US2013179988A1PendingUtilityA1

Secure Profile System And Method

59
Assignee: EZSHIELD INCPriority: Jan 9, 2012Filed: Dec 28, 2012Published: Jul 11, 2013
Est. expiryJan 9, 2032(~5.5 yrs left)· nominal 20-yr term from priority
G06Q 50/265H04L 63/14H04L 63/0823G06F 21/60H04L 67/02G06Q 30/0185G06F 21/6218H04L 63/168H04L 63/08G06Q 10/00
59
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A computer implemented method for a secure profile system for an identity management system having: on a computer device having one or more processors and a memory storing one or more programs for execution by the one or more processors, the one or more programs including instructions for: defining a structure; storing data associated with a profile, where the profile contains an object; securely granting access to the profile and a subject; configuring an audit log to provide an account of an access to data housed within the profile; implementing a security-related algorithm and protocol; exchanging data between two or more subjects; and providing secured, externalized content. Also, a computer system and non-transitory computer-readable storage medium adapted for the same.

Claims

exact text as granted — not AI-modified
We claim: 
     
         1 . A computer implemented method for a secure profile system for an identity management system, comprising:
 on a computer device having one or more processors and a memory storing one or more programs for execution by the one or more processors, the one or more programs including instructions for:
 defining a structure; 
 storing data associated with a profile, wherein the profile contains an object; 
 securely granting access to the profile and a subject; 
 configuring an audit log to provide an account of an access to data housed within the profile; 
 implementing a security-related algorithm and protocol; 
 exchanging data between two or more subjects; and 
 providing secured, externalized content. 
   
     
     
         2 . The computer implemented method of  claim 1 , wherein the object is a stream of binary data. 
     
     
         3 . The computer implemented method of  claim 1 , wherein the object is a securely stored blob of arbitrary data. 
     
     
         4 . The computer implemented method of  claim 1 , wherein the object is a record, wherein the record has an associated structure. 
     
     
         5 . The computer implemented method of  claim 1 , the one or more programs further including instructions for providing shared-secret access to data. 
     
     
         6 . The computer implemented method of  claim 1 , the one or more programs further including instructions for storing the data in a database system. 
     
     
         7 . The computer implemented method of  claim 6 , the one or more programs further including instructions for accessing the database system with a data access system. 
     
     
         8 . The computer implemented method of  claim 7 , wherein the data access system comprises atomic primitives providing fundamental data operations for system entities. 
     
     
         9 . The computer implemented method of  claim 7 , the one or more programs further including instructions for:
 configuring a controller system to access the data access system;   configuring a context system to access the controller system; and   configuring a service system to access the context system.   
     
     
         10 . The computer implemented method of  claim 9 , wherein the database system is isolated from the data access system, the controller system, the context system and the service system; wherein the database system has a level of access that is more restricted than a level of access for the data access system, the controller system, the context system and the service system; and wherein the data associated with the profile is layer encrypted. 
     
     
         11 . The computer implemented method of  claim 9 , wherein the controller system assembles and orchestrates data access primitives into higher level system functions. 
     
     
         12 . The computer implemented method of  claim 9 , wherein the context system provides a stateful security context with a known acting principal for all requested operations. 
     
     
         13 . The computer implemented method of  claim 9 , wherein the service system exposes all client-accessible functionality over a supported remote-access technology. 
     
     
         14 . The computer implemented method of  claim 9 , wherein the service system is adapted for use with an XML based communication standard for structured remote procedure calls. 
     
     
         15 . The computer implemented method of  claim 14 , wherein the XML based communication standard for structured remote procedure calls is a Simple Object Access Protocol (SOAP) protocol. 
     
     
         16 . The computer implemented method of  claim 9 , wherein the service system is adapted for use with Microsoft .NET technology for building service-oriented applications. 
     
     
         17 . The computer implemented method of  claim 16 , wherein the Microsoft .NET technology for building service-oriented applications is a Windows Communication Foundation (WCF) framework. 
     
     
         18 . The computer implemented method of  claim 1 , the one or more programs further including instructions for rotating a key for Payment Card Industry compliance. 
     
     
         19 . The computer implemented method of  claim 1 , the one or more programs consisting of instructions for operating the secure profile system with an application programming interface. 
     
     
         20 . A computer system for a core gateway for an identity management system, comprising:
 one or more processors; and   memory to store:
 one or more programs, the one or more programs comprising instructions for:
 defining a structure; 
 storing data associated with a profile, wherein the profile contains an object; 
 securely granting access to the profile and a subject; 
 configuring an audit log to provide an account of an access to data housed within the profile; 
 implementing a security-related algorithm and protocol; 
 exchanging data between two or more subjects; and 
 providing secured, externalized content. 
 
   
     
     
         21 . A non-transitory computer-readable storage medium storing one or more programs configured to be executed by one or more processing units at a computer for a secure profile system for an identity management system comprising instructions for:
 defining a structure;   storing data associated with a profile, wherein the profile contains an object;   securely granting access to the profile and a subject;   configuring an audit log to provide an account of an access to data housed within the profile;   implementing a security-related algorithm and protocol;   exchanging data between two or more subjects; and   providing secured, externalized content.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.