US2003174684A1PendingUtilityA1

Method and system for identifying a user

42
Priority: Sep 12, 2000Filed: Sep 11, 2001Published: Sep 18, 2003
Est. expirySep 12, 2020(expired)· nominal 20-yr term from priority
H04W 12/08H04W 12/06
42
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A data server derives information regarding the identities of users placing calls in a circuit-switched communication network. It per forms this task by initially establishing at least one known and trusted identity “seed”. The data server uses the trusted identity seed, in conjunction with information regarding calls placed in the circuit-switched communication network, to derive additional user identities. Further, a user device may encrypt its secret identification number before transmitting it to the data server to maintain the secrecy of this information. The data server is additionally configured to modify previously derived identities when the server determines that they have become inaccurate.

Claims

exact text as granted — not AI-modified
What is claimed is:  
     
         1 . A method for deriving the identity of a user, characterized in that the method comprises the steps of: 
 establishing a first known identity associated with a first user;    storing the first known identity in a database;    receiving information regarding a communication between the first user and a second user;    deriving a second known identity associated with the second user based on the first known identity and the received information regarding the communication with the second user; and    updating the database to store the second known identity in the database.    
     
     
         2 . The method according to  claim 1 , characterized in that the step of establishing a known identity comprises establishing a mapping between a secret identification number (SI 1 ) and public identification number (PI 1 ) for the first user.  
     
     
         3 . The method according to  claim 2 , characterized in that the secret identification number (SI 1 ) comprises an IMSI number and the public identification number (PI 1 ) comprises a MSISDN number.  
     
     
         4 . The method according to  claim 2  or  3 , characterized in that the information regarding the communication includes: a) in the case where the first user initiates a call, the secret identification number (SI 1 ) corresponding to the first user and a public identification number (PI 2 ) corresponding to the second user; or b) in the case where the second user initiates a call, the secret identification number (SI 2 ) corresponding to the second user and a public identification number (PI 1 ) corresponding to the first user.  
     
     
         5 . The method according to any one of  claims 2  to  4 , characterized in that the secret identification number (SI 1  or SI 2 ) is encrypted prior to transmission to form an encrypted secret identification number (FI 1  or FI 2 ).  
     
     
         6 . The method according to any one of  claims 2  to  5 , characterized in that the step of deriving includes: 
 accessing the database to determine the identification numbers (SI1, PI1) of the first user based on the received information;  
 in the case where the first user initiates the call, receiving a message from the second user, the message including an indication of the secret identification number (SI 2 ) of the second user and the public identification number (PI 1 ) of the first user, or, in the case where the second user initiates the call, receiving a message from the first user, the message including an indication of the secret identification number (SI 1 ) of the first user and the public identification number (PI 2 ) of the second user; and  
 using the information obtained in the accessing and receiving substeps to derive a known mapping between the secret identification number of the second user (SI 2 ) and the public identification number of the second user (PI 2 ).  
 
     
     
         7 . The method according to any one of  claims 1  to  6 , characterized in that the method further comprises the steps of: 
 determining the identity of the second user using another known identity to form an updated identity;  
 determining whether the updated identity has a higher confidence level than a previously stored identity for the second user; and  
 storing the updated identity in the database if it has a higher confidence level than the previously stored identity.  
 
     
     
         8 . The method according to  claim 7 , characterized in that the confidence level is at least one of: 
 a distance measure which indicates the number of derivations from a trusted identity to a final derived identity; or    an age measure which indicates the lapse of time since an identity was uncovered.    
     
     
         9 . The method according to any one of  claims 1  to  8 , characterized in that the establishing, storing, receiving, deriving and updating steps are performed in a data server in a first communication network, and wherein the identities pertain to users of a second communication network.  
     
     
         10 . The method according to  claim 9 , characterized in that the first data network is a packet-switched communication network, and the second network is a circuit-switched communication network.  
     
     
         11 . A system for deriving the identity of a user, comprising: 
 at least first and second user devices operated by first and second users, respectively;    a data server for providing at least one service to the first and/or second users;    a first data network connected to the data server; and    a second communications network providing communication services to the first and second users,    characterized in that the data server includes a database and a processing unit, wherein said processing unit includes:    establishing logic for establishing a first known identity associated with the first user;    storing logic for storing the first known identity in the database;    receiving logic for receiving information regarding a communication between the first user and the second user;    deriving logic for deriving a second known identity associated with the second user based on the first known identity and the received information regarding the communication with the second user; and    updating logic for updating the database to store the second known identity in the database.    
     
     
         12 . The system according to  claim 11 , characterized in that the processing logic for establishing a known identity comprises logic for establishing a mapping between a secret identification number (SI 1 ) and public identification number (PI 1 ) for the first user.  
     
     
         13 . The system according to  claim 12 , characterized in that the secret identification number (SI 1 ) comprises an IMSI number and the public identification number (PI 1 ) comprises a MSISDN number.  
     
     
         14 . The system according to  claim 12  or  13 , characterized in that the information regarding the communication includes: a) in the case where the first user initiates a call, the secret identification number (SI 1 ) corresponding to the first user and a public identification number (PI 2 ) corresponding to the second user; or b) in the case where the second user initiates a call, the secret identification number (SI 2 ) corresponding to the second user and a public identification number (PI 1 ) corresponding to the first user.  
     
     
         15 . The system according to any one of  claims 12  to  14 , characterized in that the secret identification number (SI 1,  or SI 2 ) is encrypted prior to transmission to form an encrypted secret identification number (FI 1  or FI 2 ).  
     
     
         16 . The system according to any one of  claims 12  to  15 , characterized in that the logic for deriving includes: 
 accessing logic for accessing the database to determine the identification numbers (SI 1 , PI 1 ) of the first user based on the received information;  
 receiving logic for receiving, in the case where the first user initiates a call, a message from the second user, the message including an indication of the secret identification number (SI 2 ) of the second user and the public identification number (PI 1 ) of the first user or, in the case where the second user initiates the call, receiving a message from the first user, the message including an indication of the secret identification number (SI 1 ) of the first user and the public identification number (PI 2 ) of the second user; and  
 mapping logic for using the information obtained by the accessing and message receiving logic to derive a known mapping between the secret identification number of the second user (SI 2 ) and the public identification number of the second user (PI 2 ).  
 
     
     
         17 . The system according to any one of  claims 11  to  16 , characterized in that the processing unit further includes: 
 determining logic for determining the identity of the second user using another known identity to form an updated identity;  
 determining logic for determining whether the updated identity has a higher confidence level than a previously stored identity; and  
 storing logic for storing the updated identity in the database if it has a higher confidence level than the previously stored identity.  
 
     
     
         18 . The system according to  claim 17 , characterized in that the confidence level is at least one of: 
 a distance measure which indicates the number of derivations from a trusted identity and a final derived identity; or    an age measure which indicates the lapse of time since an identity was uncovered.    
     
     
         19 . The system according to any one of  claims 11  to  15 , characterized in that the identities pertain to users of the second communication network.  
     
     
         20 . The system according to any one of  claims 11  to  19 , characterized in that the first data network is a packet-switched communication network, and the second network is a circuit-switched communication network.  
     
     
         21 . A data server for deriving the identity of a user, comprising a database and a processing unit, characterized in that said processing unit includes: 
 establishing logic for establishing a first known identity associated with a first user;    storing logic for storing the first known identity in the database;    receiving logic for receiving information regarding a communication between the first user and a second user;    deriving logic for deriving a second known identity associated with the second user based on the first known identity and the received information regarding the communication with the second user; and    updating logic for updating the database to store the second known identity in the database.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.