Patent application number | Description | Published |
20080263470 | Preview Mode - Various exemplary metadirectories, systems and/or methods include or allow for executing a software module on an execution engine, emitting semantic information based on the executing, and analyzing the executing using the semantic information. An exemplary execution engine includes an input for receiving software modules, an output for emitting semantic information, and an output for outputting generated output information. Upon execution, an exemplary software module may cause processing of information in a metadirectory and emitting of semantic information pertaining to the processing. Various exemplary metadirectories, systems and/or methods emit and/or store semantic information in a self-defining language, an extensible language, and/or a markup language. Other exemplary metadirectories, systems, and/or methods are also disclosed. | 10-23-2008 |
20080289020 | Identity Tokens Using Biometric Representations - An identity system and method uses biometric representation(s) in identity tokens. When a principal requests access to a relying party, the relying party may request an identity token containing a first claim about the principal and a biometric representation of the principal. An identity provider may then create the identity token, including a digital signature. The relying party may receive the identity token through a first channel and decode it. The relying party may also receive and use biometric information about the principal received through a second channel to verify the validity of the first claim at least in part through comparison of the biometric representation to the biometric information. | 11-20-2008 |
20090031236 | USER INTERFACE AND METHOD TO FACILITATE HIERARCHICAL SPECIFICATION OF QUERIES USING AN INFORMATION TAXONOMY - A user interface, system, and method are disclosed to facilitate specification of queries and displaying corresponding results. The user interface presents the user with dimensions that contain one or more headings arranged according to an information taxonomy, which can vary based on the intended implementation for the system and user interface. A corresponding filter or query is constructed based on the user selecting of one or more headings. The filter is applied to one or more databases to return results that satisfy the filter. The results are presented in the user interface and can include interactive items based on a particular query as well as can correspond to a fully specified task. | 01-29-2009 |
20090063466 | Resource selector, including for use in handheld devices - Described is a technology by which a resource selector traverses a hierarchical storage structure to enumerate its resources and provide a flat list of corresponding items. The user interacts with the flat list to select an item. The resource selector is particularly beneficial when incorporated into a handheld computing device. The resource selector may use a filtering criterion associated with an application program, e.g., the hierarchical storage may correspond to a file system, with the file extension (type) being the filtering criterion. A trigger coupled to the resource selector triggers the resource selector, in which the trigger may be incorporated into the application program, or may comprise an application-independent (e.g., operating system) component that knows which application program currently has focus and triggers the resource selector for that application. | 03-05-2009 |
20090164236 | SMARTER SCHEDULING FOR MEDICAL FACILITIES AND PHYSICIANS - The claimed subject matter provides a system and/or a method that facilitates scheduling an incoming patient appointment for a medical facility. A medical facility can provide healthcare to a patient, wherein the medical facility can utilize a schedule with an available time slot to assign an appointment to a patient. A match component can evaluate a portion of transportation data to select a patient to which an appointment on the schedule is allotted. A dynamic schedule component can automatically adjust the schedule based upon the evaluation. | 06-25-2009 |
20090198733 | HEALTHCARE RESOURCE LOCATOR - The claimed subject matter provides a system and/or a method that facilitates identifying a medical facility for an emergency medical situation. An interface can receive a portion of data related to an emergency medical incident and a corresponding location. A match component can evaluate the portion of data to select a medical facility in which to transport a patient involved in the emergency medical incident, wherein the medical facility can be ascertained based on a distance between the location of the emergency medical incident and a location for the selected medical facility and traffic related to a route there between. | 08-06-2009 |
20090259488 | VETTING DOCTORS BASED ON RESULTS - The claimed subject matter provides systems and/or methods that identify healthcare professionals appropriate to treat diseases. The system can include mechanisms that employ patient symptoms, diagnoses associated with the symptoms, proposed treatment plans, or treatment outcomes based on proposed treatment plans, to construct and utilize dependency graphs to infer a score. The inferred score can then be employed to identify qualified healthcare professionals appropriate to treat the disease as presented by the patient and indicated by the symptoms. | 10-15-2009 |
20090319795 | DIGITALLY SIGNING DOCUMENTS USING IDENTITY CONTEXT INFORMATION - Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information. | 12-24-2009 |
20100114984 | MODELING PARTY IDENTITIES IN COMPUTER STORAGE SYSTEMS - The present invention extends to methods, systems, and computer program products for modeling party identities in computer storage systems. A federated identity fabric models identity data and relationships between portions of indentify data in computer storage systems in accordance with a uniform schema. The federated identity fabric can federate distributed identity and identity relationship data from computer storage systems within the variety of different computing environments. Code and metadata at computing environments associated with the federated identity fabric can interoperate to facilitate uniformly storing, accessing, modifying, deleting, and securing identity and identity relationship data within the federated identify fabric. Embodiments of the invention include utilizing an identity key table entry to locate party identity information and performing key transformations between different types of identity keys. | 05-06-2010 |
20100167801 | KIDS PERSONAL HEALTH RECORDS FED INTO VIDEO GAMES - The claimed matter provides systems and/or techniques that regulate and/or prescribe an individual's behavior while playing electronic games. The system includes mechanisms and/or modalities that identify physical and/or mental activities similar to those undertaken by a game character and that are appropriate to the fitness or mental capabilities of the individual. It requests the individual to perform the activities selected during the execution of the electronic game, monitors the individual's performance of the activity, and reproduces and associates the individual's actions in performing the selected task to the game character during execution of the electronic game. Further, it enhances or diminishes attributes of the game character based on the intensity of the individual's performance of the selected activity. | 07-01-2010 |
20100192209 | PASSIVE SECURITY ENFORCEMENT - Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels. | 07-29-2010 |
20100192230 | PROTECTING TRANSACTIONS - Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction. | 07-29-2010 |
20100293604 | INTERACTIVE AUTHENTICATION CHALLENGE - A system and method for authenticating a request for a resource. A requester sends the request for a resource to a server in a first protocol. The server may send a challenge message to the requester. In response, the requester employs a challenge handler that performs an interactive challenge with a challenge server in a second protocol. Upon successful conclusion of the interactive challenge, the challenge handler synchronizes with a request handler, which sends a challenge response message to the server. The server may then enable access to the requested resource. | 11-18-2010 |
20130275282 | ANONYMOUS BILLING - Aspects of the subject matter described herein relate to billing for transactions involving a claims provider. In aspects, in conjunction with presenting a claim to a relying party, billing information is provided to a billing service. The billing information may include information to identify a claims provider that provided the claim and information that identifies the relying party. The information does not include data that can be used to determine the natural identity of a user that presented the claim. In response, a count is updated that can be used for billing. The count is not usable to determine the natural identities of users that presented claims to the relying party. | 10-17-2013 |
20130276087 | MULTIFACTOR AUTHENTICATION - Aspects of the subject matter described herein relate to identity technology. In aspects, a user device requests access to a service provided by a relying party. In response, the relying party indicates required claims and may also indicate claims providers from which the required claims may be obtained. The user device may obtain the required claims from different claims providers, and send the claims obtained from the different claims providers in one or more messages to the relying party. The relying party may verify the claims or employ a validating service to verify that the claims are valid prior to providing access to the requested service. | 10-17-2013 |
20130276088 | IDENTITY MANAGEMENT WITH HIGH PRIVACY FEATURES - Aspects of the subject matter described herein relate to identity technology. In aspects, a user device sends a request for access to a service. In response, the service directs the user device to a user agent that may be downloaded or that may already exist on the user device. The user agent includes code that executes on the user device to create a security boundary. The security boundary controls transmission of identity information that may be used to identify a user of the device. | 10-17-2013 |
20130276131 | PRIVACY FROM CLOUD OPERATORS - Aspects of the subject matter described herein relate to identity technology. In aspects, even though a cloud operator may control one or all of the entities with which a user device interacts, the employees and computers controlled by the cloud operator may still have insufficient data to determine a natural identity of the user based on interactions of the user device with the cloud operator's computers. Privacy boundaries on the user device control transmission of natural identity information to other entities such that, without user consent, computers outside of the user device have insufficient data singly or combined to determine a natural identity of the user. | 10-17-2013 |
20140090088 | Facilitating Claim Use by Service Providers - Aspects of the subject matter described herein relate to facilitating claim use in an identity framework. In aspects, a definition of a trust framework may be received and stored. A graphical interface may display a plurality of trust frameworks and allow an administrator to select which trust framework to instantiate. The graphical interface may also allow the administrator to define which rules of the trust framework to use in the instance of the trust framework. After receiving this information, the instance of the trust framework may be instantiated and configuration data provided to the administrator to allow the administrator to configure a Web service to invoke the instance of the trust framework to grant or deny access to the Web service. | 03-27-2014 |
20140215577 | REMOTE ACCESS OF DIGITAL IDENTITIES - A system and method for controlling distribution and use of digital identity representations (“DIRs”) increases security, usability, and oversight of DIR use. A DIR stored on a first device may be obtained by a second device for use in satisfying the security policy of a relying party. Release of the DIR to the second device requires permission from a device or entity that may be different from the device or entity attempting to access the relying party. Further, the use of the DIR to obtain an identity token may separately require permission of even a different person or entity and may be conditioned upon receiving satisfactory information relating to the intended use of the DIR (e.g., the name of the relying party, type of operation being attempted, etc.). By controlling the distribution and use of DIRs, security of the principal's identity and supervisory control over a principal's activities are enhanced. | 07-31-2014 |
20140223522 | PASSIVE SECURITY ENFORCEMENT - Technology is described for enabling passive enforcement of security at computing systems. A component of a computing system can passively authenticate or authorize a user based on observations of the user's interactions with the computing system. The technology may increase or decrease an authentication or authorization level based on the observations. The level can indicate what level of access the user should be granted. When the user or a component of the computing device initiates a request, an application or service can determine whether the level is sufficient to satisfy the request. If the level is insufficient, the application or service can prompt the user for credentials so that the user is actively authenticated. The technology may enable computing systems to “trust” authentication so that two proximate devices can share authentication levels. | 08-07-2014 |