Browse Prior Art Database

System and method for enabling activity streams sourced from third party identity authentication providers

IP.com Disclosure Number: IPCOM000180489D
Original Publication Date: 2009-Mar-10
Included in the Prior Art Database: 2009-Mar-10
Document File: 4 page(s) / 49K

Publishing Venue

IBM

Abstract

The ability to share user information and their associated activities between Web applications that leverage third party authentication services, such as OpenID, and content services, such as FriendFeed, Twitter, a personal blog, or a social network is a limitation with current third party authentication services.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 47% of the total text.

Page 1 of 4

System and method for enabling activity streams sourced from third party identity authentication providers

This invention enables applications to automatically and transparently log activity and interactions across the Internet, authorized by an authenticated user thus adding a new dimension to user activity data. Users would be able to aggregate and share decentralized, disparate, and heterogenous activity data streams in ways that can be pivoted, searched, queried, and re-purposed all controlled by the user.

OpenID is a technology that provides a decentralized authentication model for enabling Internet single sign-on (SSO). OpenID provides end users with a single digital identity that they can use across the Web. With OpenID, end users can own an identity without externalizing information they would prefer to protect. One key piece of information that can be protected is their password. However, OpenID has a built in protocol that allows for sharing some pieces of information, controlled by the owner, on a site-by-site basis. Traditionally, the type of information used in OpenID examples is address, email, or phone attributes. Perhaps this limited by cross-cutting commonalities across web applications. OpenID is not limited to just these information examples.

This selective hiding and sharing information, controlled by the user, site-by-site, is one of the key features of Identify 2.0. Figure 1 illustrates key entities in the OpenID authentication architecture:

)

                                                offers the services of registering a user identity and providing OpenID authentication. The relying

     is the Web application that needs to authenticate a user and optionally ask the provider for information about the user. Rather than providing a username and password pair maintained by and unique to the Web application, the user instead uses a single OpenID identifier, normally as a URL (Uniform Resource Locator) or XRI

party

The OpenID Provider (sometimes also referred to as the identity provider

1

[This page contains 1 picture or other non-text object]

Page 2 of 4

(eXtensible Resource Identifier), to access a site. The relying party redirects the users Web browser to the provider's authentication scheme along with an optional request for additional information. The user then authenticates at the OpenID provider, and the provider redirects the browser back to the relying party Web application with a token indicating authentication is successful.

There exist many new social technologies across the Internet that allow users to produce and host content. Perhaps the most popular is blogging. Blog implementations provide standards and technology to publish episodic content. There are several competing protocol technologies for submitting a blog post. AtomPub, XML-RPC, and metaWebBlog are among the more popular specifications.

Gnip is a new service that off...