(12) United States Patent
`Chaganti et al.
`
`(54) ONLINE REPOSITORY FOR PERSONAL
`INFORMATION
`
`(*) Notice:
`
`7
`
`(75) Inventors: Naren Chaganti, McLean, VA (US);
`Sitapathi Rao Chaganti, McLean, VA
`(US); Damayanti Chaganti, McLean,
`VA (US)
`ti
`C
`P
`Soft
`(73) Assi
`signee: Pennar Solware uorporation,
`Alexandria, VA (US)
`Subject to any disclaimer, the term of this
`p lSh G. adjusted under 35
`a --
`y
`yS.
`(21) Appl. No.: 09/478,796
`(22) Filed:
`Jan. 7, 2000
`(51) Int. Cl." .......................... H04L 9/32; G06F 15/177
`(52) U.S. Cl. ....................... 713/166; 13,657,319.
`713/201; 707/9; 709/225
`(58) Field of Search ................................. 713/165-167,
`713/170, 200-202; 70'''',".
`Ref
`Cited s as
`s
`CS
`
`(56)
`
`U.S. PATENT DOCUMENTS
`
`7/1983 Stambler
`RE31,302 E
`9/1990 Smith ............................ 707/9
`4.956,769 A
`5,144,557 A * 9/1992 Wang et al. ...
`... 707/9
`5,241,466 A * 8/1993 Perry et al. .................... 705/1
`5,267,314. A 11/1993 Stambler
`5,276,901. A * 1/1994 Howell et al. ................. 707/9
`5,428,778 A 6/1995 Brookes
`5,524,073. A 6/1996 Stambler
`5,555,303 A 9/1996 Stambler
`5,621,727 A
`4/1997 Vaudreuil .................... 370/60
`5,644,711 A * 7/1997 Murphy ...................... 713/201
`5,646,998. A
`7/1997 Stambler
`5,710,578 A * 1/1998 Beauregard et al. ........ 345/429
`5,793,302 A
`8/1998 Stambler
`5.936,541. A 8/1999 Stambler
`5.974,148 A 10/1999 Stambler
`6,005,939 A * 12/1999 Fortenberry et al. .......... 705/76
`
`USOO6845448B1
`(10) Patent No.:
`US 6,845,448 B1
`(45) Date of Patent:
`Jan. 18, 2005
`
`s
`
`s
`
`s
`
`s
`
`s
`
`6/2000 Rozen et al. ............... 707/9 X
`6,073,106 A
`6,148,342 A 11/2000 Ho ...................
`... 709/225
`6,321,334 B1
`11/2001 Jerger et al. ................ 713/200
`OTHER PUBLICATIONS
`Moozakis, Chuck “Internet Printing Takes Hold' dated Sep.
`29, 1998, online article, Retrieved from the Internet on Aug.
`10, 2000, URL:http://www.internetwork.com/news0998/
`news092998-1.htm.
`Rolf Blom, Mats Näslund, and Goran Selander, Object
`stily and Personal Information Management, Apr. 27,
`Kelso, “Final Report on the National Integration Resource
`Center Task Force- The Lisle Report,” Apr. 19, 1999,
`retrieved on Sep. 14, 2000 from http://www.ojp.usdoj.gob/
`integratedjustice/hsle-fn.h
`Integrated uStice/hSle-in.htm.
`Kendall, et al., “Privacy Impact ASSessment for Justice
`Information Systems,” Working Paper, Draft, Jul. 5, 2000
`retrieved on Sep. 14, 2000 from http://www.ojp.usdoj.gov/
`integratediustice/piajis.htm, pp. 30–31.
`Gardner, “Office of Justice Programs, Integrated Justice
`Privacy Initiative,” Apr. 12, 2000, retrieved on Sep. 14, 2000
`from http://www.ojp.usdoj.gov/integratediustice/bp3.htm.
`(List continued on next page.)
`Primary Examiner Justin T. Darrow
`(57)
`ABSTRACT
`Method and System for gathering, Storing personal informa
`tion on a Server computer and releasing Such information to
`authorized requesters. Several types of information are
`Stored for release to different entities with appropriate autho
`rization. Any modifications or updates are automatically
`notified to any authorized requesters. The requester option
`ally provides information about to whom and where to
`notify changes or updates. Such change or update notifica
`tion is made by Sending a notification to an electronic
`mailbox. A frequent unauthorized requester of information is
`tagged as "junk' requester, to whom no further information
`will be released.
`
`3 Claims, 4 Drawing Sheets
`
`
`
`DATABASE INTERFACEMODULEEXECUTES
`AQUERYMADEBYTHEREQUESTOR
`STATSTICALORREPORTING FUNCTIONS
`AREOPTIONAYEXECUTED
`
`222
`
`RETREYED INFORMATIONSSENTSECURELY
`TRANSMITTED TOTHEREQUESTORREQUESTOR h-224
`SCHARGEDAFEE
`
`USERCHANGES ARENOTIFIED TO ANY
`ENTITESDESIGNATED BY THE USER
`
`ANAUDITTRAL OFALACCESSESS
`MANTANEDANDRECORDEON
`THEDATAEASE
`
`226
`
`228
`
`Instacart, Ex. 1044
`
`1
`
`

`

`US 6,845.448 B1
`Page 2
`
`OTHER PUBLICATIONS
`
`Cavoukian, et al., “Privacy Design Principles for an Inte
`grated Justice System,” Working Paper, Apr. 5, 2000,
`retrieved on Sep. 14, 2000 from http://www.ojp.usdoj.gov/
`integratediustice/pdpapril.htm.
`J. Michael Murphy, “Privacy Protection-A New Begin
`ning?” 21st International Conference on Privacy and Per
`sonal Data Protection, Sep. 13-14, 1999, retrieved on Sep.
`14, 2000 from http://www.pco.org.hk/conproceed.html.
`Ann Cavoukian, “Privacy and Biometrics,” 21st Interna
`tional Conference on Privacy and Personal Data Protection,
`Sep. 13–14, 1999, retrieved on Sep. 14, 2000 from http://
`www.pco.org.hk/conproceed.html.
`Lorrie Faith Cranor, “Agents of Choice: Tools That Facili
`tate Notice and Choice About Web Site Data Practices,” 21st
`International Conference on Privacy and Personal Data
`Protection, Sep. 13–14, 1999, retrieved on Sep. 14, 2000
`from http://www.pco.org.hk/conproceed.html.
`Austin Hill, “The Privacy Risks of Public Key Infrastruc
`tures, 21st International Conference on Privacy and Personal
`Data Protection”, Sep. 13-14, 1999, retrieved on Sep. 14,
`2000 from http://www.pco.org.hk/conproceed.html.
`Armgard Von Reden, Data Protection Activities in the
`Private Sector, 21st International Conference on Privacy and
`Personal Data Protection, Sep. 13-14, 1999, retrieved on
`Sep. 14, 2000 from http://www.pco.org.hk/conproceed.html.
`Nigel Waters, “Re-Thinking Information Privacy-AThird
`Way in Data Protection?”, 21st International Conference on
`Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`Hansjuergen Garstka, “The International Working Group on
`Data Protection in Telecommunications: Common Positions
`Adopted on Selected Emerging Global Issues,” 21st Inter
`national Conference on Privacy and Personal Data Protec
`tion, Sep. 13-14, 1999, retrieved on Sep. 14, 2000 from
`http://www.pco.org.hk/conproceed.html.
`Deborah Hurley, “A Whole World in One Glance: Privacy as
`a Key Enabler of Individual Participation in Democratic
`Governance”, 21st International Conference on Privacy and
`Personal Data Protection, Sep. 13-14, 1999, retrieved on
`Sep. 14, 2000 from http://www.pco.org.hk/conproceed.html.
`Robert Gellman, “Public Registers and Privacy: Conflicts
`with Other Values and Interests,” 21st International Confer
`ence on Privacy and Personal Data Protection, Sep. 13-14,
`1999, retrieved on Sep. 14, 2000 from http://www.pco
`.org.hk/conproceed.html.
`Blair Stewart, “Five Strategies for Addressing Public Reg
`ister Privacy Problems,” 21st International Conference on
`Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`David Banisar, “Privacy and Data Protection Around the
`World,” 21st International Conference on Privacy and Per
`sonal Data Protection, Sep. 13-14, 1999, retrieved on Sep.
`14, 2000 from http://www.pco.org.hk/conproceed.html.
`Alfred Bullesbach, “Data Protection and Privacy at a Global
`Enterprise,” 21st International Conference on Privacy and
`Personal Data Protection, Sep. 13-14, 1999, retrieved on
`Sep. 14, 2000 from http://www.pco.org.hk/conproceed.html.
`
`Anne Carblanc, “Activities of the OECD-1997–2000–
`Global Privacy Protection Builds Trust in Electronic Com
`merce Global Networks', 21st International Conference on
`Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`Philip E. Agre, “Imagining Surveillance: Notes on 1984 and
`Enemy of the State,” 21st International Conference on
`Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`Roger Clarke, “Person-Location and Person-Tracking:
`Technologies, Risks and Policy Implications,” 21st Interna
`tional Conference on Privacy and Personal Data Protection,
`Sep. 13–14, 1999, retrieved on Sep. 14, 2000 from http://
`www.pco.org.hk/conproceed.html.
`Simon Davies, “Big Brother at the Box Office-Electronic
`Visual Surveillance and the Big Screen,” 21st International
`Conference on Privacy and Personal Data Protection, Sep.
`13–14, 1999, retrieved on Sep. 14, 2000 from http://www.
`pco.org.hk/conproceed.html.
`Paul, F. Kendall, “Gathering, Analysis and Sharing of Crimi
`nal Justice Information by Justice Agenices: The Need for
`Principles of Responsible Use,” 21st International Confer
`ence on Privacy and Personal Data Protection, Sep. 13-14,
`1999, retrieved on Sep. 14, 2000 from http://www.pco.
`org.hk/conproceed.html.
`Souheil El Zein, “Reconciling Data Protection Regulations
`with the Requirements of Judicial and Police Co-operation,”
`21st International Conference on Privacy and Personal Data
`Protection, Sep. 13–14, 1999, retrieved on Sep. 14, 2000
`from http://www.pco.org.hk/conproceed.html.
`Bart De Schutter, International Police Co-operation and
`Privacy Protection, 21st International Conference on Pri
`vacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`David H. Flaherty, “Balancing Open Government and Pri
`vacy Protection,” 21st International Conference on Privacy
`and Personal Data Protection, Sep. 13-14, 1999, rerieved on
`Sep. 14, 2000 from http://www.pco.org.hk/conproceed.html.
`Michel Gentot, "Access to Information and Protection of
`Personal Data,” 21st International Conference on Privacy
`and Personal Data Protection, Sep. 13-14, 1999, retrieved
`on Sep. 14, 2000 from http://www.pco.org.hk/conproc
`eed.html.
`Bruno Baeriswyl and Peter Heinzmann, “Privacy Audits
`with External Experts-Cooperation or Attack?", 21st Inter
`national Conference on Privacy and Personal Data Protec
`tion, Sep. 13-14, 1999, retrieved on Sep. 14, 2000 from
`http://www.pco.org.hk/conproceed.html.
`Stephen Wolley, “Data Security and Privacy Audits Adding
`Value to the Organisation,” 21st-International Conference
`on Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`David Flaherty, “How to Do a Privacy and Freedom of
`Information Act Site Visit,” 21st International Conference
`on Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`
`2
`
`

`

`US 6,845.448 B1
`Page 3
`
`Jane Elizabeth Kirtley, “Privacy and the News Media-A
`Question of Trust, or of Control,” 21st International Con
`ference on Privacy and Personal Data Protection, Sep.
`13–14, 1999, retrieved on Sep. 14, 2000 from http://www.
`pco.org.hk/conproceed.html.
`Raymond Wacks, “Privacy Reconceived: Personal Informa
`tion and Free Speech,” 21st International Conference on
`Privacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`Pamela W.S. Chan, “Consumer Rights and Electronic Com
`merce,” 21st International Conference on Privacy and Per
`sonal Data Protection, Sep. 13-14, 1999, retrieved on Sep.
`14, 2000 from http://www.pco.org.hk/conproceed.html.
`Alan Westin, “Consumers, E-Commerce, and Privacy: US,
`UK and Germany,” 21st International Conference on Pri
`vacy and Personal Data Protection, Sep. 13-14, 1999,
`retrieved on Sep. 14, 2000 from http://www.pco.org.hk/
`conproceed.html.
`
`Jon Bing, “Data Protection, Jurisdiction and the Choice of
`Law,” 21st International Conference on Privacy and Per
`sonal Data Protection, Sep. 13-14, 1999, retrieved on Sep.
`14, 2000 from http://www.pco.org.hk/conproceed.html.
`Graham Greenleaf, “IP, Phone-Home ECMS, C-tech, and
`Protecting Privacy Against Surveillance by Digital Works,”
`21st International Conference on Privacy and Personal Data
`Protection, Sep. 13–14, 1999, retrieved on Sep. 14, 2000
`from http://www.pco.org.hk/conproceed.html.
`Privacy Commissioner's Office-What's New, retrieved on
`Sep. 14, 2000 from http://www.pco.org.hk/old press.html,
`pp. 1-3.
`Naren Chaganti, “Integrating Electronic Message Handling
`Systems with Databases: A Security Perspective', Masters
`Thesis, May 1992, The University of Texas at Arlington,
`Arlington, TX.
`
`* cited by examiner
`
`3
`
`

`

`U.S. Patent
`
`Jan. 18, 2005
`
`Sheet 1 of 4
`
`US 6,845,448 B1
`
`USER
`COMPUTER
`
`104
`
`108
`
`
`
`C d
`DATABASE
`
`
`
`REQUESTER
`
`
`
`REQUESTER
`COMPUTER
`
`
`
`
`
`
`
`
`
`
`
`
`
`OO
`
`N
`
`SERVER COMPUTER
`SECURITYMODULE
`20
`DATABASE INTERFACE
`MODULE
`|STATSTCSMODULE
`
`130
`40
`
`O
`
`ce
`PROGRAMS
`O7
`
`6
`REPORT GENERATION
`18 MODULE
`OTHERMODULESOPERATING
`SYSTEM.COMMUNICATIONLAYERS
`
`50
`
`Aig. 1
`
`4
`
`

`

`U.S. Patent
`
`Jan. 18, 2005
`
`Sheet 2 of 4
`
`US 6,845,448 B1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`INTIALIZATIONBYA
`PERSONAL INFORMATION
`REPOSITORY SERVICE PROVIDER
`|PIRSP)
`
`200
`
`AUSERACCESSES THE PRSP
`WEBSITE PRSPSERVERCOMPUTER
`ESTABLISHES ASECURECONNECTION
`WITH THE USERS COMPUTER
`
`
`
`USERESTABLISHES ANACCOUNT
`WITH THESERVER COMPUTER
`
`204
`
`USERISASSIGNED ANACCOUNT
`NUMBER WHICH ISSTORED BY
`THESERVER COMPUTERN
`THEDATABASE
`
`USERACCESSISRECORDED IN
`THEDATABASEFOR AUDITTRAL
`
`208
`
`USERENTERS PERSONAL INFORMATION
`AND OPTIONALLYELECTSAPAYMENT
`PAN
`
`fig. 2a
`
`5
`
`

`

`U.S. Patent
`
`Jan. 18, 2005
`
`Sheet 3 of 4
`
`US 6,845,448 B1
`
`
`
`DATABASENTERFACEMODULEEXECUTES
`A QUERYMADEBYTHEREQUESTOR
`STATISTICALORREPORTING FUNCTIONS
`AREOPTIONALLY EXECUTED
`
`RETRIEVED INFORMATIONSSENTSECURELY
`TRANSMITTED TO THEREQUESTOR REQUESTOR
`SCHARGEDAFEE
`
`USERCHANGES ARENOTIFIED TO ANY
`ENTITIES DESIGNATED BY THE USER
`
`ANAUDITTRAL OFALLACCESSESS
`MANTAINED ANDRECORDED IN
`THEDATAEASE
`
`Aig. 2b
`
`222
`
`224
`
`226
`
`228
`
`6
`
`

`

`U.S. Patent
`
`Jan. 18, 2005
`
`Sheet 4 of 4
`
`US 6,845,448 B1
`
`
`
`ACCOUNTSETUP
`
`? 800
`
`SUBMT
`
`30
`
`Fig. 3
`
`7
`
`

`

`1
`ONLINE REPOSITORY FOR PERSONAL
`INFORMATION
`
`US 6,845,448 B1
`
`FIELD OF THE INVENTION
`This invention is related in general to electronic informa
`tion repositories, and in particular, to a System and method
`for gathering, Storing and disbursing personal information to
`authorized entities via a communication network.
`
`25
`
`BACKGROUND
`Entities that do businesses on the Internet frequently
`request visitors to their sites to fill out forms with demo
`graphic and other information. Web sites such as the New
`15
`York Times web site that provide free access to news, sites
`such as the Adobe Corporation web site that provide free
`downloadable Software, Sites that provide free magazine
`Subscriptions, Sites that provide free or paid Services Such as
`a free e-mail account, free Internet access, and Similar
`others, ask a user to fill out a form that includes a user name,
`contact information, and the like. In Some cases the forms
`are So lengthy that repeated requests for Such information
`cause an annoyance to a user, who would rather get the
`information or download the Software than take the time to
`fill out a lengthy form. The providers of these forms,
`however, would like to have as much information about the
`user as possible, So that they could obtain a profile of the
`type of perSons that are interested in their products or
`services. It would be useful to both the user and the provider
`if the user can Store all his information at a single location
`and authorize the release of Such information to any person
`or entity.
`Some other examples of entities that request Such per
`Sonal information include credit Verification agencies acting
`on behalf of lenders, utility companies, landlords and the
`like, and information gathering entities Such as health insur
`ance companies, doctors/dentists offices, consumer or
`product Surveys, and magazine Subscriptions.
`40
`With the ubiquity of the public computer networks, com
`monly known as the Internet or the web, a new way of
`disseminating personal information has become possible.
`The meteoric rise of the Internet has enabled it to become a
`key application development platform. Notwithstanding the
`availability of these information networks, there is currently
`no method whereby a user can enter and Store his personal
`information at a single location and Selectively authorize it
`to be distributed to a number of entities. Therefore, there is
`a need for Such as System and method.
`Additionally, there is no method whereby the user can
`update or make changes to the personal information Stored
`at the Single location-whether it is a Single Server computer
`or a collection of Server computers comprising a distributed
`System-and cause the changes to be distributed to all
`perSons or entities that need to be notified. Accordingly,
`there is a need for Such a System and method.
`Further, there is a need for a System, which allows a
`classification of information according to a Security or other
`hierarchical class structure, and provide the classified infor
`mation to only those entities that have a need to know or are
`authorized by a person who owns the information.
`Moreover, there is a need for blocking unauthorized acceSS
`to Such personal information, while allowing access by
`authorized perSons with ease.
`Old methods of collecting and disbursing personal credit
`information required credit reporting agencies to gather and
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`disburse information about individuals and companies, and
`to disburse this information to entities that request Such
`information. In general, Such disbursement is performed
`after an individual authorizes the release of Such informa
`tion. While these companies gather credit information from
`Several Sources, they often provide incomplete or inaccurate
`information that is not verified by the user until a later date.
`Additionally, routine form-filling, designating personal pref
`erences Such as the user's likes and dislikes, providing
`finger-print, retina Scan, DNA sequences and other biometric
`information for later use, or responding to a Survey or a
`health questionnaire is not performed by these credit report
`ing agencies. These problems with the existing methods can
`be alleviated by the presented invention as described in the
`following.
`
`SUMMARY
`The present invention is directed toward a method and
`System for gathering, Storing personal information on a
`Server computer and releasing Such information to autho
`rized requesters. Several types of information are Stored for
`release to different entities with appropriate authorization.
`In one aspect, the present invention is directed toward a
`method of for automatically disbursing personal information
`belonging to a user to a requester that is authorized by the
`user by transmitting Said personal information from a Server
`computer operated by a Service provider, Said Server com
`puter coupled to a database, the method comprising the Steps
`of establishing an account for the user with the Server
`computer; assigning an identifier to the user, entering per
`Sonal information belonging to the user, Said personal infor
`mation comprising at least one of a plurality of information
`objects, assigning at least one of a plurality of Security levels
`to each information object, Storing in the database the user
`identifier, the information object and the security level
`assigned to the information object, receiving a request
`message from the requester, Said request message compris
`ing at least the user identifier; retrieving from the database
`the information object pertaining to the user identifier;
`Securely transmitting the information object to the requester.
`In a further aspect, the invention comprises the Steps of
`presenting an authorization by the requester; and Verifying
`the requester's authorization.
`Further, any modifications, updates, or changes are auto
`matically notified to any authorized requesters. The
`requester optionally provides information about to whom
`and where to notify changes, Such as address changes. Such
`change notification can be made by Sending a notification to
`an electronic mail box. In a preferred embodiment, a fre
`quent unauthorized requester of information can be tagged
`as “junk” requester, to whom no further information will be
`released.
`BRIEF DESCRIPTION OF THE DRAWINGS
`These and other objects, features and advantages of the
`present invention will be more readily understood in the
`following detailed description of the preferred embodiments
`and the appended claims with a reference to the drawings,
`where like numbers indicate like parts in the Several views
`shown, and in which:
`FIG. 1 depicts an architecture comprising a server com
`puter 100, a user computer 104 and a requester computer
`106 communicatively coupled to a communication network
`102;
`FIG. 2 is a flow chart of steps included in a preferred
`FIG. 3 is an illustrative web page for a user enrollment.
`embodiment; and
`
`8
`
`

`

`3
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`Referring to FIG. 1, a server computer 100 configured in
`accordance with the principles of the present invention is
`communicatively coupled to a communication network 102
`Such as the Internet. Also coupled to the communication
`network 102 are user 103 operating a user computer 104 and
`a requester 105 operating a requester computer 106.
`The server computer 100 illustratively comprises a micro
`processor Such as a Compaq(R) Alpha" microprocessor, a
`disk drive, a memory Such as a Semiconductor memory, and
`runs an operating system such as Windows-NTTM or Linux.
`The server computer 100 is additionally equipped with a
`data communications device Such as a 3-COMTM network
`card to connect to the to network 102. In general, the
`connection to the network 102 can be established via an
`Internet Service Provider (ISP) or a direct connection. In a
`preferred embodiment, the server computer 100 is connected
`to the network 102 via a high-speed connection Such as
`Digital Subscriber Line.
`The server computer 100 is configured to function as a
`Web Server. The Web Server is typically general-purpose
`computer Such as the Server computer running Software to
`interface with the Internet using Sockets. Commercial Sup
`pliers such as Netscape(R) Corporation of Sunnyvale, Calif.
`make available Such web server Software. Additionally, Such
`Web Server Software can also be downloaded and configured
`free of charge from Some Sources Such as Apache.
`Additional programs Such as Common Gateway Interface
`(CGI) programs 107 reside on the server computer. The CGI
`programs 106 provide for communication and interaction
`between a user computer 104 and the server computer 100
`via the network 102. These CGI programs 107, coupled with
`data communications Software programs, are configured to
`receive packets of messages from computers connected to
`the network 102, decipher the information in the packets,
`and act according to instructions provided in the packets
`within the constraints imposed by an administrator manag
`ing the server computer 100.
`In addition to performing the tasks of receiving and
`Sending packets of data from and to the computers con
`nected to the Internet, the CGI programs 107 are configured
`to perform other tasks Such as communicate with a database
`108 coupled to the server computer 100, and extract or store
`information in the database 108 according to the software
`instructions provided within the server computer 100 or in
`the packets received from the network 102. Persons skilled
`in the art can program these CGI programs 107 using
`programming tools and languages Such as C, C++, the JavaE)
`programming language, Perl and shell Scripts.
`In an embodiment of the invention, the database 108
`comprises a relational database management System,
`preferably, but not necessarily, with Software code to enable
`Java Database Connectivity. Examples of Such products
`include those marketed by the Oracle Corporation of
`Sunnyvale, Calif. It should additionally be noted that in an
`alternative embodiment the database 108 is not needed, or it
`could comprise Software programs executing on the Server
`computer 100.
`The server computer 100 is configured to receive request
`messages from the user computer 104 over the internet in the
`HyperText Transfer Protocol (HFTP), File Transfer Protocol
`(FrP) or any similar protocol used to transfer data, Video,
`Voice or a combination of these media. After analyzing the
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 6,845,448 B1
`
`4
`request messages, the Server computer 100 is configured to
`transmit in response messages that include “web pages” that
`are programmed in HyperText Markup Language (HTML)
`or a similar language.
`Embedded in these web pages are components Such as
`documents, Scripts, objects, and frames that are configured
`to display colorful graphical images on a display device
`coupled to the user computer 104. Persons skilled in the art
`know how to make web pages using programming lan
`guages or tools such as HTML, ColdFusionTM, Java(R), Java
`ScripTM, Active Server PagesTM, Dynamic HTML, the vari
`ous markup languages Such as Extensible Markup Language
`(XML), and similar others.
`The user computer 104 is equipped with suitable devices
`and programs to connect to the network 102. In alternative
`embodiments, the user computer 104 is other device capable
`of establishing a communication in conjunction with other
`Similar or dissimilar devices over a communication network
`such as the network 102. Examples of other commercially
`available digital interactive devices that are contemplated to
`function in place of the user computer 104 include a
`telephone, a WebTVTM device marketed by Microsoft Cor
`poration of Redmond, Wash.; a Palm Pilot'TM device mar
`keted by 3-COM Corporation of Santa Clara, Calif., or other
`Similar device; the device used in conjunction with the
`Wireless WebTM service from the Sprint Corporation of
`Westwood, Kans.; or a Wireless Access Protocol (WAP)-
`enabled device such as the device marketed by GDMotion
`.com used in conjunction with Wireless Internet service
`provided by companies Such as Phone.com and Supported by
`protocols such as Wireless Markup Language, Mobile Phone
`Markup Language. Such compatible wireless handset
`devices are manufactured by Nokia, Motorola, EricSSon, and
`other companies.
`In one embodiment, the user computer 104 is a digital
`interactive device Such as a personal computer comprising a
`processor Similar to a Pentium-IIIE microprocessor, a dis
`play device Such as a flat panel display or a CRT, a memory
`Such as Semiconductor memory, a Storage device Such as a
`disk drive, an input device Such as a keyboard, and a
`pointing device Such as a mouse. In other embodiments,
`there could be provided a microphone or other Speech input
`device and a voice or Speech recognizer coupled to the user
`computer 104, whereupon a user 103 could provide input to
`the user computer 104 using spoken word commands.
`Currently, Several commercial products are available
`either hardware or Software or a combination of both-that
`uS could be configured to perform Speech or Voice recogni
`tion of Spoken words to perform Several navigational func
`tions with respect to the web. An example is the product
`Dragon Dictate TM marketed by Dragon Systems, Inc. of
`Newton, Mass. In the following, the word “selection”
`includes clicking a mouse or other pointing device coupled
`to the user computer 104 at least once; typing at least one
`character on a keyboard; allowing for a timer to expire;
`Speaking at least one voice command into a microphone
`coupled to the user computer 104; or touching at least one
`area on a touch-Sensitive Screen and other equivalent meth
`ods.
`In the embodiments described below, a user 103 can
`navigate the network 102 using either a graphical or a
`text-based navigational Software. Additionally, in a pre
`ferred embodiment, the user computer 104 is configured to
`navigate the network 102 via a browser such as Internet
`ExplorerTM marketed by Microsoft Corporation of
`Redmond, Wash. OperaTM, available at is a browser config
`ured to enable viewing XML documents. Other browsers
`
`9
`
`

`

`S
`Such as virtual reality browsers can be used to obtain a
`three-dimensional experience of the network 102. An
`example of a text-based browser can be found in the
`Software program Lynx, which is available free of charge.
`The requester computer 106 comprises a processor Such
`as a Pentium(E) microprocessor, a memory Such as Semicon
`ductor memory, a storage device Such as a hard drive, and
`optionally, a display device such as a CRT or an LCD
`display, a communications interface device Such as a net
`work card to enable connection to the network 102 either
`directly or via a Service Provider. In alternative
`embodiments, the requester computer 106 could be a Java TM
`Chip bled terminal device Such as a printer directly coupled
`to the Internet using a protocol Such as the Internet Printing
`Protocol, so that information objects could be directly down
`loaded and printed on the printer upon transmission by the
`server computer 100. Preferably, in such cases, thesis
`equipped in the requester computer 106 additional Software
`Such as handshake protocol Software to ensure a safe deliv
`ery of information objects.
`In a preferred embodiment, the invention described herein
`is implemented principally on the server computer 100 and
`the user 103 interacts with the server computer 100 via a
`browser program executing on the user computer 104.
`Similarly, the requester 105 also interacts with the server
`computer 100 via the requester computer 106.
`I. Gathering, Updating and Storing Personal
`Information
`Referring to FIG. 2, the steps included in a preferred
`embodiment of the invented System are described. During an
`initialization step (step 200), in a preferred embodiment, a
`Personal Information Repository Service Provider (PIRSP)
`operates the server computer 100. In alternative
`embodiments, there is no Service provider Such as the
`PIRSP; and there are other methods of providing such
`Service, Such as establishing a personal web site for each
`user 103, Said personal web site comprising information that
`can be accessed only by an authorized requester 105 in a
`Secure manner; establishing a personal database coupled
`either directly to the Internet or accessible via the Internet or
`other communication network, or retrieving information
`Stored elsewhere manually or in an automatic fashion.
`Preferably, the PIRSP makes it known to a user 103 that
`it provides a trusted information repository Service. In
`preferred and alternative embodiments, the PIRSP
`45
`announces that its Services are available free, or for a fee,
`and in the latter case, the fee is calculated based on a per
`transaction basis, or on a Subscription basis, either from
`users that Store information or from entities that request Such
`information. Other embodiments comprise direct or Vicari
`ous payment methods for utilizing the Services provided by
`the PIRSP. These payment methods include an agreement
`between the PIRSP and the user 103 to generate additional
`or alternative sources of revenue for the PIRSP via
`advertisements, referrals, introductions, chain marketing
`methods and the like.
`In this application, any piece of information, however
`Small in granularity or however agglomerated, is referred to
`as an “information object.” Information objects can be
`implemented in an object-oriented manner; for example,
`each tuple or a field could be implemented as an object, a
`data Structure or in any other manner known to perSons
`skilled in the art.
`Configuring the Database
`In a preferred embodiment, the database 108 is a distrib
`uted database comprising several components (not shown)
`
`25
`
`35
`
`40
`
`50
`
`55
`
`60
`
`65
`
`US 6,845,448 B1
`
`15
`
`6
`Such as transaction manager, concurrency controller,
`memory manager, or a query optimizer. The database 108 is
`distributed over a large geographical area at Several nodes,
`preferably by partitioning the tables and/or the tuples in each
`node according to the needs of either the requesters or of the
`users. The tables or the tuples can be partitioned either
`Vertically or horizontally to enable fast and easy local
`access. In alternative embodiments, the database 108 is
`located at a single place.
`In the following, a relational database model comprising
`Sets of tuples, meta-data definitions for the tuples, and for
`other parts of the database organizational Schema are
`described. It should be noted, however, that while a rela
`tional database model is described in the preferred
`embodiment, in alternative embodiments other methods of
`data definition, which are known to perSons skilled in the art,
`are used. Preferably, the database 108 is configured to
`compri