In order to describe the manner in which the above-recited and other advantages and features can be obtained, a more particular description of the subject matter briefly described above will be rendered by reference to specific embodiments which are illustrated in the appended drawings. Understanding that these drawings depict only typical embodiments and are not therefore to be considered to be limiting in scope, embodiments will be described and explained with additional specificity and detail through the use of the accompanying drawings in which:
Embodiments herein may comprise a special purpose or general-purpose computer including various computer hardware, as discussed in greater detail below.
One embodiment illustrated herein provides functionality for allowing a client to indicate privacy policies that are acceptable to the client. The privacy policies can be indicated on a case by case basis by sending privacy expectations with the information to which the privacy expectations apply. Recipients of the information and the privacy expectations may be configured to honor privacy expectations. Alternatively, a recipient may indicate that the privacy expectations cannot be honored. In still other embodiments, a recipient will honor privacy expectations insofar as the recipient is configured to honor the privacy expectations. In still other embodiments, the privacy expectations can be embedded into tokens by the receiver and issued back to the client such that the privacy expectations can be included with authentication activities with other services.
Notably, some services may have legal restrictions preventing them from honoring certain privacy expectations. Domestic and international laws may require certain information to be stored and/or shared with particular entities. Banking industries have notorious reporting and data collection requirements that may prevent certain handling of data. As such, as previously noted, these organization may only honor privacy expectations only insofar as they are able, or not at all.
Reference is now made to
The client 102 sends information 106 to the service 104. In one embodiment, the information may be sensitive and/or personal information. For example, the information may be personal information or personally identifying information such as name, address, telephone number, age, gender, etc. While some examples of information are illustrated here, this enumeration should not be considered limiting on the information or types of information that can be expressed in the embodiments described herein.
Alternatively, the privacy expectations may include purpose information specifying the purpose of sending potentially sensitive information.
In yet another alternative embodiment, the privacy expectations may include confidentiality information specifying with whom the potentially sensitive information may be shared. For example, in one embodiment, the privacy expectations may specify that the information should not be shared. In other embodiments, the privacy expectations may specify that the information should only be shared with a given set of partners. In yet another embodiment, the privacy expectations may specify that the information should only be shared with partners of the entity receiving the information.
Notably, while embodiments may be described as alternative embodiments, it should be understood that embodiments may include more than one of the alternatives, or different alternatives altogether.
Embodiments may be implemented in various environments. For example, in one embodiment, the information 106 and the privacy expectations 108 may be performed in an application messaging exchange. Other embodiments may be implemented in a token request or authorization exchange.
Referring once again to
In one embodiment the token 110 may include an indication of entity specific information that should be echoed for requestors to verify when using the token. Notably, entity specific information may be for any one of a number of different entities. For example, the information may apply to a user at a computer system. In another embodiment, the entity may apply to the computer system itself. Further still entities may be one of an organization, an individual, a computer system, other systems, etc. The specific enumeration of entities here should not be considered limiting of entities used in the embodiments that may be implemented.
Referring now to
The method 200 may be practiced in a number of embodiments as discussed previously. For example, the method 200 may be practiced in a token request procedure. In one embodiment, when the method 200 is practiced in a token request procedure, the method may further include receiving a token which includes the privacy expectation information. Such a token may be for example an identity token for identifying an entity, and/or an authorization token to allow the entity to access functionality of a service. Additionally, in one embodiment, the token may include an indication of entity specific information that should be echoed for requesters to verify when using the token.
While an example has been illustrated here where a method is used in a token request procedure, other environments may also be used. For example, the method 200 may be practiced in a simple application messaging exchange not including a token request procedure.
Referring now to
The method 300 illustrated in
Additionally, as illustrated previously herein, the information 106 and privacy expectations 108 may be used by a service 104 to provide a token 110 to the client 102. The token 10 may include privacy expectations embedded in the token 110. This allows the client 102 to pass the privacy expectations with the token 10 in other authentication procedures or service request procedures.
In one embodiment, the service 104 may consult service policy information to determine if the service 104 can honor all the privacy expectations 108. If the service 104 is able to honor the privacy expectations 108, the service 104 may notify the client 102 that the privacy expectations 108 will be honored. In some embodiments, the service 104 may not be able to honor the privacy expectations 108. The service can respond to the client 102 that the privacy expectations cannot be honored. The client 102 may then indicate to the service 104 either that the transaction should be completed in spite of the privacy expectations 108 not being able to be honored or alternatively, the client 102 may indicate that the transaction should be canceled and all information 106 previously sent to the service 104 discarded. In some embodiments, the service 104 may be able to honor some privacy expectations 108 while not being able to one or other privacy expectations. The service 104 can so indicate to the client 102. The client 102 can then determine whether not to precede with a given transaction.
Embodiments may also include computer-readable media for carrying or having computer-executable instructions or data structures stored thereon. Such computer-readable media can be any available media that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store desired program code means in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer. Such computers may include, but are not limited to desktop computers, laptop computers, server systems, personal digital assistants, smart phones, embedded systems, etc. When information is transferred or provided over a network or another communications connection (either hardwired, wireless, or a combination of hardwired or wireless) to a computer, the computer properly views the connection as a computer-readable medium. Thus, any such connection is properly termed a computer-readable medium. Combinations of the above should also be included within the scope of computer-readable media.
Computer-executable instructions comprise, for example, instructions and data which cause a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.
The present invention may be embodied in other specific forms without departing from its spirit or essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore, indicated by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.