System and method for selective information exchange
DC CAFCFirst Claim
1. In a network including a plurality of network devices operated by a plurality of users, a real-time information exchange, system for sharing user profile information between respective users of the network devices, comprising:
- a database management system connected to the network and storing the user profile information for a plurality of registered users of the information exchange system, the user profile information including a plurality of data elements, each data element having an associated one of the plurality of registered users;
wherein each data element has an associated subset of users to whom access to the data element has been granted; and
wherein users not included in the associated subset of users are denied access to the data element.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
A system and method for providing users with granular control over arbitrary information that allows for selective, real-time information sharing in a communications network such as the Internet is provided. In a network including a plurality of network devices operated by a plurality of users, a real-time information exchange system for sharing user profile information between respective users includes a database management system connected to the network. The database management system, which may be distributed across the network, stores the user profile information for a plurality of registered users of the information exchange system. The user profile information includes a plurality of data elements, each data element having an associated one of the plurality of registered users. Each data element has an associated group of users to whom access to the data element has been granted, and users not included in the associated group of users are denied access to the data element. Each registered user may selectively control the granting and denying of access to each of its associated data elements by other respective user, on an element-by-element, and user-by-user basis. Further, each registered user may dynamically create its own data fields.
531 Citations
24 Claims
-
1. In a network including a plurality of network devices operated by a plurality of users, a real-time information exchange, system for sharing user profile information between respective users of the network devices, comprising:
-
a database management system connected to the network and storing the user profile information for a plurality of registered users of the information exchange system, the user profile information including a plurality of data elements, each data element having an associated one of the plurality of registered users;
wherein each data element has an associated subset of users to whom access to the data element has been granted; and
wherein users not included in the associated subset of users are denied access to the data element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
a profile management application executing on the information exchange system, the profile management application providing each respective user with facilities to selectively control the granting and denying of access to each of its associated data elements by other respective users.
-
-
3. The information exchange system of claim 2 wherein the user profile information includes a set of pre-defined data fields, and wherein the profile management application is adapted to dynamically create new data fields for storing a new data element, upon the request of a registered user.
-
4. The information exchange system of claim 3 wherein the database management system includes a plurality of databases distributed across the network.
-
5. The information exchange system of claim 4 further comprising:
-
an affiliate system, including;
an affiliate database management system connected to the network through a physical firewall, and adapted to store the user profile information for a plurality of registered users of the information exchange system, the user profile information including a plurality of data elements; and
a plurality of affiliate network devices connected to the affiliate database management system through a local network.
-
-
6. The information exchange system of claim 5 wherein the data elements stored in the affiliate database management system are categorized as one of private information and public information;
- and
wherein a software firewall prevents data elements categorized as private information from being accessed from network devices connected to the affiliate database management system through the physical firewall.
- and
-
7. The information exchange system of claim 6 wherein the software firewall does not prevent data elements categorized as private information from being accessed by an affiliate network device.
-
8. The information exchange system of claim 4 wherein the profile management application provides each respective user with facilities to selectively push individual data elements to respective users.
-
9. The information exchange system of claim 4 wherein at least one network device includes intelligent synchronization software executing thereon, the intelligent synchronization software operating to detect network connectivity and selectively download updated user profile information.
-
10. The information exchange system of claim 9 wherein the profile management application further provides each respective registered user with facilities to define views of user profile information, each view including at least one data element associated with the registered user;
- and
wherein the profile management application further provides each respective registered user with facilities to selective grant and deny other respective users access to each respective view.
- and
-
11. The information exchange system of claim 10 wherein the profile management application further provides each respective registered user with facilities to define user groups, each user group including at least one user;
- and
wherein the profile management application further provides each respective registered user with facilities to selective grant and deny the members of each data group access to each respective view.
- and
-
12. The information exchange system of claim 11 wherein each stored data element is encrypted with a secret key.
-
13. The information exchange system of claim 12 wherein each registered user has an associated public key/private key pair, each key being selected for use in a public key cryptography system.
-
14. The information exchange system of claim 13 wherein, for each user that has been granted access to a respective data element, a copy of the secret key associated with the data element is encrypted using the user'"'"'s public key, and the encrypted secret key is stored by the database management system.
-
15. The information exchange system of claim 14 further comprising:
a key management system connected to the database management system, the key management system, in response to requests from the database management system, generates encryption and decryption keys.
-
16. In a network including a plurality of network devices operated by a plurality of users, a real-time information exchange system for sharing user profile information between respective users of the network devices, comprising:
-
a first database management system storing a first subset of the user profile data for a plurality of registered users of the information exchange system, the first subset of profile information including a plurality of data elements, each data element having an associated one of the plurality of registered users; and
a first network server connected to the network and the first database management system, the first network server including;
a first processor; and
a first program memory connected to the first processor and having program instructions stored therein, the first processor being operable to execute the program instructions, the program instructions including;
for each registered user, selectively granting and denying access to each of the registered user'"'"'s associated data elements, to other users in the network. - View Dependent Claims (17)
a second database management system storing a second subset of the user profile data for a plurality of registered users of the information exchange system, the second subset of profile information including a plurality of data elements, each data element having an associated one of the plurality of registered users; and
a second network server connected to the network and the second database management system, the second network server including;
a second processor; and
a second program memory connected to the second processor and having program instructions stored therein, the second processor being operable to execute the program instructions, the program instructions including;
for each registered user, selectively granting and denying access to each of the registered user'"'"'s associated data elements, to other users in the network;
wherein the profile data for at least one registered user is distributed across the first and second database management systems.
-
-
18. In a network including a plurality of network devices operated by a plurality of users, a method for storing member profile information that provides for selective real-time information exchange of the member profile information between network devices comprising the steps of:
-
receiving profile information for a member, the member having a member identification number and an associated public key/private key pair;
generating a secret key for each granular data element of the received profile information;
encrypting each granular data element using its associated secret key;
storing each encrypted granular data element in a first database;
encrypting each secret key with the member'"'"'s public key; and
storing each encrypted secret key in a second database, along with the member'"'"'s identification number.
-
-
19. In a network including a plurality of network devices operated by a plurality users, a method for granting access to member profile information that provides for selective real-time information exchange of the member profile information between network devices comprising the steps of:
-
selecting, by a member, at least one data element associated with the member;
selecting, by the member, at least one other member to which to grant access to the selected data elements;
for each data element, retrieving an encrypted secret key associated with the data element and the member;
decrypting the encrypted secret key with a private key associated with the member; and
for each selected member, encrypting the secret key with the member'"'"'s associated public key; and
storing the encrypted secret key and the member'"'"'s identification number in a database.
-
-
20. In a network including a plurality of network devices operated by a plurality of users, a method for retrieving member profile information of another member that provides for selective real-time information exchange of the member profile information between network devices comprising the steps of:
-
selecting a data element for retrieval;
retrieving an encrypted secret key associated with the requestor and the data element;
decrypting the encrypted secret key using the member'"'"'s private key;
decrypting the data element using the secret key; and
providing the decrypted data element to the requestor.
-
-
21. In a network, a real-time information exchange server comprising:
-
a data storage including a database of profile information for a plurality of members, the profile information for each member including a member identification number and a public/private key pair;
a processor connected to the data storage;
a memory connected to the processor and having program instructions stored therein, the processor being operable to execute the program instructions, the program instructions including;
receiving data elements to be stored in the database, each data element having an associated member;
generating a secret key for each received data element;
encrypting each data element with its corresponding secret key;
storing each encrypted data element in a first table in the database;
encrypting each generated secret key using the associated member'"'"'s public key; and
storing each encrypted secret key, its corresponding member'"'"'s ID and a reference to the corresponding stored encrypted data element in a second table in the database. - View Dependent Claims (22, 23)
receiving at least one data element selected by a granting member;
receiving at least one member identity selected by the granting member to whom to grant access to the selected data element;
for each selected data element, retrieving from the second table of the database an encrypted secret key associated with the data element and the granting member;
decrypting the encrypted secret with the granting member'"'"'s private key; and
for each selected member to whom access is to be granted, encrypting the decrypted secret key with the selected member'"'"'s public key; and
storing the encrypted secret key and the selected member'"'"'s identification number in the second table of the database.
-
-
23. The information exchange server of claim 22 wherein the program instructions further include instructions for selectively retrieving member profile information of another member, including:
-
receiving a selection of a data element for retrieval;
retrieving, from the second table of the database, an encrypted secret key associated with the requesting member and the data element;
decrypting the encrypted secret key using the requesting member'"'"'s private key;
decrypting the data element using the decrypted secret key; and
providing the decrypted data element to the requestor.
-
-
24. In a network including a plurality of network devices operated by a plurality of users, a real-time information exchange system for sharing member profile information between the network devices comprising:
-
means for storing member profile information;
means, controlled by each respective member, for selectively granting and denying access to its stored member profile information on a field-by-field basis; and
means for retrieving, by one member, the member profile information of another member.
-
Specification