Abstract: A method for pervasive resource identification includes receiving an authentication request from a first application service. The authentication request requests authentication of a user of a user device. The method includes obtaining device information associated with the user device of the user and generating a unique opaque identifier for the user device based on the device information. The method includes obtaining authentication credentials from the user device. The authentication credentials verify an identity of the user. In response to receiving the authentication credentials from the user device, the method includes generating an authentication token and encoding the unique opaque identifier into the authentication token. The method also includes transmitting the authentication token to the first application service.

Abstract: A method for sharing resource identification includes receiving, at a lookup service, from a first application executing on a particular device associated with a user, a resource identifier (ID) request requesting the lookup service to provide the first application access to a resource ID that identifies the particular device. The method also includes determining, by the lookup service, whether the first application executing on the particular device is authorized to access the resource ID. When the first application is authorized to access the resource ID, the method includes obtaining, by the lookup service, the resource ID and transmitting, by the lookup service, to the first application executing on the particular device, the resource ID.

Abstract: A method for pervasive resource identification includes receiving an authentication request from a first application service. The authentication request requests authentication of a user of a user device. The method includes obtaining device information associated with the user device of the user and generating a unique opaque identifier for the user device based on the device information. The method includes obtaining authentication credentials from the user device. The authentication credentials verify an identity of the user. In response to receiving the authentication credentials from the user device, the method includes generating an authentication token and encoding the unique opaque identifier into the authentication token. The method also includes transmitting the authentication token to the first application service.

Abstract: A method for pervasive resource identification includes receiving an authentication request from a first application service. The authentication request requests authentication of a user of a user device. The method includes obtaining device information associated with the user device of the user and generating a unique opaque identifier for the user device based on the device information. The method includes obtaining authentication credentials from the user device. The authentication credentials verify an identity of the user. In response to receiving the authentication credentials from the user device, the method includes generating an authentication token and encoding the unique opaque identifier into the authentication token. The method also includes transmitting the authentication token to the first application service.

Abstract: A method for sharing resource identification includes receiving, at a lookup service, from a first application executing on a particular device associated with a user, a resource identifier (ID) request requesting the lookup service to provide the first application access to a resource ID that identifies the particular device. The method also includes determining, by the lookup service, whether the first application executing on the particular device is authorized to access the resource ID. When the first application is authorized to access the resource ID, the method includes obtaining, by the lookup service, the resource ID and transmitting, by the lookup service, to the first application executing on the particular device, the resource ID.

Abstract: A method for sharing resource identification includes receiving, at a lookup service, from a first application executing on a particular device associated with a user, a resource identifier (ID) request requesting the lookup service to provide the first application access to a resource ID that identifies the particular device. The method also includes determining, by the lookup service, whether the first application executing on the particular device is authorized to access the resource ID. When the first application is authorized to access the resource ID, the method includes obtaining, by the lookup service, the resource ID and transmitting, by the lookup service, to the first application executing on the particular device, the resource ID.

Abstract: A method for pervasive resource identification includes receiving an authentication request from a first application service. The authentication request requests authentication of a user of a user device. The method includes obtaining device information associated with the user device of the user and generating a unique opaque identifier for the user device based on the device information. The method includes obtaining authentication credentials from the user device. The authentication credentials verify an identity of the user. In response to receiving the authentication credentials from the user device, the method includes generating an authentication token and encoding the unique opaque identifier into the authentication token. The method also includes transmitting the authentication token to the first application service.

Abstract: A method for sharing resource identification includes receiving, at a lookup service, from a first application executing on a particular device associated with a user, a resource identifier (ID) request requesting the lookup service to provide the first application access to a resource ID that identifies the particular device. The method also includes determining, by the lookup service, whether the first application executing on the particular device is authorized to access the resource ID. When the first application is authorized to access the resource ID, the method includes obtaining, by the lookup service, the resource ID and transmitting, by the lookup service, to the first application executing on the particular device, the resource ID.

Abstract: Systems and methods are described for limiting access to digital content based on a privileged access model. In one implementation, a consumer identification is received based on a request by the consumer for content from a first content provider. The content includes a plurality of content portions, with each content portion having an associated minimum privilege level. A privilege level for the consumer is determined, where the privilege level is based at least in part on certain actions of the consumer taken with respect to content previously consumed by the consumer. Content portions can then be provided to the consumer based on the minimum privilege levels of the content portions and the privilege level of the consumer. Additional actions of the consumer can be identified and used to modify the privilege level of the consumer.

Abstract: Described herein are methods and apparatus for providing a reputation-building voluntary digital commerce system. Under this system, a new type of payment referred to herein as a “Compelled Payment” is a voluntary digital payment that contributes to building the consumer's reputation (the “C-Rep”). The C-Rep is, in certain embodiments, a quantity which has one or more attributes that provide a measure of the consumer's stature, in absolute terms or in comparison with others. In a compelled payment system, the consumer's C-Rep may determines significant aspects of the consumer's digital experience such as the speed, variety, currency (i.e. how recent), quality and quantity of digital content, goods or services (i.e. the wares) the consumer is offered or is able to access anywhere in the consumer's digital experience with C-Merchants.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.

Abstract: A data processing system implements push artifact binding for communication in a federated identity system. A federated identity system in the data processing system comprises an initiator that handles a federated action by determining that a user is to be conveyed to a recipient, constructing an appropriate message request or assertion to be sent to the recipient, and sending the message as a push message over a back-channel communication pathway directed to the recipient's location. The federated identity system further comprises a recipient that handles the federated action by responding to the message by forming a Uniform Resource Locator (URL) to which the user can be directed. The initiator redirects the user to the URL specified in the recipient response.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.

Abstract: A data processing system implements push artifact binding for communication in a federated identity system. A federated identity system in the data processing system comprises an initiator that handles a federated action by determining that a user is to be conveyed to a recipient, constructing an appropriate message request or assertion to be sent to the recipient, and sending the message as a push message over a back-channel communication pathway directed to the recipient's location. The federated identity system further comprises a recipient that handles the federated action by responding to the message by forming a Uniform Resource Locator (URL) to which the user can be directed. The initiator redirects the user to the URL specified in the recipient response.

Abstract: A system and method for searching web content and cross-site popularity ranking based on a direct measure of popularity. Rank may be determined based on the number of unique page views, in addition to a number of parameters including, but not limited to, aggregate of all users over all periods of time, search within a particular category or search space, among users or authors or both in a particular geography, and within a particular time interval. The system and method avoids fraudulent determination of cross-site popularity ranking such as inflated popularity.

Abstract: A method and system of a voting on changes to a collaborative web page or topic hierarchy, e.g. a voting-based wiki. Information on a website is created, edited or deleted by end users and then voted upon before being accepted into the site. In the case of a voting based wiki for a topic hierarchy, under the normal course of operation, the topic hierarchy changes such as new topics being added, topics being moved or topics being deleted can be done without manual intervention. This allows free collaboration between all users or qualified users, and does not normally require manual intervention. If a topic is controversial (i.e. has received a number of votes greater than a threshold both for and against it), then it can be adjudicated by a moderator.

Abstract: A local server (202) locally hosts the provision of digital certificate services to a client (102); while a central server (104) provides the actual digital certificate services. The local server (202) transmits (304) a custom entry form (210) to the client (102). In response to the client's (102) use of the custom entry form (210), the client (102) transmits (306) a standard request for digital certificate services to a central server (104), possibly via the local server (202). The central server (104) fulfills (310) the request, generating a standard response. The standard response is transmitted (312) to the local server (202), which generates (314) a custom display of the results contained in the standard response. The custom display is transmitted (316) to the client (102), fulfilling the client's request. Information is provided (320,330), enabling the local server (202) to create (322) appropriate custom entry forms (210) and to generate (314) the custom display from the standard response.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.