Patent application number | Description | Published |
20080301780 | ACCESS CONTROL NEGATION USING NEGATIVE GROUPS - The subject disclosure pertains to systems and methods that facilitate managing groups entities for access control. A negative group is defined using a base group, where the negative group associated with a base group includes any entities not included in the base group. Negative groups can be implemented using certificates rather than explicit lists of negative group members. A certificate can provide evidence of membership in the negative group and can be presented for evaluation to obtain access to resources. Subtraction groups can also be used to manage access to resources. A subtraction group can be defined as the members of a first group, excluding any members of a second group. | 12-04-2008 |
20080307486 | ENTITY BASED ACCESS MANAGEMENT - The subject disclosure pertains to systems and methods that facilitate entity-based for access management. Typically, access to one or more resources is managed based upon identifiers assigned to entities. Groups of identifiers can be assigned to access rights. An authority component can manage an exclusion group that excludes an entity, regardless of the identifier utilized by the entity. Access control components can utilize exclusion groups in access policies to define access rights to a resource. | 12-11-2008 |
20080313712 | TRANSFORMATION OF SEQUENTIAL ACCESS CONTROL LISTS UTILIZING CERTIFICATES - The subject disclosure pertains to systems and methods that facilitate managing access control utilizing certificates. The systems and methods described herein are directed to mapping an access policy as expressed in an access control list to a set of certificates. The set of certificates can be used to grant access to resources in the manner described by the ACL. The certificates can be distributed to entities for use in obtaining access to resources. Entities can present certificates to resources as evidence of their right to access the resources. The access logic of the sequential ACL can be transformed or mapped to a set of order independent certificates. In particular, each entry, position of the entry in the list and any preceding entries can be analyzed. The analysis can be used to generate order independent certificates that provide access in accordance with the access policy communicated in the ACL. | 12-18-2008 |
20090007247 | DOMAIN ID SERVICE - The subject disclosure pertains to a domain identification system, comprising a principal that has a key and a mnemonically meaningless identifier, the mnemonically meaningless identifier is used to identify the component in a networked environment. The mnemonically meaningless identifier can be bound to the public key by a binding. The component may be part of a neighborhood of components, and each member component knows the members' binding. | 01-01-2009 |
20090265242 | PRIVACY-CENTRIC AD MODELS THAT LEVERAGE SOCIAL GRAPHS - The claimed subject matter relates to an architecture that can mitigate privacy concerns in connection with ad targeting or data collection. In particular, architecture can be included in a personal mobile communication device such as a cell phone. During communication transactions between the host device and a peer device, shared information can be extracted either from content included in the communication or from metadata. Based upon the shared information, a social graph maintained on the host device can be updated. In addition, the host device can receive a large set of ads and select or tailor a custom ad from the set based upon the social graph. | 10-22-2009 |
20090300509 | PROFILE AND CONSENT ACCRUAL - Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual. | 12-03-2009 |
20100332496 | IMPLICIT PRODUCT PLACEMENT LEVERAGING IDENTIFIED USER AMBITIONS - The claimed subject matter provides a system and/or a method that facilitates accessing information content based at least in part on relevancy to a user by leveraging user ambitions. User ambitions can take the form of to-do lists, calendar items, goals, or interests. These can be leveraged with or without contextual information, historical data, user profiles, and the like to determine the relevancy of content to a specific user. This can facilitate determining what content is accessible to a user based on relevance. A threshold relevance level can be dynamically adjusted. | 12-30-2010 |
20110022464 | OPTIMIZING ADS BY CUSTOMIZATION FOR A TARGET DEVICE - Computer systems, methods and media for optimizing an advertisement are provided. Creative elements for an ad campaign are received from an advertiser. In response to an ad call from a target device, device information, application information, and user information are accessed. Based on the accessed information and the creative elements of the dynamic creative, a customized ad is created that includes an optimized set of creative elements for the target device and the application such that the user gets an optimized user experience regardless of the target device presenting the ad. | 01-27-2011 |
20110025816 | ADVERTISING AS A REAL-TIME VIDEO CALL - The claimed subject matter provides systems and/or methods that effectuate distribution of advertising as real-time video calls. The system can include devices that detect whether or not a mobile device associated with a user is in the vicinity of a retail establishment, ascertains whether or not the proximate mobile device is receptive to receipt of advertising from the retail establishment, negotiates with the mobile device to determine at least one user preference with respect to a real-time video call, and based on the ascertained user preferences, downloads the appropriate real-time video call to the mobile device and/or establishes a live audio-visual connection with a representative of the retail establishment, wherein during the live audio-visual connection negotiations between the user and the representative is effectuated and the user comprehends that they are communicating with a famous personality. | 02-03-2011 |
20110040627 | VIRAL ADVERTISEMENTS - The claimed subject matter provides systems and/or methods for propagating viral advertising content to multiple mobile devices without utilizing an intermediary interposing hosting and/or distribution service. The system includes devices that receive viral advertising content on a mobile device, modify the viral advertising content with further viral advertising content previously received from a disparate mobile device, determine sets of recipients to whom the modified viral advertising content can be perceived as compelling, and disseminates the modified viral advertising content to the sets of recipients each of whom can be associated with a disparate mobile device. | 02-17-2011 |
20110083013 | PRIVACY VAULT FOR MAINTAINING THE PRIVACY OF USER PROFILES - Methods, systems, and computer-readable media for facilitating personalization of web content is provided, while protecting the privacy of the user data utilized to personalize the user's experience. A privacy vault may collect user data including user activity data, demographic data, and user interests submitted by a user. In one embodiment, the privacy vault operates on a user client device. The privacy vault sends the user data to a community vault that collects user data from multiple users. The community vault generates segment rules that whether a user belongs to a user segment, which expresses a user's interest. The segment rules are then communicated back to the privacy vault, which assigns one or more user segments to the user based on the user data available to the privacy vault and the segment rules. The privacy vault may communicate user segments to one or more content providers that supply personalized content that is selected based on the user segments provided. | 04-07-2011 |
20110093780 | ADVERTISING AVATAR - An advertising avatar provides an engaging advertising experience. To create an advertising avatar, a user provides information that may be used to target advertisements to the user. The information is stored in a user profile and associated with an avatar ID. Additionally, an avatar image is created for the advertising avatar that is based on information provided by the user. The more information the user provides, the more fully featured the appearance of the avatar image becomes. When an advertisement is to be displayed on a user's client device, an advertisement is selected based on information in the user profile. The avatar image for the user's advertising avatar may be presented within the advertisement when the advertisement is presented on the user's client device. The presence of the avatar image within an advertisement may provide an indication to the user that the advertisement supports user interaction. | 04-21-2011 |
20110119732 | SYSTEM AND METHOD FOR USER-CENTRIC AUTHORIZATION TO ACCESS USER-SPECIFIC INFORMATION - In a network computing environment, a user-centric system and method for controlling access to user-specific information maintained in association with a web-services service. When a web-services client desires access to the user-specific information, the client sends a request. The request identifies the reasons/intentions for accessing the desired information. The request is compared to the user's existing access permissions. If there is no existing access permission, the request is compared to the user's default preferences. If the default preferences permit the requested access, an access rule is created dynamically and the client's request is filled, without interrupting the user. If the default preferences do not permit the request to be filled, a consent user interface may be invoked. The consent user interface presents the user with one or more consent options, thereby permitting the user to control whether the client will be given access to the user-specific information. | 05-19-2011 |
20110179367 | SIMPLIFYING APPLICATION ACCESS TO SCHEMATIZED CONTACT DATA - The present invention is directed to utilizing contact data controls to simplify access to schematized contact data. Contact data controls abstract the formatting of schematized contact data from applications. In some embodiments, applications that lack the configuration to natively access schematized contact data (e.g., lack the functionality to convert between schematized and non-schematized data or are not authorized) forward requests to access schematized contact data to an external contact data control. In other embodiments, applications that lack the configuration to natively access schematized contact data forward non-schematized data, which is to be used to update schematized contact data, to an external contact data control. External contact data controls appropriately interact with the schematized data and can provide user-interface such that an application designer need not have extensive knowledge of contact schemas associated with the schematized contact data. | 07-21-2011 |
20110314419 | CUSTOMIZING A SEARCH EXPERIENCE USING IMAGES - Systems, methods, and computer storage media having computer-executable instructions embodied thereon that present images customized for a user. In embodiments, a search query input by a user and user data associated with the user are referenced. The search query and/or user data is utilized to select one or more images to display via a display screen. Such an image(s) can be, for example, a background image that is presented as a background to a search results webpage and/or an icon image that represents a category of search results. | 12-22-2011 |
20110320956 | INTERACTION BETWEEN ADS AND APPLICATIONS - Various technologies, methods, systems, processes, and compositions of matter pertaining to advertisements, and advertisement interactions with users and applications may be described. A single advertisement may be selected for a user based on a single lookup of the user profile at an advertisement server. The advertisement server may send a single adget to the user. This single adget is then seamlessly used on multiple devices. Each device may automatically select a different View of the advertisement. Each device may automatically render a different Actions as supported by a device. | 12-29-2011 |
20120016903 | IDENTITY MANAGEMENT USER EXPERIENCE - Upon requesting to share one or more types of identity information, a user is automatically presented with an interface through which the user can interact in selecting an amount of identity items to share. A subset of the total identity items selected may then be shared with specified entities. Interfaces can also be used to assist the user in managing identity information that has been shared with others by providing the user with a visual list of entities for which the user has shared specified identity information and to whom updated information can be sent. | 01-19-2012 |
20120233676 | GROUPING PERSONAL ACCOUNTS TO TAILOR A WEB SERVICE - This document describes grouping personal accounts to tailor a web service. By grouping personal accounts, a service provider may tailor a web service to multiple people based on information about those people. | 09-13-2012 |
20120304091 | SYSTEM AND METHOD FOR DISCOVERING AND PUBLISHING OF PRESENCE INFORMATION ON A NETWORK - A system and method is provided for publication and discovery of the presence of nearby users on a network. When the system is enabled, the presence of the local user is published on the network. Nearby users that also have a similar system enabled can discover the local user's presence on the network. Furthermore, the local user may discovery the presence of the other nearby users that are currently publishing their presence on the network. | 11-29-2012 |
20130283342 | Transformation of Sequential Access Control Lists Utilizing Certificates - The subject disclosure pertains to systems and methods that facilitate managing access control utilizing certificates. The systems and methods described herein are directed to mapping an access policy as expressed in an access control list to a set of certificates. The set of certificates can be used to grant access to resources in the manner described by the ACL. The certificates can be distributed to entities for use in obtaining access to resources. Entities can present certificates to resources as evidence of their right to access the resources. The access logic of the sequential ACL can be transformed or mapped to a set of order independent certificates. In particular, each entry, position of the entry in the list and any preceding entries can be analyzed. The analysis can be used to generate order independent certificates that provide access in accordance with the access policy communicated in the ACL. | 10-24-2013 |
20140237616 | PROFILE AND CONSENT ACCRUAL - Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual. | 08-21-2014 |