Remote profile security system

US 9,276,747 B2
Filed: 08/04/2008
Issued: 03/01/2016
Est. Priority Date: 08/04/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing, at a server computer system, first user profile information for a remote user;

restricting access to the first user profile information for the remote user at the server computer system, the restricting access to the first user profile information for the remote user at the server computer system comprising using authentication information to encrypt user identification information;

accessing the first user profile information, at the server computer system, using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the first user profile information; and

restricting access to the first remote user profile information using the authentication information subsequent to an interaction session between the remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the first remote user profile information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method comprises storing, at the server computer system, user profile information for the remote user. The user profile information for the remote user (or a link to the user profile information) is encrypted using authentication information. The user profile information is associated with user identification information, at the server computer system, using the authentication information, which is selectively made available by the remote user via the network to the server computer system in order to enable the server computer system to associate the user profile information with the user identification information.

Citations

33 Claims

1. A method comprising:
- storing, at a server computer system, first user profile information for a remote user;
  
  restricting access to the first user profile information for the remote user at the server computer system, the restricting access to the first user profile information for the remote user at the server computer system comprising using authentication information to encrypt user identification information;
  
  accessing the first user profile information, at the server computer system, using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the first user profile information; and
  
  restricting access to the first remote user profile information using the authentication information subsequent to an interaction session between the remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the first remote user profile information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the restricting of the access to the first user profile information at the server computer system further comprises encrypting the first user profile information within a data store accessible by the server computer system.
  - 3. The method of claim 1, wherein the authentication information is received from the remote user at the server computer system and is temporarily stored at the server computer system to enable the access to the first user profile information.
  - 4. The method of claim 3, including removing the authentication information from the server computer system subsequent to the access of the first user profile information using the authentication information.
  - 5. The method of claim 4, wherein the authentication information is removed from the server computer system subsequent to a determinable interaction session by the remote user with the server computer system.
  - 6. The method of claim 3, wherein the receiving the authentication information from the remote user includes receiving the authentication information at the server computer system via the network as a network communication from the remote user, and wherein the authentication information is temporarily stored at the server computer system to enable a hosted application of the server computer system to access the first user profile information.
  - 7. The method of claim 3, wherein the authentication information is stored at a location accessible by the server computer system, and wherein the receiving the authentication information from the remote user includes receiving authorization, via the network and from the remote user, for the server computer system to access the authentication information at the accessible location.
  - 8. The method of claim 7, wherein the receiving the authorization includes receiving a password authorizing access to the authentication information at the accessible location.
  - 9. The method of claim 1, wherein a remote user profile for the remote user includes the first user profile information and second user profile information, and wherein the second user profile information has different access restrictions than the first user profile information.
  - 10. The method of claim 9, wherein access by the server computer system to the second remote user profile information is unrestricted.
  - 11. The method of claim 1, wherein the accessing of the first remote user profile information includes updating the first remote user profile information.
  - 12. The method of claim 11, wherein the first user profile information is updated using remote user activity information determined during an interaction session by the remote user with the server computer system.
  - 13. The method of claim 11, wherein the first user profile information is updated using user-provided information provided by the remote user.
  - 14. The method of claim 1, wherein the accessing of the first remote user profile information includes using the first profile information to customize an interaction by the remote user with a hosted application.
  - 15. The method of claim 1, wherein the accessing includes accessing the first user profile information on an interaction session-by-session basis responsive to the provision of the authentication information to, or withholding of the authentication information from, the server computer system by the remote user.

16. A system comprising:
- a data store, accessible by a server computer system, to store first remote user profile information for a remote user; and
  
  an access component of the server computer system to associate the first remote user profile information with identification information of the remote user using a key, the key being selectively made available by the remote user to the access component in order to enable the association of the first remote user profile information with identification information of the remote user,the access component further to encrypt the first remote user profile information using the key subsequent to an interaction session between the remote user of the server computer system, and to expunge the key from the server computer system subsequent to the encryption of the first remote user profile information.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 17. The system of claim 16, including an interface to receive the key at the server computer system from the remote user, and wherein the access component is to temporarily store the key at the server computer system to associate the first remote user profile information with the identification information of the remote user.
  - 18. The system of claim 16, wherein the interface is to receive the key at the server computer system via a network as a network communication from the remote user.
  - 19. The system of claim 16, wherein the access component is to remove the key from the server computer system subsequent to the association of the first remote user profile information with the identification information of the remote user, using the key.
  - 20. The system of claim 19, wherein the access component is to remove the key from the server computer system subsequent to a determinable interaction session by the remote user with the server computer system.
  - 21. The system of claim 16, wherein the data store is to store the key at a location accessible by the server computer system, and wherein the access component is to receive authorization, from the remote user, for the server computer system to access the key at the accessible location.
  - 22. The system of claim 21, wherein the access component is to receive a key password authorizing access to the key at the accessible location.
  - 23. The system of claim 16, wherein a remote user profile for the remote user includes the first remote user profile information and second remote user profile information, and wherein the access component is to enforce different association restrictions with respect to the first and second remote user profile information.
  - 24. The system of claim 23, wherein the access component is to provide unrestricted association by the server computer system of the second remote user profile information with the identification information.
  - 25. The system of claim 16, including an update component, coupled to the access component, to update the first remote user profile information.
  - 26. The system of claim 25, wherein the update component is to update the first remote user profile information using remote user activity information determined during an interaction session by the remote user with the server computer system.
  - 27. The system of claim 25, wherein the update component is to update the first remote user profile information using user-provided information provided by the remote user.
  - 28. The system of claim 16, including a customization component, coupled to the access component, to customize an interaction of the remote user with the server computer system using the first profile information.
  - 29. The system of claim 16, wherein the access component is to access the first remote user profile information on an interaction session-by-session basis responsive to the provision of the key to, or withholding of the key from, the server computer system by the remote user.

30. One or more machine-readable hardware storage device embodying instructions that, when executed by a server computer system, cause the server computer system to perform a method comprising:
- storing, at the server computer system, first user profile information for a remote user;
  
  restricting access to the first user profile information for the remote user at the server computer system, the restricting of the access to the first user profile information at the server computer system comprising using authentication information for encrypting remote user identification; and
  
  accessing the first user profile information, at the server computer system, using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the first user profile information; and
  
  restricting access to the first remote user profile information using the authentication information subsequent to an interaction session between the first remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the first remote user profile information.

31. A method comprising:
- storing, at a server computer system, first user profile information for a remote user;
  
  restricting access to the first user profile information for the remote user at the server computer system using authentication information, the restricting access to the first user profile information for the remote user at the server computer system comprising encrypting remote user identification information;
  
  accessing the first user profile information, at the server computer system, using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the first user profile information; and
  
  restricting access to the first remote user profile information using the authentication information subsequent to an interaction session between the first remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the first remote user profile information.

32. A method comprising:
- storing, in a first table of a relational database at a server computer system, unrestricted identification information for a remote user;
  
  storing, in a second table, restricted profile information for the remote user;
  
  using the unrestricted identification information for the remote user as an index to associate the stored unrestricted identification information with the stored restricted profile information;
  
  restricting access to the restricted profile information for the remote user at the server computer system using authentication information, the restricting access to the restricted profile information for the remote user at the server computer system comprising encrypting the unrestricted identification information;
  
  accessing the restricted profile information, at the server computer system, using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the restricted profile information; and
  
  restricting access to the unrestricted profile information using the authentication information subsequent to an interaction session between the first remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the unrestricted profile information.

33. A hardware machine-readable storage device having embedded therein aset of instructions which, when executed by the machine, causes the machine to execute the operations comprising:
- storing in a first table unrestricted identification information for a remote user;
  
  storing, in a second table, restricted profile information for the remote user;
  
  using the unrestricted identification information for the remote user as an index to associate the stored unrestricted identification information with the stored restricted profile information;
  
  restricting access to the restricted profile information for the remote user using authentication information, the restricting access to the restricted profile information for the remote user comprising encrypting the unrestricted identification information for the remote user that associates the restricted profile information with the unrestricted identification information;
  
  accessing the restricted profile information using the authentication information, the authentication information being selectively made available by the remote user via a network to the server computer system in order to enable the server computer system to access the restricted profile information; and
  
  restricting access to the unrestricted profile information using the authentication information subsequent to an interaction session between the first remote user of the server computer system and removing the authentication information from the server computer system subsequent to the encryption of the unrestricted profile information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bradley A. Handler
Original Assignee
Technology Policy Associates, LLC
Inventors
Handler, Bradley A.
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
TRUVAN, LEYNNA THANH

Application Number

US12/185,757
Publication Number

US 20100031335A1
Time in Patent Office

2,766 Days
Field of Search

726 1- 6, 726 18- 19, 726 27- 30, 709206-207, 709/217, 709/219, 709/225, 709/227, 705/76, 713/150, 713/165, 713/171, 713/182, 707/703, 707/758, 707/784, 707821-822, 380/228, 380/231, 380/255, 380/277
US Class Current

1/1
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 67/306   User profiles

H04L 9/3226   using a predetermined code,...

Remote profile security system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Remote profile security system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links