeful computing framework specification sets that enable the dynamic provisioning of respective such trustworthy, isolated, purposeful computing sessions, in response to users'"'"' instructions to activate their respective trustworthy, isolated, purposeful computing sessions, andwherein one or more resource operations in respective trustworthy resource arrangements operating on such at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, are at least one of authorized, limited in operation, and otherwise securely managed using one or more session operating rule information sets, at least in part, in accordance with respective user purpose fulfillment specifications, and in support of trustworthy, isolated, purposeful computing one or more sessions;
wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable performing, using at least one biometric sensor, biometric identification of one or more at least one of stakeholder humans and stakeholder human agents, of stakeholder respective resources, wherein such at least one of biometrically acquired identification information, and information derived therefrom, is cryptographically, securely bound to stakeholders'"'"' at least one of respective resource associated identity information sets; and
wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable employing at least one tamper resistant processing and memory arrangement for secure processing of at least one of (a) at least a portion of resource identity information, and (b) resource stakeholder identity information.
1 Assignment
0 Petitions
Accused Products
Abstract
The embodiments herein provide a secure computing resource set identification, evaluation, and management arrangement, employing in various embodiments some or all of the following highly reliable identity related means to establish, register, publish and securely employ user computing arrangement resources in satisfaction of user set target contextual purposes. Systems and methods may include, as applicable, software and hardware implementations for Identity Firewalls; Awareness Managers; Contextual Purpose Firewall Frameworks for situationally germane resource usage related security, provisioning, isolation, constraining, and operational management; liveness biometric, and assiduous environmental, evaluation and authentication techniques; Repute systems and methods assertion and fact ecosphere; standardized and interoperable contextual purpose related expression systems and methods; purpose related computing arrangement resource and related information management systems and methods, including situational contextual identity management systems and methods; and/or the like.
76 Citations
33 Claims
-
1. A system for establishing trustworthy, isolated, purposeful computing sessions based, at least in part, upon resource, and resource at least one of stakeholder human and stakeholder human agent, identity information sets, such system comprising:
one or more computing arrangements, including at least one processor, for use in providing at least one of one or more standardized (a) resources, and (b) specifications, that enable trustworthy, isolated, purposeful computing sessions, each comprising (a) an operating arrangement including at least one of a secure virtual machine, and a secure, other isolated sandbox, and (b) one or more resource arrangements that operate on such operating arrangement, and wherein each of such trustworthy, isolated, purposeful computing sessions operates at least in part in accordance with one or more user purpose fulfillment specifications, wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable specifying standardized, interoperably interpretable resource identity information one or more sets for each resource instance, such information one or more sets each comprising at least in part;
(i) an identifier for such resource instance, and (ii) such resource instance'"'"'s associated attribute, information one or more sets,wherein at least a portion of such resource identity information one or more sets enables (i) identifying one or more resources for one or more trustworthy, isolated, purposeful computing sessions, and (ii) formulating one or more specifications for at least one of one or more secure virtual machines, and one or more secure, other isolated sandboxes, for such one or more trustworthy, isolated, purposeful computing sessions, in accordance with respective user purpose fulfillment specification information sets, wherein such trustworthy, isolated, purposeful computing sessions operate in accordance with respective standardized and interoperably interpretable session purposeful computing framework specification sets that enable the dynamic provisioning of respective such trustworthy, isolated, purposeful computing sessions, in response to users'"'"' instructions to activate their respective trustworthy, isolated, purposeful computing sessions, and wherein one or more resource operations in respective trustworthy resource arrangements operating on such at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, are at least one of authorized, limited in operation, and otherwise securely managed using one or more session operating rule information sets, at least in part, in accordance with respective user purpose fulfillment specifications, and in support of trustworthy, isolated, purposeful computing one or more sessions; wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable performing, using at least one biometric sensor, biometric identification of one or more at least one of stakeholder humans and stakeholder human agents, of stakeholder respective resources, wherein such at least one of biometrically acquired identification information, and information derived therefrom, is cryptographically, securely bound to stakeholders'"'"' at least one of respective resource associated identity information sets; and wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable employing at least one tamper resistant processing and memory arrangement for secure processing of at least one of (a) at least a portion of resource identity information, and (b) resource stakeholder identity information. - View Dependent Claims (3, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
2. A system for establishing trustworthy, isolated purposeful computing sessions based, at least in part, upon resource, and at least one of resource stakeholder human and resource stakeholder human agent, identity information sets, such system comprising:
one or more computing arrangements, including at least one processor, for use in providing at least one of one or more standardized (a) resources, and (b) specifications, that enable trustworthy, isolated, purposeful computing sessions, where each of such trustworthy, isolated, purposeful computing sessions comprises;
(i) an operating arrangement including at least one of a secure virtual machine and a secure, other isolated sandbox; and
(ii) one or more resource arrangements that operate on such operating arrangement, and wherein each such trustworthy, isolated, purposeful computing session operates, at least in part, in accordance with one or more user purpose fulfillment specifications,wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable; specifying standardized, interoperably interpretable resource identity information one or more sets for each resource instance, such information one or more sets comprising at least in part;
(i) an identifier for such resource instance, and (ii) such resource instance'"'"'s associated attribute, information one or more sets,wherein at least a portion of such resource identity information one or more sets enables (i) identifying one or more resources for one or more trustworthy, isolated, purposeful computing sessions, and (ii) formulating one or more specifications for at least one of one or more secure virtual machines, and one or more secure, other isolated sandboxes, for such one or more trustworthy, isolated, purposeful computing sessions, in accordance with respective user purpose fulfillment specification information sets, and wherein each such resource instance identity information one or more sets at least one of (i) is securely associated with, and (ii) securely includes, descriptive purpose specification information, wherein at least a portion of one or more such identity information sets is used, at least in part, for securely identifying resources to operate in respective user purpose fulfillment trustworthy, isolated, purposeful computing sessions; wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable; using one or more at least in part biometric sensors for enabling publishing process biometric identifications of respective resource information set at least one of publisher stakeholder humans and stakeholder human agents, wherein at least one of such one or more at least in part biometric sensors biometrically acquired information, and information derived therefrom, is securely at least one of included in, and associated with, such at least one of stakeholder humans'"'"' and stakeholder human agents'"'"', respective resource publishing process identity information sets, where; a. stakeholder biometric identification information is acquired during at least one of stakeholder humans'"'"' and stakeholder human agents'"'"', respective publishing processes, and b. one or more effective fact validation rule sets are provided for respective effective fact validation processes regarding one or more of such stakeholders'"'"' respective attributes; and wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable employing at least one tamper resistant processing and memory arrangement for secure processing of at least one of (a) at least a portion of resource identity information, and (b) resource stakeholder identity information. - View Dependent Claims (5)
-
4. A system for establishing a computing platform that enables trustworthy, isolated, computing sessions that are dynamically provisioned in response to standardized and interoperably interpretable user target purpose specifications, and are based, at least in part, upon session resource, and resource at least one of stakeholder human and stakeholder human agent, attributes, such system comprising:
one or more computing arrangements, including at least one processor, for providing at least one of one or more standardized (a) resources, and (b) specifications, to enable trustworthy, isolated, purposeful computing sessions, where each of such isolated, purposeful computing sessions includes at least one automatically provisioned at least one of secure virtual machine, and secure other isolated sandbox, wherein each such isolated, purposeful computing session (a) employs one or more operating resources that operate on such session'"'"'s operating arrangement foundation, (b) is automatically provisioned as a user target purpose computing session, such session automatic provisioning occurring in response to one or more users activating such session as a trustworthy, isolated, specific to user target purpose computing activity set, and (c) operates in accordance with trustworthy, isolated, purposeful computing session purpose fulfillment one or more specifications, wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable assiduous resource identity management, ensuring valid provisioning of user target purpose resources, provisioned to at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, wherein such provisioning supports, at least in part, establishing user target purpose trustworthy, isolated, purposeful computing sessions, such provisioning occurring at least in part in response to users'"'"' respective target purpose session initiating instructions and through use of such computing sessions'"'"' respective target purpose session initiating instructions'"'"' resource identifying information, wherein such assiduous resource identity management employs, one or more biometric sensors to enable, at least in part, resource publishing process biometric identification of resources'"'"' respective at least one, at least one of stakeholder humans and stakeholder human agents, and where at least one of resources'"'"' respective biometric identification information sets, and information sets derived therefrom, is at least one of securely included in, and otherwise securely associated with, respective such resources, and where resource related identity information sets are at least in part securely processed and stored using tamper resistant processor and memory arrangements, and wherein such one or more computing arrangements are employed to provide such at least one of one or more standardized (a) resources, and (b) specifications, that, at least in part, enable an effective fact stipulation computing environment to support effective fact stipulations, where such stipulations declare effective fact attributes regarding at least one of respective resources, and attributes of respective resources, and further where each such effective fact stipulation has at least one associated fact validation rule set for validating such fact stipulation. - View Dependent Claims (32)
-
16. A method for establishing trustworthy, isolated, purposeful computing sessions based, at least in part, upon resource, and resource at least one of stakeholder human and stakeholder human agent, identity information sets, such method comprising:
providing, through use of a computing arrangement including at least one processor, at least one of one or more standardized (a) resources, and (b) specifications, to enable trustworthy, isolated, purposeful computing sessions comprising (a) an operating arrangement including at least one of a secure virtual machine, and a secure other isolated sandbox; and
(b) one or more resource arrangements that operate on such operating arrangement, and wherein each of such trustworthy, isolated, purposeful computing sessions operates at least in part in accordance with one or more user purpose fulfillment specifications,wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables specifying standardized, interoperably interpretable resource identity information one or more sets for each resource instance, such information one or more sets each comprising at least in part;
(i) an identifier for such resource instance, and (ii) such resource instance'"'"'s associated attribute, information one or more sets,wherein at least a portion of such resource identity information one or more sets enables (a) identifying one or more resources for one or more trustworthy, isolated, purposeful computing sessions, and (b) formulating one or more specifications for, at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, for such one or more trustworthy, isolated purposeful computing sessions, in accordance with respective user purpose fulfillment specification information sets, wherein such trustworthy, isolated, purposeful computing sessions operate in accordance with respective standardized and interoperably interpretable session purposeful computing framework specification sets that enable the dynamic provisioning of respective such trustworthy, isolated, purposeful computing sessions, in response to users'"'"' instructions to activate their respective trustworthy, isolated, purposeful computing sessions, and wherein one or more resource operations in respective trustworthy, isolated resource arrangements operating on such at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, are at least one of authorized, limited in operation, and otherwise securely managed using one or more session operating rule information sets, at least in part, in accordance with respective user purpose fulfillment specifications, and in support of trustworthy, isolated, purposeful computing one or more sessions; wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables performing, using at least one biometric sensor, biometric identification of one or more at least one of stakeholder humans and stakeholder human agents, of stakeholder respective resources, wherein such at least one of biometrically acquired identification information, and information derived therefrom, is cryptographically, securely bound to stakeholders'"'"' at least one of respective of resource associated identity information sets; and wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables secure processing at least one of (a) at least a portion of resource identity information, and (b) resource stakeholder identity information using at least one tamper resistant processing and memory arrangement. - View Dependent Claims (18, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
17. A method for establishing trustworthy, isolated, purposeful computing sessions based, at least in part, upon resource, and at least one of resource stakeholder human and resource stakeholder human agent, identity attributes, such method comprising:
providing, through use of a computing arrangement including at least one processor, at least one of one or more standardized (a) resources, and (b) specifications, to enable trustworthy, isolated, purposeful computing sessions, where each such trustworthy, isolated purposeful computing session comprises;
(i) an operating arrangement including at least one of a secure virtual machine and a secure other isolated sandbox; and
(ii) one or more resource arrangements that operate on such operating arrangement, and wherein each such trustworthy, isolated, purposeful computing session operates in accordance with one or more user purpose information sets,wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables; specifying standardized, interoperably interpretable resource identity information one or more sets for each resource instance, such information one or more sets comprising at least in part;
(i) an identifier for such resource instance, and (ii) such resource instance'"'"'s associated attribute information one or more sets,wherein at least a portion of such resource identity information one or more sets enable;
(i) identifying one or more resources for one or more trustworthy, isolated, purposeful computing sessions, and (ii) formulating one or more specifications for at least one of one or more secure virtual machines, and one or more secure, other isolated sandboxes, for such one or more trustworthy, isolated, purposeful computing sessions, in accordance with respective user purpose fulfillment specification information sets, andwherein each such resource instance identity information one or more sets at least one of (a) is securely associated with, and (b) securely includes, descriptive purpose specification information, wherein at least a portion of one or more such identity information sets is used, at least in part, for securely identifying resources to operate in respective user purpose fulfillment trustworthy, isolated, purposeful computing sessions; wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables; using one or more at least in part biometric sensors for enabling publishing process biometric identifications of respective resource information set at least one of publisher stakeholder humans and stakeholder human agents, wherein at least one of such one or more at least in part biometric sensors biometrically acquired information, and information derived therefrom, is securely at least one of included in, and associated with, such at least one of stakeholder humans'"'"' and stakeholder human agents'"'"', respective resource publishing process identity information sets, where; a. stakeholder biometric identification information is acquired during respective at least one of stakeholder humans'"'"' and stakeholder human agents'"'"', publishing processes, and b. one or more effective fact validation rule sets are provided for respective effective fact validation processes regarding one or more of such stakeholders'"'"' respective attributes; and wherein such providing of at least one of one or more standardized (a) resources, and (b) specifications, at least in part enables secure processing of at least one of (a) at least a portion of resource identity information, and (b) resource stakeholder identity information using at least one tamper resistant processing and memory arrangement, and wherein providing such at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables an effective fact stipulation computing environment to support effective fact stipulations, where such effective fact stipulations declare effective fact attributes regarding at least one of respective resources, and attributes of respective resources, and further where each such effective fact stipulation has at least one associated fact validation rule set for validating such fact stipulation. - View Dependent Claims (20)
-
19. A method for establishing a computing platform that enables trustworthy, isolated, computing sessions that are dynamically provisioned in response to standardized and interoperably interpretable user target purpose specifications, and are based, at least in part, upon session resource, and resource at least one of stakeholder human and stakeholder human agent, attributes, such method comprising:
providing, through use of a computing arrangement including at least one processor, at least one of one or more standardized (a) resources, and (b) specifications, to enable trustworthy, isolated, purposeful computing sessions, where each of such isolated, computing sessions includes at least one automatically provisioned secure at least one of virtual machine and other isolated sandbox, wherein each of such isolated, purposeful computing sessions (a) employs one or more operating resources that operate on such session'"'"'s operating arrangement foundation, (b) is automatically provisioned as a user target purpose computing session, such session automatic provisioning occurring in response to one or more users activating such session as a trustworthy, isolated, specific to user target purpose computing activity set, and (c) operates in accordance with trustworthy, isolated, computing session purpose fulfillment one or more specifications, wherein providing such at least one of one or more standardized (a) resources, and (b) specifications, at least in part, enables assiduous resource identity management, ensuring valid provisioning of user target purpose resources provisioned to at least one of one or more secure virtual machines, and one or more secure other isolated sandboxes, wherein such provisioning supports, at least in part, establishing user target purpose trustworthy, isolated, purposeful computing sessions, such provisioning occurring at least in part in response to users'"'"' respective target purpose session initiating instructions and through use of such computing sessions'"'"' respective target purpose session initiating instructions'"'"' resource identifying information, wherein such assiduous resource identity management employs, one or more biometric sensors to enable, at least in part, resource publishing process biometric identification of resources'"'"' respective at least one, at least one of stakeholder humans and stakeholder human agents, and where at least one of resources'"'"' respective biometric identification information sets, and information sets derived therefrom, is at least one of securely included in and otherwise securely associated with, respective such resources, and where resource related identity information sets are at least in part securely processed and stored using tamper resistant processor and memory arrangements. - View Dependent Claims (33)
Specification