US20030074660A1 - System method and apparatus for portable digital identity - Google Patents
System method and apparatus for portable digital identityDownload PDFInfo
- Publication number
- US20030074660A1 US20030074660A1US09/977,085US97708501AUS2003074660A1US 20030074660 A1US20030074660 A1US 20030074660A1US 97708501 AUS97708501 AUS 97708501AUS 2003074660 A1US2003074660 A1US 2003074660A1
- Authority
- US
- United States
- Prior art keywords
- digital identity
- user
- digital
- server
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/47—End-user applications
- H04N21/475—End-user interface for inputting end-user data, e.g. personal identification number [PIN], preference data
- H04N21/4753—End-user interface for inputting end-user data, e.g. personal identification number [PIN], preference data for user identification, e.g. by entering a PIN or password
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
- H04N21/25816—Management of client data involving client authentication
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25866—Management of end-user data
- H04N21/25875—Management of end-user data involving end-user authentication
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/47—End-user applications
- H04N21/472—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
- H04N21/47202—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting content on demand, e.g. video on demand
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/65—Transmission of management data between client and server
- H04N21/658—Transmission by the client directed to the server
- H04N21/6581—Reference data, e.g. a movie identifier for ordering a movie or a product identifier in a home shopping application
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
- H04N7/17318—Direct or substantially direct transmission and handling of requests
Definitions
- the present inventionrelates to the field of portable electronic devices and networked electronic communication.
- each userhas a user profile that defines a personalized electronic environment for that particular communication device.
- each Web sitesupplies individual browsers with unique cookies that store identifying information in the user's Internet browser.
- the cookies stored in the browseridentify each individual to the web site.
- each Web sitepersonalizes its contents according to the individual Internet browser.
- An individualmay select bookmarks or favorite Web sites, which are stored on the individual's personal computer persistent memory (hard drive) and which further customize the electronic environment to suit the user.
- CATVcable television
- each subscriber or householdsubscribes to different programming. Some subscribers have basic cable, while other subscribers have basic cable plus some premium channels. Each member of the household generally has different favorite channels. Additionally, some cable households have broadband Internet access via CATV using a cable modem.
- CATV settopin communication with a computer at the CATV headend, acts as an Internet browser.
- CATV settop boxestend to have limited computing capabilities, and in particular, CATV settop boxes tend to have limited persistent memory in which to store personalized information such as cookies.
- a wireless cellular telephone systemprovides different subscribers with different calling plans specifically selected by the subscriber.
- Some cellular telephone networksalso offer Internet connectivity to their customers.
- cellular phonestend to have limited capabilities as Internet browsers, and in particular, tend to have limited persistent memory storage for personalized information such as cookies.
- the present inventionis embodied in a digital identity server operating as a node on a distributed computing network such as the Internet.
- a userenters unique identifying information into an electronic communication device.
- an email addressis unique to each person and entering an email address uniquely identifies the individual to the electronic communication device.
- entering a password in addition to an email addressauthenticates the user.
- the electronic communication deviceforwards the user's unique identifying information to the digital identity server via the Internet.
- the nature and capabilities of the given remote electronic communication deviceis also forwarded to the digital identity server.
- the digital identity serverresponds by transmitting a digital identity corresponding to the user to the given electronic communication device.
- the received digital identitydefines the services for which the user is authorized (e.g. in the case of a CATV subscriber, the received digital identity includes a list of the premium channels that the subscriber is authorized to view).
- the digital identity serverprovides a level of functionality suited to the capabilities of the particular electronic communication device.
- the electronic communication devicereceives the digital identity of the user and personalizes its operation to suit the user.
- the electronic communication device that retrieves the digital identity of the user and personalizes its operation to suit the usermay be a CATV settop box, a cellular telephone, a computer, a video game console, an Internet access terminal, a payphone, a vending machine or any present or future electronic communication device.
- the digital identity of the useris made portable, and follows the user wherever the user may go providing the user with the same electronic environment accessible from any electronic communication device.
- the portable digital identity system of the present inventionfacilitates the use of simplified electronic communication devices.
- electronic communication devices accessing the user's portable digital identitymay be implemented using very thin client software and/or without persistent data storage, making the electronic communication device smaller, lighter and less expensive.
- the portable digital identityincludes email preferences, email address book and email client software settings, thereby presenting to the user a seamless and consistent email environment.
- the portable digital identityincludes TV preferences, permitting the user to watch his favorite shows and have his premium channels be available from any hotel room.
- the portable digital identityincludes preferred credit card and shipping information (work and home addresses), as well as preferred carriers and other preferences to facilitate eCommerce applications.
- the portable digital identity of the present inventionpermits the user to access familiar services across different platforms.
- the present inventionpermits cross platform authorization (e.g. TV to PC) so that the user may access HBO on a PC. That is, an HBO subscriber may not only access HBO from any remote CATV settop, but may also access HBO on a PC (to the extent that HBO is available via a broadband Internet connection).
- the portable digital identity of the present inventionincludes demographic profiles and marketing data on user's activities and preferences across devices and in real time.
- an online newspaper viewed at a remote locationcontains articles of interest to the subscriber and presents demographically targeted advertising tailored to the interests of the subscriber.
- the portable identity of the present inventionmay be used to control TV appliances. For example, if a user normally records a given television show on a weekly basis, that knowledge can be used to construct a profile of the user that is then mapped to the user's portable digital identity and stored. The profile may then be used by other applications to target application content at the user the suits his or her interests.
- FIG. 1Ais a block diagram of a system including a portable digital identity server and a plurality of information appliances forming a global computer network in accordance with the present invention.
- FIG. 1Bis a block diagram of a system embodying a portable digital identity server in accordance with the present invention.
- FIG. 2Ais a block diagram further detailing the system architecture of a system embodying a portable digital identity server in accordance with the present invention.
- FIG. 2Bis a block diagram further detailing the implementation of the data access function of a system embodied in a portable digital identity server in accordance with the present invention.
- FIG. 2Cis a block diagram further detailing the implementation of an other network adapter for use with a portable digital identity server in accordance with the present invention.
- FIG. 3is a block diagram of three top-level software objects: account, machine and user for use in conjunction with the present invention.
- FIG. 4is a block diagram of the attributes of an Internet browser cookie for use in conjunction with the present invention.
- FIG. 5is a block diagram of an account data object for storing an account's properties and billing information in accordance with the present invention.
- FIG. 6is a block diagram of a machine data object to representing in interactive device for use in accordance with the present invention.
- FIG. 7is a block diagram illustrating a user data object representing a user of an interactive device or application in accordance with the present invention.
- FIG. 8is a hierarchical representation of the digital identity object model embodying the present invention.
- FIG. 9is a system block diagram illustrating the scalability of the present invented system using server groups.
- the digital identity server 100communicates over a global computer network 114 (such as would include the Internet as part of the overall global network) with a plurality of user devices.
- user devicesinclude a CATV settop 102 , a satellite receiver 104 , a cellular phone 106 , a personal digital assistant (PDA) 108 , personal computer 110 , video game console 112 or other client device 113 .
- PDApersonal digital assistant
- Each user deviceconnects to the Internet though another communication network.
- a CATV settop box 102is coupled through a CATV system
- a personal computer 110is typically coupled through the public switched telephone network.
- the digital identity server 100also communicates via the Internet 114 with a digital identity database 118 , an external database 116 as well as a command server 120 .
- a useridentifies himself to a user device 102 , 104 , 106 , 108 , 110 , 112 .
- the user device 102 , 104 , 106 , 108 , 110 , 112requests a digital identity from the digital identity server 100 .
- the digital identity server 100communicates with the command server 120 to determine the nature and characteristics of the requesting user device 102 , 104 , 106 , 108 , 110 , 112 .
- the digital identity server 100retrieves the digital identity information from either the system database 118 or an external database 116 and downloads it to the requesting user device 102 , 104 , 106 , 108 , 110 , 112 .
- the digital identity server 100need not be involved except to download changes to update a user's digital identity.
- the digital identity server 100mediates the user's access to applications/services and data from a variety of user devices ranging from a digital set-top box 102 to a portable personal digital assistant 108 to a mobile/cellular phone 106 to a game console 112 to a personal computer 110 .
- Applicationsinclude Video-on-demand (VOD), gaming applications such as multi-player games, email, instant messaging, chat and broadcast based enhanced TV applications.
- VODVideo-on-demand
- gaming applicationssuch as multi-player games
- emailinstant messaging
- chatbroadcast based enhanced TV applications.
- video-on demandfor example, a viewer may pause a movie at a given point. The pause point of the movie becomes part of the viewer's digital identity. When the viewer returns to watch the rest of the movie, the viewer's downloaded digital identity contains the pause point. As a result, the viewer is able to continue watch the remainder of the movie at a later time from any CATV settop 102 communicating with the digital identity server 100 .
- Additional applicationsinclude using an e-wallet (where the e-wallet for a user is tied to his digital identity and stored in the system) and delivering targeted advertising applications (where the profile of the user describing his interests and past behavior is tied to his digital identity and stored in the system).
- the range of data contained in the portable digital identityincludes the user's properties such as his preferences regarding the use of the device in question, his favorites data including the list of favorite applications and favorite Internet sites.
- the dataincludes the user's cookies which facilitate access to internet sites, and the set of applications/services that the user may access including the properties of the user for a specific application/service.
- the digital identity server 100retrieves configuration information from the command server 120 about various types or classes of devices within the system, and applies configuration information as a filter when returning digital identity data back to the user device.
- the set of applications and the generic user properties as well as application specific user propertiesare tailored take into account the processing power, network bandwidth and memory footprint capabilities of the communications device currently in use by the user.
- the list of applications available to such userincludes the full set of allowed or subscribed applications.
- the list of applications available to a userwill typically include only a lesser permissible subset of applications.
- the digital identity of the userremains the same regardless of the device that the user is using at any point in time. Having a consistent digital identity retrievable at any point by Internet access, allows the user to access his applications/services and data in a seamless and transparent fashion. Thus, even while “roaming” i.e. moving between multiple devices in his home, or to a device at a remote location such as a digital set-top box or game console at a friend's home, or using a cellular phone/pager in his car, the user experiences a consistent electronic environment.
- the General Services Architecturedefines and describes the model that allows the use of applications/services and associated data by the user from their various devices.
- the General Services Architectureincludes a user account that defines the applications and services to which the user subscribes.
- the digital identity server 100 and a General Services Architectureallows the service provider/operator to dynamically define and add new services/applications into their server-side infrastructure. Services are available dynamically to users based on a configurable policy that can be customized to suit the business needs of the specific network operator or service provider.
- access to the servicecan be controlled at a very granular level all the way down to a specific device and a specific user.
- User Amay subscribe to the video on demand (VOD) service, but User B may not be allowed access to the service or even be allowed to subscribe to the service at all. If the user is a subscriber to a specific service he may not be able to access the VOD service unless he is on a device that is actually capable of running that service as is determined by the digital identity server dynamically.
- VODvideo on demand
- the digital identity of the user as implemented by the digital identity server 100includes a rich object oriented programming model that provides high reliability and high availability and scales to millions of users.
- the digital identity server 100has easy extensibility to new client devices 113 and new server platforms and also provides for easy integration with existing stores 116 of user information being maintained by service providers and operators elsewhere on the Internet.
- the overall digital identity system designis a four-tier architecture of clients 10 , 10 A, 12 , 12 A, adapters 18 , 14 , engine 22 with application programming interfaces 20 (APIs) and database 24 shown in FIG. 1B.
- the digital identity server 100provides a mechanism to provide connectors to different devices 10 , 12 (where client software resides) that can be hooked into the internal core digital identity engine 22 .
- Such connectorsare referred to herein as adapters 18 , 14 .
- a digital identity software development kit (SDK) 16permits other clients 12 to write specialized adapters 14 .
- the specialized adapter 14is a protocol translator written by an other client 12 using the digital identity SDK 16 that uses standardized XML protocol to communicate with a standard digital identity adapter to the digital identity engine 22 .
- Client softwaremay reside in devices other than user devices 10 , 12 .
- a CATV system 11 Bcan be a CATV client.
- digital identity software development kit (SDK) 16 Apermits a specialized adapter 14 A to be written that uses standardized XML protocol to communicate with a standard digital identity adapter to the digital identity engine 22 .
- SDKdigital identity software development kit
- a web sitecan be a web site client 11 A communicating with the digital identity engine 22 via a standard adapters 18 .
- the digital identity engine 22is the component that handles all access to all data that adapters 10 , 10 A, 12 , 12 A (and thus clients) is stored on the server side.
- the core engine 22 and its digital identity APIs 20is written in Java to take advantage of Java Database Connectivity (JDBC) as the primary mechanism for accessing the digital identity data.
- JDBCJava Database Connectivity
- APIsApplication programming interfaces
- TV Navigator platformincluding client-side JavaScript and Java APIs
- Connect Suite platformthe server-side Java based, XML based and CORBA based APIs
- CORBAan acronym for Common Object Request Broker Architecture, is a type of object-oriented programming language system.
- the digital identity server ( 100 in FIG. 1)further provides yet another interface that can be implemented by third parties in order to write specialized plug-ins ( 223 in FIG. 2A) to the digital identity server 100 .
- Specialized plug-insare used to access (in a transparent manner) information residing in external systems ( 234 in FIG. 2A) and including the legacy billing and SMS systems of the CATV operator (or other service provider).
- the portable digital identity server 18 , 20 , 22 of FIG. 1Bis shown in further detail in FIG. 2A ( 210 ).
- the digital identity Engine 230provides an application programming interface (API) 228 to client adapter writers.
- APIapplication programming interface
- the digital identity APIis implemented as an efficient means for adapters to name, store, and control access to user data.
- the designrelies on a relational database to provide the storage and indexing of user data.
- the digital identity engine 230is what implements the API that adapters 222 , 224 , 226 use to perform operations on data.
- Adaptersare software components that communicate with clients.
- Various adaptersare developed for the various clients that digital identity server 210 supports.
- standard adaptersinclude a CORBA adapter, a digital television and cookie adapter 224 and an XML adapter 226 .
- An other adapter 212is created using the software development kit 214 .
- Various client software 202 , 203 , 204 , 206 and 208communicates with the digital identity server 210 via a corresponding adapter.
- provisioning application 202 and a digital identity control console 203interface through a CORBA adapter 222 .
- a first generation digital television client 204(using a proprietary protocol) interfaces through a digital television and cookie adapter 224 .
- a next generation digital television clientcommunicates with the digital identity server 210 through an XML adapter 226 (using a standard version of Extensible Markup language or XML) as would an other adapter 212 .
- CORBA Clientsuse their own protocol, notably CORBA IIOP in COBRA adapter 222 , rather than XML/HTTP in adapter 226 .
- the command server 238 in FIG. 2Aprovides data on the nature and characteristics of the requesting user device.
- the digital identity server 210then retrieves the digital identity information from either the system database 236 or an external database 234 and downloads it to the requesting user device.
- the digital identity engine 250includes API implementation functions 252 responsive to the application programming interface 251 .
- the digital identity engine 250further comprises a data access layer 254 responsive to the API functions 252 to perform all of the mechanisms for abstracting or accessing data out of the backend (data storage).
- the API implementation 252communicates only with the data access layer 254 and not directly with the various back-end data access functions such as Lightweight Directory Access protocol (LDAP) 258 , 268 , Java Database Connectivity (JDBC) 264 , schema mapper 266 , callout mechanism 260 and system data cache 262 .
- LDAPLightweight Directory Access protocol
- JDBCJava Database Connectivity
- schema mapper 266schema mapper 266
- callout mechanism 260and system data cache 262 .
- a data access layer 254 in the digital identity engine 230provides the following functionality:
- Supported Objectsare given below. These objects are the same as the objects defined in the XML Protocol as used in the digital identity server.
- the API implementation 252calls only the various parts of the data access layer 254 to perform the functions it needs, it does not call any other pieces, nor does it access any database ( 268 , 270 , 272 A, 272 B) directly.
- the data access 254 layermaps each specific digital identity API 251 call into the (more general) data access call. For example, a CreateEntity API function calls the generic “create” or “set” method in the data access layer 254 , after setting up all the right parameters, and the connection. Similarly, a GetCookies or GetProperties API function, calls a generic “get” method, after setting up all the parameters for each type of object (see object list above) to get the data from the database.
- the Schema Mapper component 256maintains the configuration of the XML schema objects, and their underlying physical tables. It also provides the data access layer 254 with a way to easily determine how to access a given piece of data. Furthermore, the schema mapper 256 stores XML schema blobs in the Command Server 266 , allowing the customer to extend and control the schema dynamically (through GUI tools). Finally, the schema mapper 256 stores information about where attributes reside (Database, external Lightweight Directory Access protocol (LDAP), etc).
- LDAPLightweight Directory Access protocol
- the system data cache 262minimizes the need to access the System database 272 A, since it is a global bottleneck. It further stores servergroup information for users/machines/accounts in a data cache 262 so that trips to the System database 272 A are eliminated whenever possible.
- the system data cache 262further provides a way for the API implementation functions 252 to efficiently discover the user/machine/account relationships.
- the system data cache 262ensures that the in-memory cache is kept consistent with the database, given that there may be multiple digital identity servers 250 behind a load balancer, and the servers need to appear stateless.
- the function of providing consistent state conditions across multiple digital identity serversis accomplished by allowing communication between multiple digital identity servers for notification purposes when an entity is deleted or moved.
- Each digital identity server 250has the ability to connect to any datasource in the site, including all Group databases 272 B, the System database 272 A, and all external customer data (Lightweight Directory Access protocol (LDAP) 268 , SMS 270 , etc).
- each digital identity server 250has the notion of a home server group, namely a group database 272 B to which it is “tightly” bound, either through physical locality, or through logical locality (i.e. it expects to service a certain subset of users/machines/accounts in the normal case).
- the digital identity server 250optimizes its access to its own home server group 272 B as much as possible.
- the digital identity server 250provides less optimized access to other server groups' data for administration functions (such as MoveEntity) and to external customer data.
- the digital identity server 250has the option to provide access to all functions on other server groups, if the adapters/Clients do not wish to connect to another digital identity server which is non-optimized.
- One digital identity serveris able to service several adapters simultaneously. Load Balancing (when possible) is done between the clients and the adapters. In the alternative, load balancing may be done between the adapters and the digital identity Engine through the network adapter
- the call-out component 260retrieves data on a read-only basis from external (operator-managed) datastores 270 .
- the customer data retrievaltypically occurs as part of an operation like getProperties in the API.
- Use of the call-out 260is dictated by the Schema Mapper 256 , which notes where and how individual properties can be retrieved.
- the call-outsare used only for primitive properties of Entities, but may be generalized to apply to other data (like Services or Collections) as well. Data structures are discussed in conjunction with FIG. 3 through FIG. 7.
- the entityidmust be converted into an ID that is meaningful for the external datastore.
- the conversionmay involve a call into the system database 272 A or user database, to retrieve other properties.
- the conversion activityis performed either in the data access layer, or within the specific modules that perform the call-out.
- propertyNamesneeds to be converted into external attribute names; this information is generally available through the command server 266 .
- the call-outreturns, the returned data is merged into the result set that is returned from digital identity (typically a sequence of PropertyNameValues), and is indistinguishable from other data.
- digital identitytypically a sequence of PropertyNameValues
- SMSsubscriber management system
- LDAPLightweight Directory Access protocol
- Both of these call outsare examples of the external data i.e. legacy datstores ( 234 in FIG. 2A).
- the SMS callout mechanism 260uses a function call to a customer-provided routine.
- the SMS moduleis called with an entityid and one or more propertyNames.
- the SMS calloutresolves the Id (convert to an external id), and then makes a function call to the external routine.
- this routineis typically provided as a .jar file, loaded as a plugin.
- the argument list for external functionincludes at least external entity ID and propertyName(s).
- the Lightweight Directory Access protocol (LDAP) call-outprovides high-level support for retrieving data from a Lightweight Directory Access protocol (LDAP) repository.
- LDAPLightweight Directory Access protocol
- the data access layercalls the Lightweight Directory Access protocol (LDAP) module, supplying information such as the entityid and propertyName(s).
- the Lightweight Directory Access protocol (LDAP) call-outconverts the entityId into an Lightweight Directory Access protocol (LDAP) Distinguished Name (possibly using information from the System DB or User DB), and converts the propertyNames into Lightweight Directory Access protocol (LDAP) attribute names (possibly using configuration parameters).
- LDAPLightweight Directory Access protocol
- LDAPLightweight Directory Access protocol
- LDAPLightweight Directory Access protocol
- this Lightweight Directory Access protocol (LDAP) clientcan be implemented on Java Naming Directory Interface (JNDI).
- JNDIJava Naming Directory Interface
- Most call-outsuse the DirContext.getAttributes() method, to retrieve a set of Lightweight Directory Access protocol (LDAP) attribute values, which are merged into the digital identity result set.
- LDAPLightweight Directory Access protocol
- the Lightweight Directory Access protocol (LDAP) moduleenables the data access layer 254 to pool 253 Lightweight Directory Access protocol (LDAP) connections, as it also does for Java Database Connectivity (JDBC) connections.
- LDAPLightweight Directory Access protocol
- FIG. 2Cshows the sub-components of the Software Development Kit (SDK) and network adapter 288 .
- SDKSoftware Development Kit
- the Software Development Kit (SDK) 276 and network adapters 288both convert between the digital identity API and the network protocol (XML/HTTP).
- SDKsimplement the digital identity API, hiding implementation details behind a standard interface. SDKs are delivered as libraries, which are used by customers who build out-of-process (external) adapters.
- SDKsmust be written in the same language as the corresponding adapters, so separate SDKs are required for each language in which adapters are written. SDKs are required for both Java and C/C++. Java adapters may be able to run natively (in-process), if their client-server protocol allows it. In-process adapters do not require SDKs.
- the primary function of the SDKis to convert digital identity API calls into network-based communication with the digital identity server.
- a simplified process descriptionis:
- the network adapter 288runs in the same process as the digital identity server, and services out-of-process adapters.
- the job of the network adapter 288is the complement of the SDK 276 ; it converts XML/HTTP requests back into digital identity to API function calls.
- the digital identity serveris using its native network protocol as a sort of RPC mechanism for the external adapters to make calls to the digital identity engine.
- the extensible markup language (XML)is actually very well suited for this purpose.
- Each adapter's 274 primary functionis to translate the communication that it receives from its client in its native protocol to the Liberate digital identity API.
- Clientsmake requests to adapters to perform certain operations such as getting and setting of data. These requests are decoded and handled by the adapter, and translated into digital identity API calls; data returned from the API calls is encoded and sent to the client.
- adaptersmay run in-process or out-of-process; the API is identical in either case.
- in-process adaptersCompared to in-process adapters, external ones offer advantages (independence of programming language; stability of external process) and disadvantages (potential performance penalty of extra network hop). In general, in-process adapters should be used where possible, for performance reasons.
- Adapters that rely on HTTPuse the same mechanism for decoding and handling the network traffic as the digital identity network adapter (namely an HTTP server such as Apache) 298 .
- a goal of the digital identity serveris to use a single adapter to service all XML requests, be they from in-process or out-of-process adapters. To facilitate unification, a compatible XML format is adopted.
- the digital identity serverdoes not provide native interfaces for CORBA or Lightweight Directory Access protocol (LDAP). Clients that use these protocols require special-purpose adapters.
- the adaptersimplement the appropriate Server type (CORBA or LDAP), but use digital identity protocols on the back end.
- the CORBA adapteris needed to support the User Data Manager, which is a CORBA Client (currently implemented as a Java applet). Like all CORBA servers, it supports an interface defined in an IDL. IDL has currently been defined for the digital identity engine consisting of about 40 operations, defined on 7 interfaces (object classes). This supports a particular object model, which has since been extended for digital identity. In order to make the new digital identity features accessible through CORBA, the IDL is extended. The adapter translates IDL calls into digital identity API calls.
- the CORBA adaptermay run either in-process or out-of-process with respect to the digital identity Engine.
- An in-process implementationlinks the digital identity Engine into the CORBA Server as a library, which is different from the method of running other in-process adapters, which are accessed through a web server interface.
- the out-of-process implementationuses the SDK and network adapter.
- top-level object classesthere are three top-level object classes: Accounts 302 , Users 306 and Machines 304 . These three top-level object classes are collectively referred to as Entities. Individual Entities have a unique entityid, specified when the Entity is created. Each User 306 is associated with exactly one Account. Each Machine 304 is associated with exactly one Account. As illustrated by the 1 to N relationship an account 302 may have a plurality of users 306 . As illustrated by the 1 to M relationship, an account 302 may have a plurality of machines 304 . For example, a household CATV account 302 may include several family members as users 306 , and have more than one CATV converter 304 .
- Entitiesmay have primitive Properties. Properties are typed; the current set of types is ⁇ string; integer; boolean; binary ⁇ . Besides the primitive Properties, Entities may have Collection Properties associated with them. Collections are structured objects—i.e., have primitive Properties of their own. Collections may have many Instances for a given Entity; each Instance has a unique instanceid, which can be used to access that Instance.
- the account entityis associated with one or more attributes 510 , services 516 and collections 508 .
- An account entity 502stores the properties of the account and billing information.
- FIG. 6illustrates the machine entity 604 being associated with one or more attributes 610 , services 616 and collections 608 .
- the machine entity 604represents an interactive device.
- the user entity 706is associated with one or more attributes 710 , services 716 and collections 708 .
- a user entity 706represents the user of an interactive device or application.
- the user entity 706is associative with one or more cookies 718 .
- cookieshave special Collection Properties, with particular semantics, such as name 406 , path 404 , domain 402 , value 410 , expiration 412 and security level 414 .
- Collection Propertiesmay have values at the global (System) level. Customers may define additional Properties for Accounts, Users, Machines, or Collection Properties, and may define additional Collection Properties. Entities have Server Groups, which specify where their data is located. Users and Machines associated with an Account have the same Server Group as the account.
- FIG. 8is a hierarchical representation of the Digital identity object model.
- Various types of informationare represented in the digital identity server to support the needs of administrators, applications, set-top boxes, and other users.
- the informationis structured according to a particular model (schema), which reflects the world of Accounts, Machines, and Users.
- Schemewhich reflects the world of Accounts, Machines, and Users.
- Information that is handled by the digital identity servercan be accessed and manipulated in a variety of ways, including through CORBA, and from the settop box.
- Entities 802which correspond to Accounts 806 , Machines 808 , and Users 810 .
- AccountsRepresents a billing account.
- An Accountmay have multiple Machine and multiple User entities associated with it.
- MachineRepresents a single set-top box. Each Machine object must always have an associated Account.
- UserRepresents a User on a set-top box. Each User object must always have an associated Account.
- Standard UML notationis used to represent both the digital identity object model and the associated CORBA IDL.
- the boxes in FIG. 8represent classes (CORBA interfaces) of which there are 7 in the system.
- Each box in FIG. 8is divided into three regions; the top region shows the class name; the middle region shows the attributes that are defined in the base schema; the bottom region shows the operations (methods) that are defined in the CORBA IDL.
- a deploymentcan have one or more digital identity server groups 902 , 904 , depending on how the network operator configures the system.
- Each server group 902 , 904has its own configuration settings and its own database. The use of server groups is convenient when managing a large number of subscribers.
- each server groupthere is a single, shared digital identity system database 906 that can be accessed by every digital identity server.
- the system database 906contains basic information for all subscribers, while each server group database 902 , 904 only contains information about the subscribers in that particular group.
- Digital identity adapters 908 , 910communicate with the digital identity servers 902 , 904 across an API 912 that provides a single point of access to all data in all digital identity servers. This provides the following benefits:
- TV Navigator clientssuch as TV Navigator Standard and Compact clients
- Developerscan create custom provisioning applications that use the services of the digital identity CORBA adapter. These applications can also interface to external billing, customer service, and subscriber management systems, to interoperate with legacy systems.
- a simple graphical user interfaceis provided at the digital identity console 914 , which can access and modify persistent data stored in the digital identity servers.
- the digital identity console 914is implemented as a CORBA client.
- digital identityprovides access to external back-end data stores, such as LDAP servers enabling system operators to access legacy data.
- the digital identity architecturesupports the development of new client adapters, as needed for emerging protocols.
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Human Computer Interaction (AREA)
- Computer Security & Cryptography (AREA)
- Computer Graphics (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
- The present invention relates to the field of portable electronic devices and networked electronic communication.[0001]
- In using any kind of networked communication device, each user has a user profile that defines a personalized electronic environment for that particular communication device.[0002]
- For example, while surfing the Internet on a personal computer, each Web site supplies individual browsers with unique cookies that store identifying information in the user's Internet browser. When visiting specific web sites, the cookies stored in the browser identify each individual to the web site. Based on the information stored in the browser's cookies, each Web site personalizes its contents according to the individual Internet browser. An individual may select bookmarks or favorite Web sites, which are stored on the individual's personal computer persistent memory (hard drive) and which further customize the electronic environment to suit the user.[0003]
- As another example of a personalized identity in a networked electronic environment, in a cable television (CATV) system, each subscriber or household subscribes to different programming. Some subscribers have basic cable, while other subscribers have basic cable plus some premium channels. Each member of the household generally has different favorite channels. Additionally, some cable households have broadband Internet access via CATV using a cable modem. In such case, the CATV settop, in communication with a computer at the CATV headend, acts as an Internet browser. However CATV settop boxes tend to have limited computing capabilities, and in particular, CATV settop boxes tend to have limited persistent memory in which to store personalized information such as cookies.[0004]
- As another example of a personalized identity in a networked electronic environment, a wireless cellular telephone system provides different subscribers with different calling plans specifically selected by the subscriber. Some cellular telephone networks also offer Internet connectivity to their customers. However, as in the case of CATV settop boxes, cellular phones tend to have limited capabilities as Internet browsers, and in particular, tend to have limited persistent memory storage for personalized information such as cookies.[0005]
- When away from the home environment, the electronic environment is different from that at home. For example, using a settop box in a hotel room means that the subscriber typically does not have access to familiar television programs or customized Internet interface. Borrowing or renting a cellular telephone means that the subscriber may not have access to his regular calling plan, is unable to receive incoming calls using his regular phone number, and does not have the customized Internet environment as he would at home. Generally, when a traveler is surfing the Internet at a remote location, whether it be a computer, a remote CATV settop or a cellular phone away from home, Web sites that normally have customized content suited to the traveler, will not recognize the individual Internet browser while at such remote communications device.[0006]
- The present invention is embodied in a digital identity server operating as a node on a distributed computing network such as the Internet.[0007]
- In accordance with the present invention, a user enters unique identifying information into an electronic communication device. For example, an email address is unique to each person and entering an email address uniquely identifies the individual to the electronic communication device. Furthermore, entering a password in addition to an email address authenticates the user.[0008]
- In order to personalize the electronic environment, the electronic communication device forwards the user's unique identifying information to the digital identity server via the Internet. The nature and capabilities of the given remote electronic communication device is also forwarded to the digital identity server. The digital identity server responds by transmitting a digital identity corresponding to the user to the given electronic communication device. The received digital identity defines the services for which the user is authorized (e.g. in the case of a CATV subscriber, the received digital identity includes a list of the premium channels that the subscriber is authorized to view). Furthermore, the digital identity server provides a level of functionality suited to the capabilities of the particular electronic communication device. The electronic communication device receives the digital identity of the user and personalizes its operation to suit the user.[0009]
- The electronic communication device that retrieves the digital identity of the user and personalizes its operation to suit the user may be a CATV settop box, a cellular telephone, a computer, a video game console, an Internet access terminal, a payphone, a vending machine or any present or future electronic communication device. In such manner, the digital identity of the user is made portable, and follows the user wherever the user may go providing the user with the same electronic environment accessible from any electronic communication device.[0010]
- In addition, the portable digital identity system of the present invention facilitates the use of simplified electronic communication devices. In particular, electronic communication devices accessing the user's portable digital identity may be implemented using very thin client software and/or without persistent data storage, making the electronic communication device smaller, lighter and less expensive.[0011]
- The portable digital identity includes email preferences, email address book and email client software settings, thereby presenting to the user a seamless and consistent email environment. The portable digital identity includes TV preferences, permitting the user to watch his favorite shows and have his premium channels be available from any hotel room. The portable digital identity includes preferred credit card and shipping information (work and home addresses), as well as preferred carriers and other preferences to facilitate eCommerce applications.[0012]
- The portable digital identity of the present invention permits the user to access familiar services across different platforms. For example, the present invention permits cross platform authorization (e.g. TV to PC) so that the user may access HBO on a PC. That is, an HBO subscriber may not only access HBO from any remote CATV settop, but may also access HBO on a PC (to the extent that HBO is available via a broadband Internet connection).[0013]
- The portable digital identity of the present invention includes demographic profiles and marketing data on user's activities and preferences across devices and in real time. In such manner, for example, an online newspaper viewed at a remote location, contains articles of interest to the subscriber and presents demographically targeted advertising tailored to the interests of the subscriber.[0014]
- The portable identity of the present invention may be used to control TV appliances. For example, if a user normally records a given television show on a weekly basis, that knowledge can be used to construct a profile of the user that is then mapped to the user's portable digital identity and stored. The profile may then be used by other applications to target application content at the user the suits his or her interests.[0015]
- FIG. 1A is a block diagram of a system including a portable digital identity server and a plurality of information appliances forming a global computer network in accordance with the present invention.[0016]
- FIG. 1B is a block diagram of a system embodying a portable digital identity server in accordance with the present invention.[0017]
- FIG. 2A is a block diagram further detailing the system architecture of a system embodying a portable digital identity server in accordance with the present invention.[0018]
- FIG. 2B is a block diagram further detailing the implementation of the data access function of a system embodied in a portable digital identity server in accordance with the present invention.[0019]
- FIG. 2C is a block diagram further detailing the implementation of an other network adapter for use with a portable digital identity server in accordance with the present invention.[0020]
- FIG. 3 is a block diagram of three top-level software objects: account, machine and user for use in conjunction with the present invention.[0021]
- FIG. 4 is a block diagram of the attributes of an Internet browser cookie for use in conjunction with the present invention.[0022]
- FIG. 5 is a block diagram of an account data object for storing an account's properties and billing information in accordance with the present invention.[0023]
- FIG. 6 is a block diagram of a machine data object to representing in interactive device for use in accordance with the present invention.[0024]
- FIG. 7 is a block diagram illustrating a user data object representing a user of an interactive device or application in accordance with the present invention.[0025]
- FIG. 8 is a hierarchical representation of the digital identity object model embodying the present invention.[0026]
- FIG. 9 is a system block diagram illustrating the scalability of the present invented system using server groups.[0027]
- As shown in FIG. 1A, the[0028]
digital identity server 100 communicates over a global computer network114 (such as would include the Internet as part of the overall global network) with a plurality of user devices. Examples of user devices include aCATV settop 102, asatellite receiver 104, acellular phone 106, a personal digital assistant (PDA)108,personal computer 110,video game console 112 orother client device 113. Each user device connects to the Internet though another communication network. For example, aCATV settop box 102 is coupled through a CATV system, while apersonal computer 110 is typically coupled through the public switched telephone network. Thedigital identity server 100 also communicates via theInternet 114 with adigital identity database 118, anexternal database 116 as well as acommand server 120. - In operation, a user identifies himself to a[0029]
user device user device digital identity server 100. In response, thedigital identity server 100 communicates with thecommand server 120 to determine the nature and characteristics of the requestinguser device digital identity server 100 then retrieves the digital identity information from either thesystem database 118 or anexternal database 116 and downloads it to the requestinguser device digital identity server 100 need not be involved except to download changes to update a user's digital identity. - In such manner, the[0030]
digital identity server 100 mediates the user's access to applications/services and data from a variety of user devices ranging from a digital set-top box 102 to a portable personaldigital assistant 108 to a mobile/cellular phone 106 to agame console 112 to apersonal computer 110. - Applications include Video-on-demand (VOD), gaming applications such as multi-player games, email, instant messaging, chat and broadcast based enhanced TV applications. In video-on demand for example, a viewer may pause a movie at a given point. The pause point of the movie becomes part of the viewer's digital identity. When the viewer returns to watch the rest of the movie, the viewer's downloaded digital identity contains the pause point. As a result, the viewer is able to continue watch the remainder of the movie at a later time from any[0031]
CATV settop 102 communicating with thedigital identity server 100. - Additional applications include using an e-wallet (where the e-wallet for a user is tied to his digital identity and stored in the system) and delivering targeted advertising applications (where the profile of the user describing his interests and past behavior is tied to his digital identity and stored in the system).[0032]
- The range of data contained in the portable digital identity includes the user's properties such as his preferences regarding the use of the device in question, his favorites data including the list of favorite applications and favorite Internet sites. The data includes the user's cookies which facilitate access to internet sites, and the set of applications/services that the user may access including the properties of the user for a specific application/service.[0033]
- The[0034]
digital identity server 100 retrieves configuration information from thecommand server 120 about various types or classes of devices within the system, and applies configuration information as a filter when returning digital identity data back to the user device. The set of applications and the generic user properties as well as application specific user properties are tailored take into account the processing power, network bandwidth and memory footprint capabilities of the communications device currently in use by the user. Thus, when the user is on a powerful communications device such as apersonal computer 110, the list of applications available to such user includes the full set of allowed or subscribed applications. When the user is on a less powerful device such as a set-top box 102 or a personaldigital assistant 108, the list of applications available to a user will typically include only a lesser permissible subset of applications. - The digital identity of the user remains the same regardless of the device that the user is using at any point in time. Having a consistent digital identity retrievable at any point by Internet access, allows the user to access his applications/services and data in a seamless and transparent fashion. Thus, even while “roaming” i.e. moving between multiple devices in his home, or to a device at a remote location such as a digital set-top box or game console at a friend's home, or using a cellular phone/pager in his car, the user experiences a consistent electronic environment.[0035]
- Associated with the notion of a portable digital identity is the notion of a General Services Architecture. The General Services Architecture defines and describes the model that allows the use of applications/services and associated data by the user from their various devices. In particular, the General Services Architecture includes a user account that defines the applications and services to which the user subscribes.[0036]
- The[0037]
digital identity server 100 and a General Services Architecture allows the service provider/operator to dynamically define and add new services/applications into their server-side infrastructure. Services are available dynamically to users based on a configurable policy that can be customized to suit the business needs of the specific network operator or service provider. - Furthermore, access to the service can be controlled at a very granular level all the way down to a specific device and a specific user. User A may subscribe to the video on demand (VOD) service, but User B may not be allowed access to the service or even be allowed to subscribe to the service at all. If the user is a subscriber to a specific service he may not be able to access the VOD service unless he is on a device that is actually capable of running that service as is determined by the digital identity server dynamically.[0038]
- The digital identity of the user as implemented by the[0039]
digital identity server 100 includes a rich object oriented programming model that provides high reliability and high availability and scales to millions of users. Thedigital identity server 100 has easy extensibility tonew client devices 113 and new server platforms and also provides for easy integration with existingstores 116 of user information being maintained by service providers and operators elsewhere on the Internet. - The overall digital identity system design is a four-tier architecture of[0040]
clients adapters engine 22 with application programming interfaces20 (APIs) anddatabase 24 shown in FIG. 1B. Thedigital identity server 100 provides a mechanism to provide connectors todifferent devices 10,12 (where client software resides) that can be hooked into the internal coredigital identity engine 22. Such connectors are referred to herein asadapters - A digital identity software development kit (SDK)[0041]16 permits
other clients 12 to writespecialized adapters 14. Thespecialized adapter 14 is a protocol translator written by another client 12 using thedigital identity SDK 16 that uses standardized XML protocol to communicate with a standard digital identity adapter to thedigital identity engine 22. - Client software may reside in devices other than[0042]
user devices specialized adapter 14A to be written that uses standardized XML protocol to communicate with a standard digital identity adapter to thedigital identity engine 22. As another example, a web site can be aweb site client 11A communicating with thedigital identity engine 22 via astandard adapters 18. - The[0043]
digital identity engine 22 is the component that handles all access to all data that adapters10,10A,12,12A (and thus clients) is stored on the server side. Thecore engine 22 and itsdigital identity APIs 20 is written in Java to take advantage of Java Database Connectivity (JDBC) as the primary mechanism for accessing the digital identity data. - Application programming interfaces (APIs) are available as part of the TV Navigator platform (including client-side JavaScript and Java APIs) and as part of the Connect Suite platform (the server-side Java based, XML based and CORBA based APIs) that allow applications to be authored on top of the digital identity platform. CORBA, an acronym for Common Object Request Broker Architecture, is a type of object-oriented programming language system.[0044]
- The digital identity server ([0045]100 in FIG. 1) further provides yet another interface that can be implemented by third parties in order to write specialized plug-ins (223 in FIG. 2A) to the
digital identity server 100. Specialized plug-ins are used to access (in a transparent manner) information residing in external systems (234 in FIG. 2A) and including the legacy billing and SMS systems of the CATV operator (or other service provider). - The portable[0046]
digital identity server digital identity Engine 230 provides an application programming interface (API)228 to client adapter writers. The digital identity API is implemented as an efficient means for adapters to name, store, and control access to user data. The design relies on a relational database to provide the storage and indexing of user data. - The[0047]
digital identity engine 230 is what implements the API that adapters222,224,226 use to perform operations on data. Adapters are software components that communicate with clients. Various adapters are developed for the various clients thatdigital identity server 210 supports. For example, standard adapters include a CORBA adapter, a digital television andcookie adapter 224 and anXML adapter 226. Another adapter 212 is created using thesoftware development kit 214. - [0048]
Various client software digital identity server 210 via a corresponding adapter. For example,provisioning application 202 and a digitalidentity control console 203 interface through aCORBA adapter 222. A first generation digital television client204 (using a proprietary protocol) interfaces through a digital television andcookie adapter 224. A next generation digital television client communicates with thedigital identity server 210 through an XML adapter226 (using a standard version of Extensible Markup language or XML) as would another adapter 212. CORBA Clients use their own protocol, notably CORBA IIOP inCOBRA adapter 222, rather than XML/HTTP inadapter 226. - Similar to the operation of FIG. 1A, the[0049]
command server 238 in FIG. 2A provides data on the nature and characteristics of the requesting user device. Thedigital identity server 210 then retrieves the digital identity information from either thesystem database 236 or anexternal database 234 and downloads it to the requesting user device. - As shown in FIG. 2B, the[0050]
digital identity engine 250 includes API implementation functions252 responsive to theapplication programming interface 251. Thedigital identity engine 250 further comprises adata access layer 254 responsive to the API functions252 to perform all of the mechanisms for abstracting or accessing data out of the backend (data storage). - The[0051]
API implementation 252 communicates only with thedata access layer 254 and not directly with the various back-end data access functions such as Lightweight Directory Access protocol (LDAP)258,268, Java Database Connectivity (JDBC)264,schema mapper 266,callout mechanism 260 andsystem data cache 262. (Liberate Technologies, 2 Circle Star Way, San Carlos, Calif. 94070). The design is quite general, in the sense that adding a new mechanism for accessing data would require no changes to the API implementation functions252 or the adapters (18 in FIG. 1B). - A[0052]
data access layer 254 in thedigital identity engine 230 provides the following functionality: - 1.[0053]
Pools connections 253 to all data sources, includingGroup databases 272B,System database 272A, and Lightweight Directory Access protocol (LDAP) server(s)268. - 2. Dynamically updates and manage the relational database schema[0054]
- 3. Use the[0055]
schema mapper 256 andsystem data cache 262 to implement its operations and abstract from theAPI implementation 252 how data is accessed and where it is stored, hiding the fact that the data is distributed. - 4. Provide the implicit mapping from the schema of the objects defined in XML to the database schema[0056]
- The Supported Objects are given below. These objects are the same as the objects defined in the XML Protocol as used in the digital identity server.[0057]
- /account (primary object)[0058]
- /user (primary object)[0059]
- /machine (primary object)[0060]
- /account/users (relationship—not extensible)[0061]
- /account/machines (relationship—not extensible)[0062]
- /machine/users (relationship—not extensible)[0063]
- /user/cookies (cookies—not extensible)[0064]
- /user/services (services)[0065]
- /machine/services (services)[0066]
- /account/services (services)[0067]
- /user/favorites (collection object)[0068]
- /user/addressbook (collection object)[0069]
- . . . (etc)[0070]
- When a new type of collection object is introduced (such as Address Book), no new API functions are needed. Only a new object, and its associated XML schema are needed. The[0071]
data access layer 254 maintains objects and their mappings to physical tables automatically, so that no code has to change at thedata access layer 254 when a new object is created. The same is true for new attributes of existing objects. - API Implementation[0072]
- The[0073]
API implementation 252 calls only the various parts of thedata access layer 254 to perform the functions it needs, it does not call any other pieces, nor does it access any database (268,270,272A,272B) directly. Thedata access 254 layer maps each specificdigital identity API 251 call into the (more general) data access call. For example, a CreateEntity API function calls the generic “create” or “set” method in thedata access layer 254, after setting up all the right parameters, and the connection. Similarly, a GetCookies or GetProperties API function, calls a generic “get” method, after setting up all the parameters for each type of object (see object list above) to get the data from the database. - [0074]
Schema Mapper 256 - The[0075]
Schema Mapper component 256 maintains the configuration of the XML schema objects, and their underlying physical tables. It also provides thedata access layer 254 with a way to easily determine how to access a given piece of data. Furthermore, theschema mapper 256 stores XML schema blobs in theCommand Server 266, allowing the customer to extend and control the schema dynamically (through GUI tools). Finally, theschema mapper 256 stores information about where attributes reside (Database, external Lightweight Directory Access protocol (LDAP), etc). - [0076]
System Data Cache 262 - The[0077]
system data cache 262 minimizes the need to access theSystem database 272A, since it is a global bottleneck. It further stores servergroup information for users/machines/accounts in adata cache 262 so that trips to theSystem database 272A are eliminated whenever possible. Thesystem data cache 262 further provides a way for the API implementation functions252 to efficiently discover the user/machine/account relationships. Finally, thesystem data cache 262 ensures that the in-memory cache is kept consistent with the database, given that there may be multipledigital identity servers 250 behind a load balancer, and the servers need to appear stateless. The function of providing consistent state conditions across multiple digital identity servers is accomplished by allowing communication between multiple digital identity servers for notification purposes when an entity is deleted or moved. - Scalability[0078]
- Each[0079]
digital identity server 250 has the ability to connect to any datasource in the site, including allGroup databases 272B, theSystem database 272A, and all external customer data (Lightweight Directory Access protocol (LDAP)268,SMS 270, etc). However, eachdigital identity server 250 has the notion of a home server group, namely agroup database 272B to which it is “tightly” bound, either through physical locality, or through logical locality (i.e. it expects to service a certain subset of users/machines/accounts in the normal case). Thedigital identity server 250 optimizes its access to its ownhome server group 272B as much as possible. - The[0080]
digital identity server 250 provides less optimized access to other server groups' data for administration functions (such as MoveEntity) and to external customer data. Thedigital identity server 250 has the option to provide access to all functions on other server groups, if the adapters/Clients do not wish to connect to another digital identity server which is non-optimized. One digital identity server is able to service several adapters simultaneously. Load Balancing (when possible) is done between the clients and the adapters. In the alternative, load balancing may be done between the adapters and the digital identity Engine through the network adapter - Call-outs to Legacy Data[0081]
- The call-out[0082]
component 260 retrieves data on a read-only basis from external (operator-managed)datastores 270. The customer data retrieval typically occurs as part of an operation like getProperties in the API. Use of the call-out260 is dictated by theSchema Mapper 256, which notes where and how individual properties can be retrieved. The call-outs are used only for primitive properties of Entities, but may be generalized to apply to other data (like Services or Collections) as well. Data structures are discussed in conjunction with FIG. 3 through FIG. 7. - As a part of any call-out, the entityid must be converted into an ID that is meaningful for the external datastore. The conversion may involve a call into the[0083]
system database 272A or user database, to retrieve other properties. The conversion activity is performed either in the data access layer, or within the specific modules that perform the call-out. - Similarly, propertyNames needs to be converted into external attribute names; this information is generally available through the[0084]
command server 266. - When the call-out returns, the returned data is merged into the result set that is returned from digital identity (typically a sequence of PropertyNameValues), and is indistinguishable from other data.[0085]
- There are two call-outs shown in FIG. 2B: SMS (subscriber management system)[0086]260 uses a general function call; Lightweight Directory Access protocol (LDAP)258 is a special case for which higher-level support is provided. Both of these call outs are examples of the external data i.e. legacy datstores (234 in FIG. 2A).
- SMS Call-out[0087]
- The[0088]
SMS callout mechanism 260 uses a function call to a customer-provided routine. Typically, the SMS module is called with an entityid and one or more propertyNames. The SMS callout resolves the Id (convert to an external id), and then makes a function call to the external routine. In a Java implementation, this routine is typically provided as a .jar file, loaded as a plugin. The argument list for external function includes at least external entity ID and propertyName(s). - Lightweight Directory Access Protocol (LDAP) Call-out[0089]
- The Lightweight Directory Access protocol (LDAP) call-out provides high-level support for retrieving data from a Lightweight Directory Access protocol (LDAP) repository.[0090]
- The data access layer calls the Lightweight Directory Access protocol (LDAP) module, supplying information such as the entityid and propertyName(s). The Lightweight Directory Access protocol (LDAP) call-out converts the entityId into an Lightweight Directory Access protocol (LDAP) Distinguished Name (possibly using information from the System DB or User DB), and converts the propertyNames into Lightweight Directory Access protocol (LDAP) attribute names (possibly using configuration parameters).[0091]
- Using configuration parameters, it then forms and executes a complete Lightweight Directory Access protocol (LDAP) call to retrieve the data, such as an Lightweight Directory Access protocol (LDAP) URL, and processes the result set.[0092]
- In a Java implementation, this Lightweight Directory Access protocol (LDAP) client can be implemented on Java Naming Directory Interface (JNDI). Most call-outs use the DirContext.getAttributes() method, to retrieve a set of Lightweight Directory Access protocol (LDAP) attribute values, which are merged into the digital identity result set.[0093]
- Besides being easier to use than the more general call-out mechanism, the Lightweight Directory Access protocol (LDAP) module enables the[0094]
data access layer 254 to pool253 Lightweight Directory Access protocol (LDAP) connections, as it also does for Java Database Connectivity (JDBC) connections. - Digital Identity Software Development Kit[0095]
- The diagram in FIG. 2C shows the sub-components of the Software Development Kit (SDK) and[0096]
network adapter 288. The Software Development Kit (SDK)276 andnetwork adapters 288 both convert between the digital identity API and the network protocol (XML/HTTP). - The SDKs implement the digital identity API, hiding implementation details behind a standard interface. SDKs are delivered as libraries, which are used by customers who build out-of-process (external) adapters.[0097]
- SDKs must be written in the same language as the corresponding adapters, so separate SDKs are required for each language in which adapters are written. SDKs are required for both Java and C/C++. Java adapters may be able to run natively (in-process), if their client-server protocol allows it. In-process adapters do not require SDKs.[0098]
- The primary function of the SDK is to convert digital identity API calls into network-based communication with the digital identity server. A simplified process description is:[0099]
- 1. Call[0100]
XML Publisher 284 to convert API command and data into XML. - 2. Call[0101]
HTTP module 280 to establish communication with server throughconnection pool 282; send XML request; receive response. - 3. Call[0102]
XML Parser 286 to parse response; convert to API data structures; return to caller. - Digital[0103]
Identity Network Adapter 288 - The[0104]
network adapter 288 runs in the same process as the digital identity server, and services out-of-process adapters. The job of thenetwork adapter 288 is the complement of theSDK 276; it converts XML/HTTP requests back into digital identity to API function calls. In this sense, the digital identity server is using its native network protocol as a sort of RPC mechanism for the external adapters to make calls to the digital identity engine. The extensible markup language (XML) is actually very well suited for this purpose. - Similar conversions to/from XML (shown as[0105]
XML Publisher 284 and XML Parser286) are performed in both the SDK and network adapter. These conversions share the same technology base, especially for XML parsing286. - Adapters[0106]
- Each adapter's[0107]274 primary function is to translate the communication that it receives from its client in its native protocol to the Liberate digital identity API. Clients make requests to adapters to perform certain operations such as getting and setting of data. These requests are decoded and handled by the adapter, and translated into digital identity API calls; data returned from the API calls is encoded and sent to the client. As mentioned, adapters may run in-process or out-of-process; the API is identical in either case.
- Compared to in-process adapters, external ones offer advantages (independence of programming language; stability of external process) and disadvantages (potential performance penalty of extra network hop). In general, in-process adapters should be used where possible, for performance reasons.[0108]
- Adapters that rely on HTTP use the same mechanism for decoding and handling the network traffic as the digital identity network adapter (namely an HTTP server such as Apache)[0109]298. A goal of the digital identity server is to use a single adapter to service all XML requests, be they from in-process or out-of-process adapters. To facilitate unification, a compatible XML format is adopted.
- CORBA and LDAP adapters[0110]
- The digital identity server does not provide native interfaces for CORBA or Lightweight Directory Access protocol (LDAP). Clients that use these protocols require special-purpose adapters. The adapters implement the appropriate Server type (CORBA or LDAP), but use digital identity protocols on the back end.[0111]
- CORBA[0112]
- The CORBA adapter is needed to support the User Data Manager, which is a CORBA Client (currently implemented as a Java applet). Like all CORBA servers, it supports an interface defined in an IDL. IDL has currently been defined for the digital identity engine consisting of about 40 operations, defined on 7 interfaces (object classes). This supports a particular object model, which has since been extended for digital identity. In order to make the new digital identity features accessible through CORBA, the IDL is extended. The adapter translates IDL calls into digital identity API calls.[0113]
- The CORBA adapter may run either in-process or out-of-process with respect to the digital identity Engine. An in-process implementation links the digital identity Engine into the CORBA Server as a library, which is different from the method of running other in-process adapters, which are accessed through a web server interface. The out-of-process implementation uses the SDK and network adapter.[0114]
- The Digital Identity Object Model[0115]
- As shown in FIG. 3, there are three top-level object classes:[0116]
Accounts 302,Users 306 andMachines 304. These three top-level object classes are collectively referred to as Entities. Individual Entities have a unique entityid, specified when the Entity is created. EachUser 306 is associated with exactly one Account. EachMachine 304 is associated with exactly one Account. As illustrated by the 1 to N relationship anaccount 302 may have a plurality ofusers 306. As illustrated by the 1 to M relationship, anaccount 302 may have a plurality ofmachines 304. For example, ahousehold CATV account 302 may include several family members asusers 306, and have more than oneCATV converter 304. - All Entities may have primitive Properties. Properties are typed; the current set of types is {string; integer; boolean; binary}. Besides the primitive Properties, Entities may have Collection Properties associated with them. Collections are structured objects—i.e., have primitive Properties of their own. Collections may have many Instances for a given Entity; each Instance has a unique instanceid, which can be used to access that Instance.[0117]
- As shown in FIG. 5, the account entity is associated with one or[0118]
more attributes 510,services 516 andcollections 508. Anaccount entity 502 stores the properties of the account and billing information. - Similarly, FIG. 6 illustrates the[0119]
machine entity 604 being associated with one ormore attributes 610,services 616 andcollections 608. Themachine entity 604 represents an interactive device. - Similarly, the[0120]
user entity 706 is associated with one ormore attributes 710,services 716 andcollections 708. Auser entity 706 represents the user of an interactive device or application. In addition, theuser entity 706 is associative with one ormore cookies 718. As shown in FIG. 4, cookies have special Collection Properties, with particular semantics, such asname 406,path 404,domain 402,value 410,expiration 412 andsecurity level 414. - Besides being associated with particular Entities, Collection Properties may have values at the global (System) level. Customers may define additional Properties for Accounts, Users, Machines, or Collection Properties, and may define additional Collection Properties. Entities have Server Groups, which specify where their data is located. Users and Machines associated with an Account have the same Server Group as the account.[0121]
- FIG. 8 is a hierarchical representation of the Digital identity object model. Various types of information are represented in the digital identity server to support the needs of administrators, applications, set-top boxes, and other users. The information is structured according to a particular model (schema), which reflects the world of Accounts, Machines, and Users. Information that is handled by the digital identity server can be accessed and manipulated in a variety of ways, including through CORBA, and from the settop box.[0122]
- The primary objects in the system are[0123]
Entities 802, which correspond toAccounts 806,Machines 808, andUsers 810. There are three subclasses of Entities to represent the three cases listed above: - Accounts: Represents a billing account. An Account may have multiple Machine and multiple User entities associated with it.[0124]
- Machine: Represents a single set-top box. Each Machine object must always have an associated Account.[0125]
- User: Represents a User on a set-top box. Each User object must always have an associated Account.[0126]
- Standard UML notation is used to represent both the digital identity object model and the associated CORBA IDL. The boxes in FIG. 8 represent classes (CORBA interfaces) of which there are 7 in the system. Each box in FIG. 8 is divided into three regions; the top region shows the class name; the middle region shows the attributes that are defined in the base schema; the bottom region shows the operations (methods) that are defined in the CORBA IDL.[0127]
- The lines among the boxes indicate relationships. The ones with arrowheads are generalizations; the others are associations, with the multiplicity indicated by the numbers at either end.[0128]
- To improve scalability, network operators can create digital identity server groups. A deployment can have one or more digital[0129]
identity server groups server group - Besides a database for each server group, there is a single, shared digital[0130]
identity system database 906 that can be accessed by every digital identity server. Thesystem database 906 contains basic information for all subscribers, while eachserver group database - [0131]
Digital identity adapters digital identity servers API 912 that provides a single point of access to all data in all digital identity servers. This provides the following benefits: - Different TV Navigator clients (such as TV Navigator Standard and Compact clients) can all access the same digital identity server or server groups.[0132]
- Developers can create custom provisioning applications that use the services of the digital identity CORBA adapter. These applications can also interface to external billing, customer service, and subscriber management systems, to interoperate with legacy systems.[0133]
- A simple graphical user interface is provided at the[0134]
digital identity console 914, which can access and modify persistent data stored in the digital identity servers. Thedigital identity console 914 is implemented as a CORBA client. - Through the provisioning plugin architecture, digital identity provides access to external back-end data stores, such as LDAP servers enabling system operators to access legacy data.[0135]
- The digital identity architecture supports the development of new client adapters, as needed for emerging protocols.[0136]
- Below are several examples of sample code for provisioning an account making requests and providing responses.[0137]
SAMPLE CODE FOR PROVISIONING AN ACCOUNT Transaction.open( ); Account johnsAccount = Account.create(“LondonServerGroup”); johnsAccount.setAttribute(“sysFirstName”, “John”); johnsAccount.setAttribute(“sysLastName”, “Smith”); Machine setTopBox1 = Machine.create(johnsAccount, “macAddr1”); Machine setTopBox2 = Machine.create(johnsAccount, “macAddr2”); User john = User.create(johnsAccount); john.setAttribute(“sysName”, “John”); john.setAttribute(“sysPassword”, “1234”); setTopBox1.addUser(john); setTobBox2.addUser(john); Transaction.commit( ); Example XML Request <XMSG> <AUTH CLASS =“USER” TYPE = “password” ID = “Ryan” TOKEN = “a secret”> <REQUEST OP = “GET”> <OBJ N = “/user” ID =“Ryan”/> </REQUEST> </AUTH> </XMSG> Example XML Response <XMSG> <RESPONSE OP = “GET” STATUS = “OK”> <OBJ N = “/user” ID = “Ryan”/> <AT N = “sysFirstName”>Ryan</AT> <AT N = “sysLastName”>King</AT> </OBJ></RESPONSE> </XMSG>
Claims (1)
1. In a system having an electronic communication device operated by a user, said system further including a remote database and a server on a distributed computing network, a method comprising:
entering identification information into said electronic communication device;
transmitting said identification information to said server;
retrieving personalized information from said database;
forwarding said personalized information to said electronic communication device,
wherein said electronic communication device is a CATV settop box; and
wherein said personalized information is related to said user's CATV subscription account, whereby said CATV settop box is personalized to said user.
Priority Applications (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/977,085US20030074660A1 (en) | 2001-10-12 | 2001-10-12 | System method and apparatus for portable digital identity |
| AU2002332116AAU2002332116A1 (en) | 2001-10-12 | 2002-10-12 | System method and apparatus for portable digital identity |
| PCT/US2002/032540WO2003032610A2 (en) | 2001-10-12 | 2002-10-12 | System method and apparatus for portable digital identity |
| US12/400,541US7870219B2 (en) | 2001-10-12 | 2009-03-09 | System method and apparatus for portable digital identity |
| US12/977,742US20110093881A1 (en) | 2001-10-12 | 2010-12-23 | System Method and Apparatus for Portable Digital Identity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/977,085US20030074660A1 (en) | 2001-10-12 | 2001-10-12 | System method and apparatus for portable digital identity |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US12/400,541ContinuationUS7870219B2 (en) | 2001-10-12 | 2009-03-09 | System method and apparatus for portable digital identity |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20030074660A1true US20030074660A1 (en) | 2003-04-17 |
Family
ID=25524796
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/977,085AbandonedUS20030074660A1 (en) | 2001-10-12 | 2001-10-12 | System method and apparatus for portable digital identity |
| US12/400,541Expired - Fee RelatedUS7870219B2 (en) | 2001-10-12 | 2009-03-09 | System method and apparatus for portable digital identity |
| US12/977,742AbandonedUS20110093881A1 (en) | 2001-10-12 | 2010-12-23 | System Method and Apparatus for Portable Digital Identity |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US12/400,541Expired - Fee RelatedUS7870219B2 (en) | 2001-10-12 | 2009-03-09 | System method and apparatus for portable digital identity |
| US12/977,742AbandonedUS20110093881A1 (en) | 2001-10-12 | 2010-12-23 | System Method and Apparatus for Portable Digital Identity |
Country Status (3)
| Country | Link |
|---|---|
| US (3) | US20030074660A1 (en) |
| AU (1) | AU2002332116A1 (en) |
| WO (1) | WO2003032610A2 (en) |
Cited By (33)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050079863A1 (en)* | 2003-10-08 | 2005-04-14 | Macaluso Anthony G. | Over the air provisioning of mobile device settings |
| US20050123277A1 (en)* | 2003-12-03 | 2005-06-09 | Hitachi, Ltd. | Broadcast receiving device and stream output device |
| US20050187945A1 (en)* | 2004-02-19 | 2005-08-25 | International Business Machines Corporation | System and method for adaptive user settings |
| US20060050177A1 (en)* | 2004-07-01 | 2006-03-09 | Sanyo Electric Co., Ltd. | Receiver |
| US7020891B1 (en)* | 2000-09-28 | 2006-03-28 | Intel Corporation | Internet domain and time index based video email system |
| US20060282386A1 (en)* | 2005-03-14 | 2006-12-14 | Szeto Christopher T | Method and system for premium access |
| US20070033655A1 (en)* | 2005-08-03 | 2007-02-08 | Dawson Colin S | Transportable computing environment apparatus system and method |
| US20070061873A1 (en)* | 2005-09-09 | 2007-03-15 | Microsoft Corporation | Securely roaming digital identities |
| US20070101419A1 (en)* | 2005-10-31 | 2007-05-03 | Dawson Colin S | Apparatus, system, and method for providing electronically accessible personal information |
| US20070113165A1 (en)* | 2005-11-15 | 2007-05-17 | Yi-Hsin Hsieh | Multimedia playing system and method |
| US20070204168A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Identity providers in digital identity system |
| US20070203852A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Identity information including reputation information |
| US20070204325A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Personal identification information schemas |
| US20070232223A1 (en)* | 2006-03-30 | 2007-10-04 | Eric Bilange | Systems and methods for communicating music indicia |
| US20080028215A1 (en)* | 2006-07-28 | 2008-01-31 | Microsoft Corporation | Portable personal identity information |
| US20080178271A1 (en)* | 2007-01-18 | 2008-07-24 | Microsoft Corporation | Provisioning of digital identity representations |
| US20080178272A1 (en)* | 2007-01-18 | 2008-07-24 | Microsoft Corporation | Provisioning of digital identity representations |
| US20080184339A1 (en)* | 2007-01-26 | 2008-07-31 | Microsoft Corporation | Remote access of digital identities |
| US20090019507A1 (en)* | 2007-07-12 | 2009-01-15 | At&T Knowledge Ventures, L.P. | System for presenting media services |
| US20100057843A1 (en)* | 2008-08-26 | 2010-03-04 | Rick Landsman | User-transparent system for uniquely identifying network-distributed devices without explicitly provided device or user identifying information |
| US20100268576A1 (en)* | 2009-04-17 | 2010-10-21 | At&T Intellectual Property I, L.P. | System and method for sending data to end user data delivery vehicles |
| US20110072073A1 (en)* | 2009-09-21 | 2011-03-24 | Sling Media Inc. | Systems and methods for formatting media content for distribution |
| US20110119325A1 (en)* | 2009-11-16 | 2011-05-19 | Sling Media Inc. | Systems and methods for delivering messages over a network |
| US20110150432A1 (en)* | 2009-12-23 | 2011-06-23 | Sling Media Inc. | Systems and methods for remotely controlling a media server via a network |
| US20110191811A1 (en)* | 2010-02-02 | 2011-08-04 | Alan Rouse | System and method of mapping customer premise equipment in a vod system of a cable service provider |
| US20110321079A1 (en)* | 2010-06-23 | 2011-12-29 | Sling Media Inc. | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| US20120174200A1 (en)* | 2003-02-13 | 2012-07-05 | Microsoft Corporation | Digital identity management |
| US20130167195A1 (en)* | 2011-09-15 | 2013-06-27 | Uniloc Luxembourg S.A. | Hardware identification through cookies |
| US8838810B2 (en) | 2009-04-17 | 2014-09-16 | Sling Media, Inc. | Systems and methods for establishing connections between devices communicating over a network |
| US9015236B1 (en)* | 2013-03-13 | 2015-04-21 | Google Inc. | Personalized services using a client-side user model |
| US9275054B2 (en) | 2009-12-28 | 2016-03-01 | Sling Media, Inc. | Systems and methods for searching media content |
| US9549047B1 (en)* | 2013-03-14 | 2017-01-17 | Google Inc. | Initiating a client-side user model |
| US10754945B2 (en) | 2010-09-16 | 2020-08-25 | Uniloc 2017 Llc | Psychographic device fingerprinting |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090037829A1 (en)* | 2007-08-01 | 2009-02-05 | Microsoft Corporation | Framework to integrate web services with on-premise software |
| JP4743297B2 (en)* | 2009-03-16 | 2011-08-10 | コニカミノルタビジネステクノロジーズ株式会社 | Image forming apparatus, function expansion method, and user authentication system |
| US8769560B2 (en) | 2009-10-13 | 2014-07-01 | At&T Intellectual Property I, L.P. | System and method to obtain content and generate modified content based on a time limited content consumption state |
| AU2011289180B2 (en) | 2010-08-12 | 2015-05-28 | Mastercard International, Inc. | Multi-commerce channel wallet for authenticated transactions |
| US8528014B2 (en) | 2011-04-22 | 2013-09-03 | Telefonaktiebolaget L M Ericsson (Publ) | Location based user aware video on demand sessions |
| TWI516105B (en)* | 2012-11-22 | 2016-01-01 | 緯創資通股份有限公司 | Broadcasting system and associated method for audio/video bitstream |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5761662A (en)* | 1994-12-20 | 1998-06-02 | Sun Microsystems, Inc. | Personalized information retrieval using user-defined profile |
| US6092178A (en)* | 1998-09-03 | 2000-07-18 | Sun Microsystems, Inc. | System for responding to a resource request |
| US20010013123A1 (en)* | 1991-11-25 | 2001-08-09 | Freeman Michael J. | Customized program creation by splicing server based video, audio, or graphical segments |
| US6343319B1 (en)* | 1999-04-06 | 2002-01-29 | Daniel Abensour | Method and system for curriculum delivery |
| US20020013827A1 (en)* | 2000-05-18 | 2002-01-31 | Edstrom Claes G.R. | Personal service environment management apparatus and methods |
| US6442589B1 (en)* | 1999-01-14 | 2002-08-27 | Fujitsu Limited | Method and system for sorting and forwarding electronic messages and other data |
| US6539422B1 (en)* | 1998-05-04 | 2003-03-25 | Intermec Ip Corp. | Automatic data collection device having a network communications capability |
| US6546002B1 (en)* | 1999-07-07 | 2003-04-08 | Joseph J. Kim | System and method for implementing an intelligent and mobile menu-interface agent |
| US6553405B1 (en)* | 2000-02-25 | 2003-04-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Self-configurable distributed system |
| US6610105B1 (en)* | 1997-12-09 | 2003-08-26 | Openwave Systems Inc. | Method and system for providing resource access in a mobile environment |
| US6621528B1 (en)* | 2000-05-22 | 2003-09-16 | Sony Corporation | Channel control for digital television |
| US6671715B1 (en)* | 2000-01-21 | 2003-12-30 | Microstrategy, Inc. | System and method for automatic, real-time delivery of personalized informational and transactional data to users via high throughput content delivery device |
| US6741853B1 (en)* | 2000-11-09 | 2004-05-25 | Nortel Networks Limited | Device aware internet portal |
| US6785680B1 (en)* | 2000-06-26 | 2004-08-31 | International Business Machines Corporation | Method and apparatus for providing individualized client data from a service provider to a portable digital device of a client |
Family Cites Families (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE69515337T2 (en)* | 1994-12-23 | 2000-08-24 | Imedia Corp., San Francisco | Providing video recorder trick functions in a video distribution system |
| US5922045A (en)* | 1996-07-16 | 1999-07-13 | At&T Corp. | Method and apparatus for providing bookmarks when listening to previously recorded audio programs |
| US6049831A (en)* | 1996-11-08 | 2000-04-11 | Gte Laboratories Incorporated | System for transmitting network-related information where requested network information is separately transmitted as definitions and display information |
| WO1999027681A2 (en)* | 1997-11-25 | 1999-06-03 | Motorola Inc. | Audio content player methods, systems, and articles of manufacture |
| EP0957617A3 (en)* | 1998-05-14 | 2003-10-22 | Sun Microsystems, Inc. | A generic schema for storing configuration information on a client computer and a server computer |
| AR020608A1 (en)* | 1998-07-17 | 2002-05-22 | United Video Properties Inc | A METHOD AND A PROVISION TO SUPPLY A USER REMOTE ACCESS TO AN INTERACTIVE PROGRAMMING GUIDE BY A REMOTE ACCESS LINK |
| EP1035741A3 (en)* | 1999-03-09 | 2000-11-29 | Siemens Information and Communication Products, L.L.C. | Wireless communication system having downloadable settings and method of operation |
| KR100624865B1 (en)* | 1999-06-02 | 2006-09-18 | 엘지전자 주식회사 | Video segmentation viewing system using user profile |
| US6349410B1 (en)* | 1999-08-04 | 2002-02-19 | Intel Corporation | Integrating broadcast television pause and web browsing |
| US6873841B1 (en)* | 1999-12-16 | 2005-03-29 | Koninklijke Philips Electronics N.V. | Shared address-data service for personal CE equipment |
| WO2001082611A1 (en)* | 2000-04-21 | 2001-11-01 | Sony Corporation | Information processing apparatus and method, recorded medium, and program |
| US20020013820A1 (en)* | 2000-06-20 | 2002-01-31 | Crandall Evan Stephen | Private performance transmission |
| US7092370B2 (en)* | 2000-08-17 | 2006-08-15 | Roamware, Inc. | Method and system for wireless voice channel/data channel integration |
| US6725303B1 (en)* | 2000-08-31 | 2004-04-20 | At&T Corp. | Method and apparatus for establishing a personalized connection with a network |
| US7103906B1 (en)* | 2000-09-29 | 2006-09-05 | International Business Machines Corporation | User controlled multi-device media-on-demand system |
| WO2002031701A2 (en)* | 2000-10-11 | 2002-04-18 | United Video Properties, Inc. | Systems and methods for providing storage of data on servers in an on-demand media delivery system |
| US8225361B2 (en)* | 2000-11-27 | 2012-07-17 | Cox Communications, Inc. | Remote monitoring and control method and apparatus for an information distribution system |
| US7093277B2 (en)* | 2001-05-30 | 2006-08-15 | Digeo, Inc. | System and method for improved multi-stream multimedia transmission and processing |
| US7224404B2 (en)* | 2001-07-30 | 2007-05-29 | Samsung Electronics Co., Ltd. | Remote display control of video/graphics data |
| US7571124B2 (en)* | 2001-09-24 | 2009-08-04 | International Business Machines Corporation | Location based services virtual bookmarking |
| US9131272B2 (en)* | 2003-11-04 | 2015-09-08 | Universal Electronics Inc. | System and method for saving and recalling state data for media and home appliances |
| US20060015580A1 (en)* | 2004-07-01 | 2006-01-19 | Home Box Office, A Delaware Corporation | Multimedia content distribution |
| US7669219B2 (en)* | 2005-04-15 | 2010-02-23 | Microsoft Corporation | Synchronized media experience |
- 2001
- 2001-10-12USUS09/977,085patent/US20030074660A1/ennot_activeAbandoned
- 2002
- 2002-10-12AUAU2002332116Apatent/AU2002332116A1/ennot_activeAbandoned
- 2002-10-12WOPCT/US2002/032540patent/WO2003032610A2/ennot_activeApplication Discontinuation
- 2009
- 2009-03-09USUS12/400,541patent/US7870219B2/ennot_activeExpired - Fee Related
- 2010
- 2010-12-23USUS12/977,742patent/US20110093881A1/ennot_activeAbandoned
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20010013123A1 (en)* | 1991-11-25 | 2001-08-09 | Freeman Michael J. | Customized program creation by splicing server based video, audio, or graphical segments |
| US5761662A (en)* | 1994-12-20 | 1998-06-02 | Sun Microsystems, Inc. | Personalized information retrieval using user-defined profile |
| US6610105B1 (en)* | 1997-12-09 | 2003-08-26 | Openwave Systems Inc. | Method and system for providing resource access in a mobile environment |
| US6539422B1 (en)* | 1998-05-04 | 2003-03-25 | Intermec Ip Corp. | Automatic data collection device having a network communications capability |
| US6092178A (en)* | 1998-09-03 | 2000-07-18 | Sun Microsystems, Inc. | System for responding to a resource request |
| US6442589B1 (en)* | 1999-01-14 | 2002-08-27 | Fujitsu Limited | Method and system for sorting and forwarding electronic messages and other data |
| US6343319B1 (en)* | 1999-04-06 | 2002-01-29 | Daniel Abensour | Method and system for curriculum delivery |
| US6546002B1 (en)* | 1999-07-07 | 2003-04-08 | Joseph J. Kim | System and method for implementing an intelligent and mobile menu-interface agent |
| US6671715B1 (en)* | 2000-01-21 | 2003-12-30 | Microstrategy, Inc. | System and method for automatic, real-time delivery of personalized informational and transactional data to users via high throughput content delivery device |
| US6553405B1 (en)* | 2000-02-25 | 2003-04-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Self-configurable distributed system |
| US20020013827A1 (en)* | 2000-05-18 | 2002-01-31 | Edstrom Claes G.R. | Personal service environment management apparatus and methods |
| US6621528B1 (en)* | 2000-05-22 | 2003-09-16 | Sony Corporation | Channel control for digital television |
| US6785680B1 (en)* | 2000-06-26 | 2004-08-31 | International Business Machines Corporation | Method and apparatus for providing individualized client data from a service provider to a portable digital device of a client |
| US6741853B1 (en)* | 2000-11-09 | 2004-05-25 | Nortel Networks Limited | Device aware internet portal |
Cited By (74)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7020891B1 (en)* | 2000-09-28 | 2006-03-28 | Intel Corporation | Internet domain and time index based video email system |
| US9477832B2 (en) | 2003-02-13 | 2016-10-25 | Microsoft Technology Licensing, Llc | Digital identity management |
| US8819797B2 (en)* | 2003-02-13 | 2014-08-26 | Microsoft Corporation | Digital identity management |
| US20120174200A1 (en)* | 2003-02-13 | 2012-07-05 | Microsoft Corporation | Digital identity management |
| US7565141B2 (en)* | 2003-10-08 | 2009-07-21 | Macaluso Anthony G | Over the air provisioning of mobile device settings |
| US20050079863A1 (en)* | 2003-10-08 | 2005-04-14 | Macaluso Anthony G. | Over the air provisioning of mobile device settings |
| US7865182B2 (en) | 2003-10-08 | 2011-01-04 | Single Touch Interactive, Inc. | Over the air provisioning of mobile device settings |
| US20050123277A1 (en)* | 2003-12-03 | 2005-06-09 | Hitachi, Ltd. | Broadcast receiving device and stream output device |
| US7614076B2 (en)* | 2003-12-03 | 2009-11-03 | Hitachi, Ltd. | Broadcast receiving device and stream output device |
| US7249148B2 (en) | 2004-02-19 | 2007-07-24 | International Business Machines Corporation | System and method for adaptive user settings |
| US20050187945A1 (en)* | 2004-02-19 | 2005-08-25 | International Business Machines Corporation | System and method for adaptive user settings |
| US8156521B2 (en)* | 2004-07-01 | 2012-04-10 | Sanyo Electric Co., Ltd. | Receiver |
| US20060050177A1 (en)* | 2004-07-01 | 2006-03-09 | Sanyo Electric Co., Ltd. | Receiver |
| US20060282386A1 (en)* | 2005-03-14 | 2006-12-14 | Szeto Christopher T | Method and system for premium access |
| US8302202B2 (en) | 2005-08-03 | 2012-10-30 | International Business Machines Corporation | Transportable computing environment apparatus system and method |
| US20070033655A1 (en)* | 2005-08-03 | 2007-02-08 | Dawson Colin S | Transportable computing environment apparatus system and method |
| US8051469B2 (en) | 2005-09-09 | 2011-11-01 | Microsoft Corporation | Securely roaming digital identities |
| US20070061873A1 (en)* | 2005-09-09 | 2007-03-15 | Microsoft Corporation | Securely roaming digital identities |
| US20100064361A1 (en)* | 2005-09-09 | 2010-03-11 | Microsoft Corporation | Securely roaming digital identities |
| US7640579B2 (en) | 2005-09-09 | 2009-12-29 | Microsoft Corporation | Securely roaming digital identities |
| US20070101419A1 (en)* | 2005-10-31 | 2007-05-03 | Dawson Colin S | Apparatus, system, and method for providing electronically accessible personal information |
| US20070113165A1 (en)* | 2005-11-15 | 2007-05-17 | Yi-Hsin Hsieh | Multimedia playing system and method |
| US20070203852A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Identity information including reputation information |
| US8117459B2 (en)* | 2006-02-24 | 2012-02-14 | Microsoft Corporation | Personal identification information schemas |
| US8104074B2 (en) | 2006-02-24 | 2012-01-24 | Microsoft Corporation | Identity providers in digital identity system |
| US20070204168A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Identity providers in digital identity system |
| US20070204325A1 (en)* | 2006-02-24 | 2007-08-30 | Microsoft Corporation | Personal identification information schemas |
| US20070232223A1 (en)* | 2006-03-30 | 2007-10-04 | Eric Bilange | Systems and methods for communicating music indicia |
| US8463245B2 (en) | 2006-03-30 | 2013-06-11 | Shoreline Innovations, Llc | Systems and methods for communicating music indicia |
| US20080028215A1 (en)* | 2006-07-28 | 2008-01-31 | Microsoft Corporation | Portable personal identity information |
| US8078880B2 (en) | 2006-07-28 | 2011-12-13 | Microsoft Corporation | Portable personal identity information |
| US8407767B2 (en) | 2007-01-18 | 2013-03-26 | Microsoft Corporation | Provisioning of digital identity representations |
| US20080178272A1 (en)* | 2007-01-18 | 2008-07-24 | Microsoft Corporation | Provisioning of digital identity representations |
| US8087072B2 (en) | 2007-01-18 | 2011-12-27 | Microsoft Corporation | Provisioning of digital identity representations |
| US20080178271A1 (en)* | 2007-01-18 | 2008-07-24 | Microsoft Corporation | Provisioning of digital identity representations |
| US20080184339A1 (en)* | 2007-01-26 | 2008-07-31 | Microsoft Corporation | Remote access of digital identities |
| US9521131B2 (en) | 2007-01-26 | 2016-12-13 | Microsoft Technology Licensing, Llc | Remote access of digital identities |
| US8689296B2 (en) | 2007-01-26 | 2014-04-01 | Microsoft Corporation | Remote access of digital identities |
| US8713608B2 (en)* | 2007-07-12 | 2014-04-29 | At&T Intellectual Property I, Lp | System for presenting media services |
| US10405021B2 (en) | 2007-07-12 | 2019-09-03 | At&T Intellectual Property I, L.P. | System for presenting media services |
| US20090019507A1 (en)* | 2007-07-12 | 2009-01-15 | At&T Knowledge Ventures, L.P. | System for presenting media services |
| US8131799B2 (en) | 2008-08-26 | 2012-03-06 | Media Stamp, LLC | User-transparent system for uniquely identifying network-distributed devices without explicitly provided device or user identifying information |
| US20100057843A1 (en)* | 2008-08-26 | 2010-03-04 | Rick Landsman | User-transparent system for uniquely identifying network-distributed devices without explicitly provided device or user identifying information |
| US11580563B2 (en) | 2009-04-17 | 2023-02-14 | At&T Intellectual Property I, L.P. | System and method for sending data to end user data delivery vehicles |
| US20100268576A1 (en)* | 2009-04-17 | 2010-10-21 | At&T Intellectual Property I, L.P. | System and method for sending data to end user data delivery vehicles |
| US8838810B2 (en) | 2009-04-17 | 2014-09-16 | Sling Media, Inc. | Systems and methods for establishing connections between devices communicating over a network |
| US10074095B2 (en)* | 2009-04-17 | 2018-09-11 | At&T Intellectual Property I, L.P. | System and method for sending data to end user data delivery vehicles |
| US9225785B2 (en) | 2009-04-17 | 2015-12-29 | Sling Media, Inc. | Systems and methods for establishing connections between devices communicating over a network |
| US12361437B2 (en) | 2009-04-17 | 2025-07-15 | At&T Intellectual Property I, L.P. | System and method for sending data to end user data delivery vehicles |
| US20110072073A1 (en)* | 2009-09-21 | 2011-03-24 | Sling Media Inc. | Systems and methods for formatting media content for distribution |
| US8621099B2 (en) | 2009-09-21 | 2013-12-31 | Sling Media, Inc. | Systems and methods for formatting media content for distribution |
| US9015225B2 (en) | 2009-11-16 | 2015-04-21 | Echostar Technologies L.L.C. | Systems and methods for delivering messages over a network |
| US20110119325A1 (en)* | 2009-11-16 | 2011-05-19 | Sling Media Inc. | Systems and methods for delivering messages over a network |
| US10021073B2 (en) | 2009-11-16 | 2018-07-10 | Sling Media L.L.C. | Systems and methods for delivering messages over a network |
| US20110150432A1 (en)* | 2009-12-23 | 2011-06-23 | Sling Media Inc. | Systems and methods for remotely controlling a media server via a network |
| US9178923B2 (en) | 2009-12-23 | 2015-11-03 | Echostar Technologies L.L.C. | Systems and methods for remotely controlling a media server via a network |
| US9275054B2 (en) | 2009-12-28 | 2016-03-01 | Sling Media, Inc. | Systems and methods for searching media content |
| US10097899B2 (en) | 2009-12-28 | 2018-10-09 | Sling Media L.L.C. | Systems and methods for searching media content |
| US20110191811A1 (en)* | 2010-02-02 | 2011-08-04 | Alan Rouse | System and method of mapping customer premise equipment in a vod system of a cable service provider |
| US8646012B2 (en)* | 2010-02-02 | 2014-02-04 | Ericsson Television Inc | System and method of mapping customer premise equipment in a VOD system of a cable service provider |
| TWI510068B (en)* | 2010-06-23 | 2015-11-21 | Sling Media Inc | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| KR101439796B1 (en) | 2010-06-23 | 2014-11-04 | 슬링 미디어 인코퍼레이티드 | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| US20110321079A1 (en)* | 2010-06-23 | 2011-12-29 | Sling Media Inc. | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| CN102986239B (en)* | 2010-06-23 | 2016-01-20 | 斯灵媒体公司 | Systems and methods for authorizing access to network services using information obtained from subscriber devices |
| US9113185B2 (en)* | 2010-06-23 | 2015-08-18 | Sling Media Inc. | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| AU2011271358B2 (en)* | 2010-06-23 | 2014-05-29 | Sling Media L.L.C. | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| CN102986239A (en)* | 2010-06-23 | 2013-03-20 | 斯灵媒体公司 | Systems and methods for authorizing access to network services using information obtained from subscriber equipment |
| US10754945B2 (en) | 2010-09-16 | 2020-08-25 | Uniloc 2017 Llc | Psychographic device fingerprinting |
| US11455390B2 (en) | 2010-09-16 | 2022-09-27 | Uniloc 2017 Llc | Psychographic device fingerprinting |
| US10142337B2 (en) | 2011-09-15 | 2018-11-27 | Uniloc 2017 Llc | Hardware identification through cookies |
| US9571492B2 (en)* | 2011-09-15 | 2017-02-14 | Uniloc Luxembourg S.A. | Hardware identification through cookies |
| US20130167195A1 (en)* | 2011-09-15 | 2013-06-27 | Uniloc Luxembourg S.A. | Hardware identification through cookies |
| US9015236B1 (en)* | 2013-03-13 | 2015-04-21 | Google Inc. | Personalized services using a client-side user model |
| US9549047B1 (en)* | 2013-03-14 | 2017-01-17 | Google Inc. | Initiating a client-side user model |
Also Published As
| Publication number | Publication date |
|---|---|
| US7870219B2 (en) | 2011-01-11 |
| AU2002332116A1 (en) | 2003-04-22 |
| WO2003032610A2 (en) | 2003-04-17 |
| US20090313355A1 (en) | 2009-12-17 |
| WO2003032610A3 (en) | 2003-10-16 |
| US20110093881A1 (en) | 2011-04-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7870219B2 (en) | System method and apparatus for portable digital identity | |
| US6725303B1 (en) | Method and apparatus for establishing a personalized connection with a network | |
| US8209735B2 (en) | Automatic identification of a set-top box user to a network | |
| AU2002242036B2 (en) | Service platform suite management system | |
| US8671440B2 (en) | Personalized interaction using codes | |
| US9294729B2 (en) | System and method for providing content over a television network | |
| US9054991B2 (en) | Managing method and apparatus for servicing contents provided by content provider | |
| EP1135913B1 (en) | Interactive media system | |
| AU2002242036A1 (en) | Service platform suite management system | |
| US20060195583A1 (en) | Method and system for providing information services to a client using a user profile | |
| US8583697B2 (en) | System and method of processing content | |
| Boll | Modular content personalization service architecture for e-commerce applications | |
| Mahmoud et al. | An Agent Enabled System for Personalizing Wireless Mobile Services | |
| Dede et al. | Residential interactive multimedia services: a distributed approach | |
| EP1894407A2 (en) | Method and device for making secure access to multimedia contents | |
| Perälä et al. | Open service platform for pervasive multimedia services development | |
| Sun et al. | Distributed storage manager system for synchronized and scalable AV services across networks | |
| HK1040582B (en) | Interactive media system | |
| CA2358407A1 (en) | Method and system for providing convergent network services | |
| KR980013093A (en) | Multimedia service navigator system and service selection method | |
| HK1224776A1 (en) | Service platform suite management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment | Owner name:LIBERATE TECHNOLOGIES, CALIFORNIA Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MCCORMACK, JONATHAN I.;SRINIVASAN, VENKATACHARY;VASUDEV, HARI;AND OTHERS;REEL/FRAME:012659/0308;SIGNING DATES FROM 20011217 TO 20020214 | |
| AS | Assignment | Owner name:DOUBLE C TECHNOLOGIES, LLC, PENNSYLVANIA Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:LIBERATE TECHNOLOGIES;REEL/FRAME:016415/0967 Effective date:20050405 | |
| AS | Assignment | Owner name:TVWORKS, LLC, PENNSYLVANIA Free format text:CHANGE OF NAME;ASSIGNOR:DOUBLE C TECHNOLOGIES, LLC;REEL/FRAME:016931/0195 Effective date:20050725 | |
| STCB | Information on status: application discontinuation | Free format text:ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |