Digital persona for providing access to personal information

US 6,581,059 B1
Filed: 01/24/2000
Issued: 06/17/2003
Est. Priority Date: 01/24/2000
Status: Active Grant

First Claim

Patent Images

1. A system for providing access to electronically stored personal information of an entity, comprising:

a personal information database storing personal information of an entity;

a set of information preferences associated with said database, said information preferences defining requestor accessibility rights and conditions of use for said personal information;

a freely addressable access interface, said interface receiving an identifier of said requestor and conditions under which personal information is to be used, whereby said interface determines if said personal information is accessible by said requestor and, upon a positive determination of accessibility, said personal information is retrieved from said database by said interface and provided to said requestor, and upon an initial negative determination of accessibility, said interface iteratively negotiates with said requestor by offering differing conditions of use until a positive determination of accessibility is made or until it is determined that a positive determination of accessibility cannot be obtained.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system provides a structured and accessible information repository for an entities personal information. An information server contains a personal information database and a set of information preferences associated with the personal information database. The personal information database contains personal information about an entity, such as name, phone number, address, etc. The information preferences define an entities preferences regarding the conditions of use under which the personal information will be released. When another computer or user of another computer, a requestor, requests personal information from the information server, the requestor then identifies the information it is requesting and provides the conditions under which the information is to be used. The received conditions of use are compared to the set of information preferences to determine if the received conditions of use are acceptable. If the received conditions of use are acceptable the information is retrieved and provided to the requestor. If the received conditions are unacceptable, the requestors request is denied. The requestor and freely addressable access interface may then negotiate the conditions of use until acceptable conditions are reached, or until it is determined that acceptable conditions cannot be obtained. Encryption and third party certification are used to provide security to the system. Records of the transactions are maintained to provide a “paper trail” in case the agreement is broken.

176 Citations

15 Claims

1. A system for providing access to electronically stored personal information of an entity, comprising:
- a personal information database storing personal information of an entity;
  
  a set of information preferences associated with said database, said information preferences defining requestor accessibility rights and conditions of use for said personal information;
  
  a freely addressable access interface, said interface receiving an identifier of said requestor and conditions under which personal information is to be used, whereby said interface determines if said personal information is accessible by said requestor and, upon a positive determination of accessibility, said personal information is retrieved from said database by said interface and provided to said requestor, and upon an initial negative determination of accessibility, said interface iteratively negotiates with said requestor by offering differing conditions of use until a positive determination of accessibility is made or until it is determined that a positive determination of accessibility cannot be obtained.
- View Dependent Claims (2)
- - 2. A system for providing access to electronically stored personal information of an entity, as per claim 1, wherein said personal information is provided to said requestor in machine-readable format.

3. A system for providing access to electronically stored personal information of an entity, comprising:
- a personal information database storing personal information of an entity;
  
  a set of information preferences associated with said database, said information preferences defining requestor accessibility rights, conditions of use for said personal information and a first identity of a certification authority authorized to verify the identity of a requestor;
  
  an addressable access interface, said access interface interfacing said at least one personal information database to a requestor and receiving an identifier of said requestor and a second identity of a certification authority capable of verifying said requestor and conditions under which personal information is to be used, whereby, upon a determination that said second identity of a certification authority is the same as said first identity of a certification authority, said interface verifies said requestor utilizing the certification authority, and wherein upon verification of said requestor, said interface interactively negotiating with said requestor until said received conditions of use are determined to be acceptable to allow access to said personal information based upon said defined conditions of use or until it is determined said acceptable received conditions cannot be obtained, and upon a determination that said received conditions of use are acceptable, said interface retrieves said personal information, providing said personal information to said requestor.
- View Dependent Claims (4, 5, 6)
- - 4. A system for providing access to electronically stored personal information of an entity, as per claim 3, wherein said system may be implemented locally or remotely on one or more computer-based systems, across networks or existing communication mediums.
  - 5. A system for providing access to electronically stored personal information of an entity, as per claim 4, wherein said across networks element comprises any of LANs, WANs, cellular, Internet or Web based networks.
  - 6. A system for providing access to electronically stored personal information of an entity, as per claim 3, wherein said freely addressable access interface is addressed using HTTP, Gopher, SMTP, Telnet, or FTP.

7. A system for electronically storing personal information data in a structured form and communicating said data to a requestor based upon an agreement to the conditions of use of said data negotiated between an information server providing access to said data and said requestor comprising:
- a personal information database storing personal information of one or more entities;
  
  a set of information preferences associated with said database, said information preferences defining requestor accessibility rights, conditions of use for said personal information, and a first identity of a certification authority authorized to verify the identity of a requestor;
  
  a freely addressable access interface, said interface capable of communicating with said database and said set of information preferences, a requestor, said requestor capable of communicating with said interface, said requestor communicating an identifier of said requestor, a second identity of a certification authority capable of verifying said requestor and conditions under which personal information is to be used;
  
  wherein upon receiving said communication, said interface compares said second identity of certification authority to first identify of a certification authority and upon determination that said second identity of a certification authority is the same as said first identity of a certification authority, said interface verifies said requestor utilizing the certification authority, and, upon verification of said requestor, said interface negotiates with said requestor until said received conditions of use are determined to be acceptable to allow access to said personal information based upon said defined conditions of use or until it is determined acceptable received conditions cannot be obtained, and upon an acceptable determination, said interface retrieves said personal information, provides said personal information to said requestor and retains a record of said acceptable received conditions of use to be stored.
- View Dependent Claims (8, 9, 10)
- - 8. A system for electronically storing personal information data in a structured form and communicating said data to a requestor based upon an agreement to the conditions of use of said data negotiated between an information server providing access to said data and said requestor, as per claim 7, wherein said system may be implemented locally or remotely on one or more computer-based systems, across networks or existing communication mediums.
  - 9. A system for electronically storing personal information data in a structured form and communicating said data to a requestor based upon an agreement to the conditions of use of said data negotiated between an information server providing access to said data and said requestor, as per claim 8, wherein said across networks element comprises any of LANs, WANs, cellular, Internet or Web based networks.
  - 10. A system for providing access to electronically stored personal information of an entity, as per claim 7, wherein said freely addressable access interface is addressed using HTTP, Gopher, SMTP, Telnet, or FTP.

11. A method of retrieving personal data from a central database, said method comprising:
- providing a freely addressable access interface, said access interface interfacing with said database;
  
  requesting access to specific personal data located in said central database, said requesting step including sending an identifier of a requestor, an identity of a certification authority capable of verifying said requestor and conditions of use for said personal data to said access interface;
  
  negotiating access to said personal data based upon at least one of said identity of said requestor, said identity of a certification authority capable of verifying said requestor and said conditions of use for said personal data;
  
  renegotiating access to said personal data upon a negative determination of accessibility until a positive determination of accessibility is reached, or until determining a positive determination of accessibility cannot be obtained;
  
  retrieving said specific personal data upon a positive determination of accessibility, and denying access to said specific personal data upon determining a positive determination of accessibility cannot be obtained.

12. An article of manufacture comprising a computer user medium having computer readable program code embodied therein which controls access to personal information comprising:
- computer readable program which enables providing a freely addressable access interface;
  
  computer readable program code which enables requesting access to specific personal data;
  
  computer readable program code which enables negotiating access to said personal data computer readable program code which enables renegotiating access to said personal data upon a negative determination of accessibility until a positive determination of accessibility is reached, or until determining a positive determination of accessibility cannot be obtained;
  
  computer readable program code which enables retrieving said specific personal data upon a positive determination of accessibility, and a computer readable program code which enables denying access to said specific personal data upon determining a positive determination of accessibility cannot be obtained.

13. A computer program product usable with a programmable computer having computer readable program code embodied therein which controls access to personal information comprising:
- computer readable program which enables providing a freely addressable access interface;
  
  computer readable program code which enables requesting access to specific personal data;
  
  computer readable program code which enables negotiating access to said personal data computer readable program code which enables renegotiating access to said personal data upon a negative determination of accessibility until a positive determination of accessibility is reached, or until determining a positive determination of accessibility cannot be obtained;
  
  computer readable program code which enables retrieving said specific personal data upon a positive determination of accessibility, and a computer readable program code which enables denying access to said specific personal data upon determining a positive determination of accessibility cannot be obtained.

14. A method of processing information among distributed computer based-systems over a network which controls access to personal information comprising:
- transmitting a request to access specific personal data located in a central database, said request including sending an identifier of a requestor, an identity of a certification authority capable of verifying said requestor and conditions of use for said personal data;
  
  transmitting negotiation data to negotiate access to said personal data based upon at least one of said identity of said requestor, said identity of a certification authority capable of verifying said requestor and said conditions of use for said personal data;
  
  transmitting renegotiation data to renegotiate access to said personal data upon a negative determination of accessibility until a positive determination of accessibility is reached, or until determining a positive determination of accessibility cannot be obtained;
  
  transmitting said specific personal data upon a positive determination of accessibility, and transmitting denial data to deny access to said specific personal data upon determining a positive determination of accessibility cannot be obtained.

15. A system comprising computer readable program code, said program code embodied upon and divided among multiple computer storage systems, said program code processing data between the divided portions of said program code over a network for controlling access to personal information, comprising:
- computer readable program code which implements a personal information database for storing personal information of one or more entities;
  
  computer readable program code which implements a set of information preferences associated with said database for defining requestor accessibility rights, conditions of use for said personal information and a first identity of a certification authority authorized to verify the identity of a requestor;
  
  computer readable program code which implements a freely addressable access interface for communicating with said database and said set of information preferences, computer readable program code which comprises a requestor for communicating an identifier of said requestor, a second identity of a certification authority capable of verifying said requestor and conditions under which personal information is to be used;
  
  computer readable program code which implements a negotiation of said conditions of use, and, wherein upon receiving said communication, said interface compares said second identity of a certification authority to a first identity of a certification authority and upon a determination that they are the same, said interface verifies said requestor utilizing the certification authority, and upon verification of said requestor, said interface negotiates with said requestor until said received conditions of use are determined to be acceptable to allow access to said personal information based upon said defined conditions of use or until it is determined acceptable received conditions cannot be obtained, and upon an acceptable determination, said interface retrieves said personal information, provides said personal information to said requestor and retains a record of said acceptable received conditions of use to be stored.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Maglio, Paul Philip, Barrett, Robert Carl
Primary Examiner(s)
KINDRED, ALFORD W

Application Number

US09/490,846
Time in Patent Office

1,240 Days
Field of Search

707/1-10, 707/100-104, 707/200-206, 707/500-501, 707/511-517, 709/101-104, 709/200-206, 709/212-227, 345/700-701, 345/744, 345/762
US Class Current

1/1
CPC Class Codes

G06F 16/252   between a Database Manageme...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2115   Third party

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99939   Privileged access

Digital persona for providing access to personal information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

176 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Digital persona for providing access to personal information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

176 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links