Generating and linking private transaction identifiers to distributed data repositories
Abstract
Techniques are described for generating semi-random private transaction identifiers for users that are meaningful to data providers and can be used by data providers to perform internal queries for user data. A user provides input to an identity management service indicating the user's consent to link their user account at the identity management service to one or more data providers. The identity management service stores a group blinded transaction identifier (GBTI) based on transaction identifiers generated by one or more data providers. When the user desires to obtain a service from a service provider, the user obtains GBTI-derived value from the identity management service and sends it to the service provider. The service provider sends the GBTI-derived value (and possibly other information) to the data provider to prove that it has the user's consent to obtain desired data or insights about the user but without infringing the user's privacy.
Claims
exact text as granted — not AI-modified1 - 20 . (canceled)
21 . A computer-implemented method performed by one or more servers hosted by an identity management service, the method comprising:
receiving, from a user computing device, a first request to create a first persona associated with a user account of the identity management service, wherein the first persona is associated with a first digitally signed consent ticket indicating a user's consent for a first data provider to perform a first action involving one or more specified data items associated with the user account; receiving a second request to create a second persona associated with the user account, wherein the second persona is associated with a second digitally signed consent ticket indicating the user's consent for a second data provider to perform a second action involving the one or more specified data items associated with the user account; receiving a request to perform the first action involving the one or more specified data items associated with the user account; and performing the first action in part by causing the first data provider to perform the first action involving the one or more specified data items associated with the user account.
22 . The computer-implemented method of claim 21 , wherein the first persona is associated with a first key pair, and wherein the second persona is associated with a second key pair that is different from the first key pair.
23 . The computer-implemented method of claim 21 , wherein the first digitally signed consent ticket does not permit the second data provider to perform the first action involving the one or more specified data items associated with the user account.
24 . The computer-implemented method of claim 21 , wherein the one or more specified data items are a first one or more specified data items, and wherein the method further comprises:
receiving, from the user computing device, a third request to create a third persona associated with the user account, wherein the third persona is associated with a third digitally signed consent ticket indicating the user's consent for the first data provider to perform a third action involving a second one or more specified data items that are different from the first one or more specified data items.
25 . The computer-implemented method of claim 21 , further comprising:
causing display of a list of actions supported by the first data provider, wherein the list of actions includes the first action; and receiving input selecting the first action, wherein the input indicates the user's consent for the first data provider to perform the first action.
26 . The computer-implemented method of claim 21 , further comprising:
causing display of a list of actions supported by the first data provider, wherein the list of actions includes the second action; and receiving input selecting the second action, wherein the input indicates that the user does not consent to the first data provider performing the second action.
27 . The computer-implemented method of claim 21 , further comprising storing, using a decentralized ledger technology storage resource, hashes of each of the first digitally signed consent ticket and the second digitally signed consent ticket.
28 . The computer-implemented method of claim 21 , wherein the first digitally signed consent ticket is associated with an expiration time.
29 . The computer-implemented method of claim 21 , further comprising sending a message to the first data provider indicating that the user has consented to the first data provider performing the first action involving the one or more specified data items associated with the user account.
30 . The computer-implemented method of claim 21 , further comprising sending a message to the first data provider indicating that the user has consented to the first data provider performing the first action involving the one or more specified data items associated with the user account, wherein the message includes a private identifier of the user account.
31 . A system comprising:
an identity management service implemented by a first one or more electronic devices comprising at least one hardware processor, the identity management service including first instructions that upon execution by the at least one hardware processor cause the identity management service to:
receive, from a user computing device, a first request to create a first persona associated with a user account of the identity management service,
wherein the first persona is associated with a first digitally signed consent ticket indicating a user's consent for a first data provider to perform a first action involving one or more specified data items associated with the user account;
receive a second request to create a second persona associated with the user account, wherein the second persona is associated with a second digitally signed consent ticket indicating the user's consent for a second data provider to perform a second action involving the one or more specified data items associated with the user account;
receive a request to perform the first action involving the one or more specified data items associated with the user account,
perform the first action in part by causing the first data provider to perform the first action involving the one or more specified data items associated with the user account, and
send a message to the first data provider indicating that the user has consented to the first data provider performing the first action involving the one or more specified data items associated with the user account; and
the first data provider implemented by a second one or more electronic devices comprising at least one hardware processor, the first data provider including second instructions that upon execution by the at least one hardware processor cause the first data provider to:
receive the message indicating that the user has consented to the first data provider performing the first action involving one or more specified data items associated with the user account,
generate a private transaction identifier for the user, and
store the private transaction identifier in association with data related to the user possessed by the first data provider.
32 . The system of claim 31 , wherein the first persona is associated with a first key pair, and wherein the second persona is associated with a second key pair that is different from the first key pair.
33 . The system of claim 31 , wherein the first digitally signed consent ticket does not permit the second data provider to perform the first action involving the one or more specified data items associated with the user account.
34 . The system of claim 31 , wherein the one or more specified data items are a first one or more specified data items, and wherein the first instructions that upon execution by the at least one hardware processor further cause the identity management service to:
receiving, from the user computing device, a third request to create a third persona associated with the user account, wherein the third persona is associated with a third digitally signed consent ticket indicating the user's consent for the first data provider to perform a third action involving a second one or more specified data items that are different from the first one or more specified data items.
35 . The system of claim 31 , wherein the first instructions that upon execution by the at least one hardware processor further cause the identity management service to:
causing display of a list of actions supported by the first data provider, wherein the list of actions includes the first action; and receiving input selecting the first action, wherein the input indicates the user's consent for the first data provider to perform the first action.
36 . The system of claim 31 , wherein the first instructions that upon execution by the at least one hardware processor further cause the identity management service to:
causing display of a list of actions supported by the first data provider, wherein the list of actions includes the second action; and receiving input selecting the second action, wherein the input indicates that the user does not consent to the first data provider performing the second action.
37 . A non-transitory computer-readable storage medium storing instructions which, when executed by one or more processors, cause performance of operations comprising:
receiving, from a user computing device, a first request to create a first persona associated with a user account of an identity management service, wherein the first persona is associated with a first digitally signed consent ticket indicating a user's consent for a first data provider to perform a first action involving one or more specified data items associated with the user account; receiving a second request to create a second persona associated with the user account, wherein the second persona is associated with a second digitally signed consent ticket indicating the user's consent for a second data provider to perform a second action involving the one or more specified data items associated with the user account; receiving a request to perform the first action involving the one or more specified data items associated with the user account; and performing the first action in part by causing the first data provider to perform the first action involving the one or more specified data items associated with the user account.
38 . The non-transitory computer-readable storage medium of claim 37 , wherein the first persona is associated with a first key pair, and wherein the second persona is associated with a second key pair that is different from the first key pair.
39 . The non-transitory computer-readable storage medium of claim 37 , wherein the first digitally signed consent ticket does not permit the second data provider to perform the first action involving the one or more specified data items associated with the user account.
40 . The non-transitory computer-readable storage medium of claim 37 , wherein the one or more specified data items are a first one or more specified data items, and wherein the instructions, when executed by one or more processors, cause performance of operations comprising:
receiving, from the user computing device, a third request to create a third persona associated with the user account, wherein the third persona is associated with a third digitally signed consent ticket indicating the user's consent for the first data provider to perform a third action involving a second one or more specified data items that are different from the first one or more specified data items.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.