Persistent key access to a resources in a collection

US 10,043,025 B2
Filed: 06/22/2015
Issued: 08/07/2018
Est. Priority Date: 06/27/2011
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium storing a computer program that is executable by at least one hardware processor, the computer program when executed by the at least one hardware processor causing the at least one hardware processor to perform operations comprising:

generating a uniform resource locator to access a media resource, the uniform resource locator comprising a location address, a key, and an authorization token;

receiving a first request from a first device associated with a first user to access the media resource using the uniform resource locator including the authorization token, wherein the first request includes a user identifier that identifies the first user;

determining an account of the first user based on the user identifier;

determining from an access list that the user identifier does not identify an authorized user based on the user identifier not being associated with the authorization token and that the account of the first user is not authorized to access the media resource;

based on the first request using the uniform resource locator including the authorization token, associating the authorization token with the user identifier and storing the association in the access list such that the account of the first user is authorized for the media resource;

granting access to the media resource to the first device of the first user in response to the first request;

receiving a second request for access to the media resource by a second device associated with the first user, the second request including the user identifier and not including the authorization token;

based on the updated access list including the user identifier, allowing the second device associated with the first user access to the media resource in response to the second request such that persistent access to the media resource is provided to the first user across the first device and the second device;

receiving a revocation of the authorization token from a second user; and

subsequent to receiving the revocation, revoking access associated with the authorization token, thereby preventing the first user from subsequently accessing the media resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes receiving a first request from a first user device to access a first resource that includes data for a second user account for which access to the data is restricted to authorized users, the first request including an authorization token and associated with a first user identifier that identifies a first user; determining that the first user identifier does not identify an authorized user and in response: determining that the first user identifier identifies an authorized user based on the authorization token, and provide the first resource to the first user device; receiving a second request for access to data to the second user account, the second request associated with the first user identifier; and based on the first user identifier being determined to identify authorized user, providing access to the data to the second user account in response to the second request.

83 Citations

View as Search Results

20 Claims

1. A non-transitory computer-readable medium storing a computer program that is executable by at least one hardware processor, the computer program when executed by the at least one hardware processor causing the at least one hardware processor to perform operations comprising:
- generating a uniform resource locator to access a media resource, the uniform resource locator comprising a location address, a key, and an authorization token;
  
  receiving a first request from a first device associated with a first user to access the media resource using the uniform resource locator including the authorization token, wherein the first request includes a user identifier that identifies the first user;
  
  determining an account of the first user based on the user identifier;
  
  determining from an access list that the user identifier does not identify an authorized user based on the user identifier not being associated with the authorization token and that the account of the first user is not authorized to access the media resource;
  
  based on the first request using the uniform resource locator including the authorization token, associating the authorization token with the user identifier and storing the association in the access list such that the account of the first user is authorized for the media resource;
  
  granting access to the media resource to the first device of the first user in response to the first request;
  
  receiving a second request for access to the media resource by a second device associated with the first user, the second request including the user identifier and not including the authorization token;
  
  based on the updated access list including the user identifier, allowing the second device associated with the first user access to the media resource in response to the second request such that persistent access to the media resource is provided to the first user across the first device and the second device;
  
  receiving a revocation of the authorization token from a second user; and
  
  subsequent to receiving the revocation, revoking access associated with the authorization token, thereby preventing the first user from subsequently accessing the media resource.

2. A method to provide access to a media resource, comprising:
- receiving a first request from a first device associated with a first user to access the media resource using a uniform resource locator that comprises a location address, a file identifier, a key, and an authorization token, wherein the first request includes a user identifier that identifies the first user;
  
  determining an account of the first user based on the user identifier;
  
  determining from an access list that the account of the first user is not authorized to access the media resource;
  
  based on the first request using the uniform resource locator including the authorization token, storing the user identifier in the access list in association with the first user such that the first user is authorized for the media resource;
  
  providing access to the media resource to the first user in response to the first request;
  
  receiving a second request subsequent to the first request, the second request by the first user to access to the media resource, the second request including the user identifier and not including the authorization token;
  
  based on the access list, providing access the first user to the media resource in response to the second request such that persistent access to the media resource is provided to the first user across the first device and a second device;
  
  providing, to a second user that previously published the authorization token, a user interface that identifies a number of authorized users that have been granted access to the media resource by use of the authorization token;
  
  receiving a revocation of the authorization token from the second user that previously published the authorization token; and
  
  subsequent to receiving the revocation, revoking access associated with the authorization token, thereby preventing the first user from subsequently accessing the media resource.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
- - 3. The method of claim 2, further comprising:
    - generating an invitation to access the media resource that is restricted to authorized users, the invitation comprising the uniform resource locator, the uniform resource locator including the authorization token; and
      
      sending the invitation to the first user.
  - 4. The method of claim 3, wherein the user interface further includesan option to revoke the authorization token.
  - 5. The method of claim 2, wherein the authorization token comprises a hash of token data.
  - 6. The method of claim 2, wherein the authorization token comprises a hash of the user identifier of the first user.
  - 7. The method of claim 2, wherein the access list defines users authorized to access the media resource.
  - 8. The method of claim 2, wherein the media resource comprises a photo album.
  - 9. The method of claim 2, wherein determining the account of the first user comprises determining that the first user is logged in to a user account.
  - 10. The method of claim 2, wherein determining the account of the first user comprises receiving a cookie.

11. A system, comprising:
- one or more hardware processors;
  
  a non-transitory computer-readable medium coupled to the one or more hardware processors and storing instructions that are executable by the one or more hardware processors, the instructions causing the one or more hardware processors to perform operations comprising;
  
  receiving a first request from a first device associated with a first user to access a media resource that is restricted to access by authorized users, wherein the first request is based on a uniform resource locator that is appended with a key and an authorization token and wherein the first request includes a user identifier that identifies the first user;
  
  determining an account of the first user;
  
  determining from an access list that the account of the first user is not authorized to access the media resource;
  
  based on the first request using the uniform resource locator appended with the authorization token, storing the user identifier in the access list in association with the first user such that the first user is authorized for the media resource;
  
  granting access to the media resource to the first user in response to the first request;
  
  receiving a second request for access to the media resource by the first user, the second request including the user identifier and not including the authorization token;
  
  based on the access list, allowing the first user access to the media resource in response to the second request such that persistent access to the media resource is provided to the first user across the first device and a second device;
  
  providing, to a second user that previously published the authorization token, a user interface that identifies a number of authorized users that have been granted access to the media resource by use of the authorization token;
  
  receiving a revocation of the authorization token from the second user that previously published the authorization token; and
  
  subsequent to receiving the revocation, revoking access associated with the authorization token, thereby preventing the first user from subsequently accessing the media resource.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the instructions further cause the one or more hardware processors to perform operations comprising:
    - generating an invitation to access the media resource, the invitation comprising the uniform resource locator, the uniform resource locator appended with the authorization token; and
      
      sending the invitation to the first user.
  - 13. The system of claim 12, wherein the user interface further includesan option to revoke the authorization token.
  - 14. The system of claim 11, wherein the authorization token comprises a hash of token data.
  - 15. The system of claim 14, wherein the authorization token comprises a hash of the user identifier of the first user.
  - 16. The system of claim 11, wherein the access list defines users authorized to access the media resource.
  - 17. The system of claim 11, wherein the media resource comprises a folder of digital files.
  - 18. The system of claim 11, wherein the instructions causing the one or hardware processors to determine the account of the first user include instructions to determine that the first user is logged in to a user account.
  - 19. The system of claim 11, wherein the instructions causing the one or more hardware processors to determine the account of the first user include instructions to receive a cookie from a browser of the first user.
  - 20. The system of claim 11, wherein the media resource belongs to the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google LLC (Alphabet Inc.)
Inventors
Ibel, Maximilian, Steiner, Matthew S.
Primary Examiner(s)
Vostal, O. C.

Application Number

US14/746,783
Publication Number

US 20150286838A1
Time in Patent Office

1,142 Days
Field of Search

726 28
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2145   Inheriting rights or proper...

H04L 63/102   Entity profiles

H04L 9/32   including means for verifyi...

H04L 9/3228   One-time or temporary data,...

Persistent key access to a resources in a collection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

83 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Persistent key access to a resources in a collection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

83 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links