PRIVATE WEB SYSTEMS AND USES THEREOF

Abstract

Provided herein is a system for protecting the privacy of internet users. The system is supported by a distributed internet service technology and has an application module with a group of decentralized applications and an online access portal, a data module for handling user privacy data between application and the internet, and a cloud module that supports all applications, middleware, data and online access services across all user-designated personal online devices.

Claims

1. A system for protecting privacy data of an online user over an internet connection comprising: an application module comprising a plurality of decentralized applications and an online access portal in electronic communication with an internet device; a data module in electronic communication with the application module and configured to protect user privacy related (UPR) data, provide intelligent data proxy service, provide intelligent web proxy service and secure data storage, said data module comprising: a data sphere; a database; and an interphase; and a cloud module comprising a user-end distributed internet service in electronic communication with the data module and configured to execute the decentralized applications and securely communicate over the internet connection.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0082] So that the matter in which the above-recited features, advantages and objects of the invention, as well as others that will become clear, are attained and can be understood in detail, more particular descriptions of the invention briefly summarized above may be had by reference to certain embodiments thereof that are illustrated in the appended drawings. These drawings form a part of the specification. It is to be noted, however, that the appended drawings illustrate preferred embodiments of the invention and therefore are not to be considered limiting in their scope.

[0083] FIG. 1 describes the categories of user-privacy related (UPR) online data, which this invention focuses on to protect.

[0084] FIG. 2 illustrates the Private-Web system structure that consists of subsystems of MyApp, MyData, MyCloud and the Smart Cloud service.

[0085] FIG. 3 illustrates the MyApp subsystem structure, which includes one or more decentralized applications that are supported by Mydata subsystem.

[0086] FIGS. 4A-4C illustrate the MyData subsystem structure. FIG. 4A includes the DataSphere component, Interface component and a database component. FIGS. 4B-4C illustrate that the MyData subsystem interacts separately with MyApp and Internet.

[0087] FIG. 5 illustrates the major functions as described in the Detailed Description of the Inventions section.

[0088] FIG. 6 illustrates the MyCloud subsystem structure. MyCloud service covers all the devices that a user's Private-Web resides.

[0089] FIG. 7 illustrates the Decentralized application component of MyApp subsystem.

[0090] FIG. 8 illustrates the Online Access Portal component of MyApp subsystem.

[0091] FIG. 9 illustrates the DataSphere component of MyData subsystem.

[0092] FIG. 10 illustrates the Interface component of MyData subsystem.

[0093] FIG. 11 illustrates the MyCloud subsystem components.

[0094] FIG. 12 illustrates one implementation of the Smart Cloud service (i.e. Distributed Internet Service, or DIS)

[0095] FIG. 13 illustrates another implementation of the Smart Cloud service (i.e. Distributed Internet Service, or DIS)

[0096] FIG. 14 illustrates the scaling of the decentralized application Myfriend over Internet.

[0097] FIG. 15 illustrates the flowchart of the scaling of the decentralized application MyFriend over Internet as shown in FIG. 14.

DETAILED DESCRIPTION OF THE PRESENT INVENTION

[0098] The articles “a” and “an” when used in conjunction with the term “comprising” in the claims and/or the specification, may refer to “one”, but is also consistent with the meaning of “one or more”, “at least one”, and “one or more than one”. Some embodiments of the invention may consist of or consist essentially of one or more elements, components, method steps, and/or methods of the invention. It is contemplated that any composition, component or method described herein can be implemented with respect to any other composition, component or method described herein.

[0099] The term “or” in the claims refers to “and/or” unless explicitly indicated to refer to alternatives only or the alternatives are mutually exclusive, although the disclosure supports a definition that refers to only alternatives and “and/or”.

[0100] The terms “comprise” and “comprising” are used in the inclusive, open sense, meaning that additional elements may be included.

[0101] The term “including” is used herein to mean “including, but not limited to”. “Including” and “including but not limited to” are used interchangeably.

[0102] As used herein, the term “about” refers to a numeric value, including, for example, whole numbers, fractions, and percentages, whether or not explicitly indicated. The term “about” generally refers to a range of numerical values (e.g., +/−5-10% of the recited value) that one of ordinary skill in the art would consider equivalent to the recited value (e.g., having the same function or result). In some instances, the term “about” may include numerical values that are rounded to the nearest significant figure.

[0103] The present invention is directed to a system for protecting privacy data of an online user over an internet connection comprising an application module comprising a plurality of decentralized applications and an online access portal in electronic communication with an internet device; a data module in electronic communication with the application module and configured to protect user privacy related (UPR) data, provide intelligent data proxy service, provide intelligent web proxy service and secure data storage, said data module comprising a data sphere; a database; and an interphase; and a cloud module comprising a user-end distributed internet service in electronic communication with the data module and configured to execute the decentralized applications and securely communicate over the internet connection.

[0104] The Private-Web is a software system that mainly resides and executes on the online devices of an internet user. This software acts as the main entry for the user to conduct activities on internet, provides personalized protection to the privacy information meanwhile intelligent information process for the online user. Compared with the typical way that a user relies on for conducting activities on internet today, that is via a browser or third-party applications, which has almost no protection to the user's privacy information, the Private-web solves the much needed yet complicated online privacy protection problem meanwhile enables the intelligent process both for the output and input information tailored for the user's personal needs.

[0105] Typical internet devices may include smartphone, PC, laptop, internet appliances used for home, office or car. An internet user may use one or more of such devices to conduct internet activities.

[0106] The online privacy protection is a complicated problem as it relates to a broad range of information and ways to conduct online activities. Especially since the wide spread usage of internet generated the current generation of e-commerce during the past quarter century, almost of all major online activities today result in the giving up some of a user's online privacy information. One of the major e-commerce business models is to provide free online service in exchange for the service provider to acquire certain information from the user and to send the user certain information, mainly advertisement or some sort of targeted information. In fact, this business model has been hugely successful in global market that it has generated a number of tech giants earning billions of dollars of annual profits with over trillion-dollar market valuation, first time in the civilization history. Those service providers have several billions of users over the internet worldwide, and constantly acquire and mining the ocean size of data from their users' privacy information, meanwhile online users' behaviors are more and more being closely monitored, influenced and even manipulated by the service providers.

[0107] For example, when a user uses a free search engine application trying to find a pair of sneakers, the keywords used, the type of online device, the IP address, the geo location as well as the interactive response to the in-page advertisement, etc. will be captured by the service provider.

[0108] When a user uses Facebook to connect to friends, the text entered, pictures uploaded, etc. will all be shared with Facebook by agreeing to the “Terms and Conditions” of using their free social networking application at the time the user download their application and created the account. Facebook owns global, perpetual and royalty-free rights to use all the user contributed content. In addition, by the same agreement the user has agreed for Facebook to collect just about every piece of information about the user when using this application, including but not limited to name, sex, age, online interactive behavior, IP, online device, geo location, contact list, etc. Also the Facebook has access to all the pictures, videos, documents, messages, camera, microphone, calendar, notes, etc.

[0109] Privacy information is personal property protected by constitution. Online users today giving up privacy information in exchange of conducting online activities is because of lack of the effective online services that enable them to conduct necessary applications without giving up privacy information. This invention provides a complete solution for online users to conduct necessary application online without giving up privacy information. This invention can be further combined with other solutions such as data storage, cyber security services and digital right protection to expand into various solution bundles that meet the needs of billions of online users today. The complete online privacy protection solution will change the way how the current generation of e-commerce is conducted and has tremendous potential market value.

[0110] The Private-Web software system consists of four subsystems, i.e. MyApp, MyData, MyCloud and Smart Cloud Service (also referred to as Distributed Internet Services or DIS). See FIG. 2.

[0111] By categorizing all user privacy related (UPR) information or data into three categories, i.e. 1) user-generated, 2) application-generated, and 3) server captured (see FIG. 1), this invention provides three major means in order to completely protect the privacy information for the online user. The first one is to enable decentralized applications using the Distributed Internet Services (DIS) system (also referred to as Smart Cloud Service) to establish the personal cloud service for the user, so that the user has the choice not to use those, free or charged, online applications that heavily collect user privacy information or contain user privacy information, such as social media and networking as well as online communication. The second one is to control intelligently the user-generated output information meanwhile intelligently process the information acquired over Internet, so that the privacy information will not be directly exposed while conducting online activities, such as searching or browsing online. The third one is to control the application-generated privacy information such as geo location, online IP address, etc. so that they will not be directly exposed while conducting online activities.

MyApp subsystem consists of two major components: 1) Decentralized applications (or DApp), and 2) Online Access Portal, see FIG. 3.

[0112] Web application itself is prior arts, either existing open-source software or developed by software developers, not part of this invention. However, to enable a regular web application to become a DApp in online user's own personal cloud environment using the Smart Cloud service is one of the major parts of this invention. What separates regular web application with DApp is that web application is web-server centric, owned by the application provider aiming to serve a large amount of user over internet. DApp is owned by the user aiming to serve a smaller group of friends. So there will be no application provider online to monitor and capture the user privacy information by using the DApp.

[0113] The DApp component can contain any application that is needed by the online user, see FIG. 7. One application would be social media networking, called MyFriend in this invention. Facebook, WhatsApp, Youtube, etc. are all well-known open-source software available online. They can be adapted relatively easily for personal friend circle with a much smaller scale, e.g. typically from tens to thousands of online friends but rarely millions or hundreds of millions or basically not billions (note: Facebook application has over 3 billion users worldwide). The maximal number of users in a DApp can be defined and limited in development of such application.

[0114] To enable web application to become a DApp will be described later in the sections about MyCloud and Smart Cloud Service, and the DIS patent portfolio.

[0115] Online Access Portal component consists of mainly the user-interface (UI), Browser Control Module and Browser Engine, see FIG. 8. This component provides the intelligent control of user output information when browsing or searching online and intelligent processing of information acquired from over Internet. Instead of using directly a third-party browser software such as Microsoft Internet Explorer or Microsoft Edge, Google's Chrome or Firefox from Mozilla, a user clicks the icon of MyBrowser which invokes Browser Control Module for browsing certain URLs over Internet. The Browser Control Module is responsible for calling the Browser Engine with proper input data supplied by MyData subsystem (see below). Similarly, the user may click the MySearch icon which invokes Browser Control Module for an online search. The input data may include URLs and any necessary data such as search key words or parameters. The user inputs the original data and the Browser Control Module passes them along with usage flags (browsing or searching or others) to MyData. MyData processes them and provides with proper data to the Browser Control Module along with usage flag. The Browser Control Module uses the processed data and the usage flag to invoke the Browser Engine to conduct online activities. When the Browser Engine acquires data from proper Internet servers and passes them to the Browser Control Module. The Browser Control Module processes those data along with the usage flag into proper internal format and sends them to MyData for intelligent process. The Browser Control Module receives processed data from MyData and composes the resulting web page for UI, either browsing or searching. Therefore, Online Access Portal isolates all user input data from directly sending out over Internet, and presents the resulting data to the user from the intelligent processing by MyData which also isolates the data from over Internet (including web pages and data contained) from directly presented by the web browser to the user.

[0116] MyData subsystem consists of also two major components: 1) DataSphere, and 2) Interface, see FIGS. 4A-4C. Its major functions include intelligent data processing and system Interface control, see FIG. 5.

[0117] The DataSphere component takes input data from MyApp subsystem along with the usage flag, then processes the data accordingly, see FIG. 9. For the web searching flag, it performs data camouflage with intelligence from the Multiple Dimensional Value Matrix Engine (see U.S. Pat. No. 10,089,583, “Distributed Cloud Services System and Uses Thereof”) for both outgoing (searching keywords) and incoming (search results) data. For web browsing flag, it performs certain data camouflage using the intelligence also from the same Value Matrix Engine for both outgoing and incoming data. For instance, if browsing an online shopping website (e.g. amazon.com), the user provided key words will be camouflaged similarly to the web searching case. For any incoming web page with corresponding flag, DataSphere is responsible for filtering the content to remove malicious code and data. Web page filtering is prior arts as there are many technologies for examining and removing malicious code and data inside a web page. DataSphere is also responsible for rules to camouflaging IP address and GPS position. It provides the rule-based parameters to the Interface component and uses the feedback parameters from the Interface component to provide to MyApp for any needs.

[0118] The Interface component is responsible to control certain system drivers including VPN for IP connection, GPS position, etc., see FIG. 10. VPN services are provided by vendors and the technologies for connecting VPN is prior arts. GPS position parameter is provided by operating system of online devices. Prior arts are available for faking GPS position in commonly used operating systems including iOS, Android and Windows. The Data Control module takes input from DataSphere, controls the Interface Drivers to perform IP connection or fake GPS position, and send feedback data back to DataSphere.

[0119] The database is prior art such as using the enterprise-grade PostgreSQL.

[0120] MyCloud subsystem is mainly based on the Distributed Internet Services (also referred to as Smart Cloud Service). The major function is to support the distributed execution of MyApp and MyData among the various online devices of the user as well as the online devices of any and all clients of MyApp Decentralized Applications such as MyFriend. MyCloud provides a personal cloud service over Internet for the specific MyApp and MyData for the user as part of the user's private web. The user owns his/her MyApp and MyData that run across all the related online devices.

[0121] The Distributed Internet Services, or the Smart Cloud Service, conduct complete life cycle service for all digital assets of MyApp and MyData, including distribution, deployment, execution, synchronization, updating and purge. The service is deployed as a cloud service from the DIS management server. The Smart Cloud Service for MyCloud can be implemented based on each user's choice and online device environment with customized configuration. See FIGS. 12 and 13.

[0122] The nested scale-up of MyApp Decentralized Application such as MyFriend is based on each user own MyApp and MyCloud service with his/her friends that sign up as “Friend”. The relationship is always “Host-and-Client”, i.e., the owner of the MyFriend application is the host and whoever signs in as “friend” is the client of this MyFriend application. The host and client are served by the owner's MyCloud service.

[0123] A client can have his/her own MyFriend and invite his/her own friends where he/she is the host of his/her own MyFriend application with his/her own MyCloud service. Different MyFriend applications and served by different MyCloud service, in general, have different digital content and different cloud structure due to different group of devices and network environment. The same client DIS on a user's device may serve more than one set of digital assets with respective service requirements. See FIGS. 14 and 15.

[0124] Based on the six degree of separation theory, people can be easily connected through the nested MyClouds through the world and information (such as news posting) can be distributed and re-distributed across the nested MyFriend circles to reach almost any large number of crowds. This kind of decentralized nested connection and information distribution is better than today's server-centric model as the information distribution can be.