How to Verify Anonymous Users Using Third-Party Identity Services
A method for a system to identify and authorize a user it doesn't know by asking a different, trusted service that already has the user's information.
Original patent title: “Using identity/resource profile and directory enablers to support identity management”
A method for a system to identify and authorize a user it doesn't know by asking a different, trusted service that already has the user's information. Granted to Oracle International Corp in 2014 with 23 claims and 39 forward citations.
Key facts
Coverage
What does this patent actually cover?
This patent describes a way for a computer system (the profile enabler) to handle a request from a user it does not recognize. Instead of rejecting the user, the system contacts a directory enabler to find a third-party service that actually knows who the user is. The directory enabler selects an appropriate service based on the user's request, and the profile enabler then asks that service to authenticate the user. Once authenticated, the third-party service provides an identity result, such as a security token or an attribute, allowing the original system to grant or deny access to a resource.
The gap
What does this patent NOT cover?
- Does not cover systems where the profile enabler already has the user's credentials.
- Does not cover direct authentication where the user logs in directly to the primary system.
- Does not cover scenarios where no third-party service can be identified to verify the user.
- Does not cover the specific encryption algorithms used to secure the identity tokens.
These exclusions are unique to PatentBrief — derived from the actual claim language, not patent-office boilerplate.
What made this novel
The system treats the 'anonymous' user as a routing problem: by using a directory enabler to match an unknown user to a known provider, it creates a bridge between isolated identity silos.
Schematic visualization of the patent's claim structure. Hand-drawn diagrams in progress for each landmark patent.
Where you've seen this
Real-world examples
OAuth 2.0 and OpenID Connect workflows
Single Sign-On (SSO) portals
Cross-domain identity federation
Why it matters
The bigger picture
This technology is foundational for modern federated identity management, such as 'Log in with Google' or 'Sign in with Apple.' It allows different organizations to share trust, enabling users to access resources across the internet without creating a new account for every single service they encounter.
Filed
January 11, 2006
Granted
April 1, 2014
Market context
Who's building on this
Companies in this space
Major cloud identity providers like Oracle, Microsoft (Azure AD), and Okta build on these concepts of identity federation. These companies maintain the directory-like services that act as the 'trusted authority' for verifying users across disparate platforms.
Market impact
This approach helped standardize how the internet handles user identity, moving away from local password databases toward centralized, federated trust. It enabled the growth of the modern 'app economy' by allowing developers to outsource the complex and risky task of user authentication to established identity providers.
Claim 1 — Plain English
What this patent covers
This patent describes a way for a computer system (the profile enabler) to handle a request from a user it does not recognize. Instead of rejecting the user, the system contacts a directory enabler to find a third-party service that actually knows who the user is. The directory enabler selects an appropriate service based on the user's request, and the profile enabler then asks that service to authenticate the user. Once authenticated, the third-party service provides an identity result, such as a security token or an attribute, allowing the original system to grant or deny access to a resource.
The clever bit
The system treats the 'anonymous' user as a routing problem: by using a directory enabler to match an unknown user to a known provider, it creates a bridge between isolated identity silos.
What it does not cover
- Does not cover systems where the profile enabler already has the user's credentials.
- Does not cover direct authentication where the user logs in directly to the primary system.
- Does not cover scenarios where no third-party service can be identified to verify the user.
- Does not cover the specific encryption algorithms used to secure the identity tokens.
Patent timeline
Application submitted to the patent office
Application published, typically 18 months after filing
Patent officially issued
PatentBrief Score
Impact Score
Strong
Citation count
32/40
Moderately cited
Claim breadth
15/20
Broad claimsclaimsThe numbered statements at the end of a patent that legally define what the inventor owns.Read more →
Recency
5/20
Granted 10–20 years ago
Assignee scale
20/20
Major company or institution
PatentBrief Impact Score — based on citation count, claim breadth, recency, and assignee scale. Not a legal assessment.
Heuristic Value Estimate
What this patent might be worth
$31K – $98K
Midpoint $61K · expired or expiring · industry ×1.4
Heuristic only — blends forward/backward citation counts, claim scope, time remaining, litigation history, and CPC-derived industry baseline. Real valuations need a professional appraisal.
The original legal language
Original claims
23 claims as filed with the patent office.
Concepts involved
Citations
Patent lineage
Cite this patent
Maes, S. H. (2014). How to Verify Anonymous Users Using Third-Party Identity Services (U.S. Patent No. 8,688,813). U.S. Patent and Trademark Office. https://patentbrief.org/patent/us/8688813/kindle-fire-tablet
Auto-generated from the patent record. Double-check author order and the issue date against the official USPTO document before submitting.
Embed
Add this patent to your site
Drop this plain-English patent card into any blog post or article — free, no signup. It always links back to the full breakdown here.
<div data-patentlens-widget data-patent-number="US8688813"></div> <script src="https://patentbrief.org/embed.js" async></script>
Stay in the loop
Get a weekly digest of new patents.
One email per week. No spam. Unsubscribe anytime.
Keep exploring
Related patents you should know
US 4683195 · 1987
How to Make Billions of Copies of a DNA Segment
This patent describes the Polymerase Chain Reaction (PCR), a method to rapidly create many copies of a specific piece of DNA or RNA, enabling its detection and analysis.
Cetus Corp
US 8697359 · 2014
How to Edit Genes in Human Cells Using an Engineered CRISPR System
This patent describes an engineered CRISPR-Cas9 system for precisely cutting DNA in eukaryotic cells to change how genes work, opening the door for gene editing in complex organisms.
Massachusetts Institute of Technology
US 7657849 · 2010
How the iPhone's Slide-to-Unlock Gesture Works
Apple's 2010 patent describes unlocking a device by dragging a specific graphical image across the touchscreen along a predefined path, a gesture that became iconic with the original iPhone.
Apple Inc
US 4733665 · 1988
How Doctors Implant a Permanent Stent Using a Balloon
This patent describes the method for placing a permanent, expandable wire mesh tube inside a blood vessel or other body tube using a balloon-tipped catheter to widen it and keep it open.
Expandable Grafts Partnership
US 4965188 · 1990
How to Make Many Copies of a DNA Piece with Heat
This patent describes the Polymerase Chain Reaction (PCR) method, a technique to make millions of copies of a specific DNA segment using a heat-resistant enzyme and repeated temperature changes.
Cetus Corp
US 4235871 · 1980
How to Encapsulate Active Materials in Lipid Bubbles Efficiently
This patent describes a method for trapping biologically active substances inside tiny, multi-layered fat bubbles called liposomes, using a specific water-in-oil emulsion and gel-forming process to improve how much material gets captured.
Individual
More to explore
More in Software & Internet
US 4405829 · 1983 · Massachusetts Institute of Technology
How RSA Public-Key Encryption Keeps Digital Messages Secret
US 6285999 · 2001 · Leland Stanford Junior University
How Websites Get Ranked by Importance
US 5960411 · 1999 · Amazon com Inc
How Amazon's One-Click Ordering Works for Online Purchases
US 7669123 · 2010 · Facebook Inc
Displaying Friends' Activities in a Social Network Feed
New to patents?
Common Questions
Frequently Asked Questions
What does How to Verify Anonymous Users Using Third-Party Identity Services cover?
A method for a system to identify and authorize a user it doesn't know by asking a different, trusted service that already has the user's information.
Who owns patent US 8688813?
Oracle International Corp owns this patent, granted in 2014.
When does this patent expire?
This patent is expected to expire on April 1, 2034, when the invention enters the public domain.
What is patent US 8688813 cited by?
This patent has been cited by 39 later patents that build on its ideas.
What problem does this patent solve?
This technology is foundational for modern federated identity management, such as 'Log in with Google' or 'Sign in with Apple.' It allows different organizations to share trust, enabling users to access resources across the internet without creating a new account for every single service they encounter.
What does this patent NOT cover?
Does not cover systems where the profile enabler already has the user's credentials.
Same assignee
More from Oracle International Corp
Patent monitoring