Controlling user access to content
First Claim
Patent Images
1. A method of controlling access to content in a distributed storage environment, comprising:
- tracking, by a server, access by a user to a plurality of Internet-accessible storage locations of the distributed storage environment;
compiling, by the server, a list ranking the Internet-accessible storage locations of the distributed storage environment accessed by the user based on a number of times the Internet-accessible storage locations are accessed by the user;
identifying, by the server, a predetermined number of top Internet-accessible storage locations on the list ranking the Internet-accessible storage locations accessed by the user, the predetermined number of top Internet-accessible storage locations comprising a subset of the plurality of Internet-accessible storage locations;
receiving, at the server, a first request by the user to access a content item at a first Internet-accessible storage location, access to the content item at the first Internet-accessible storage location requiring authentication of the user;
successfully authenticating, by the server, the user to access the content item at the first Internet-accessible storage location;
determining that the first Internet-accessible storage location is in the predetermined number of top Internet-accessible storage locations;
based on the successful authentication and in response to determining that the first Internet-accessible storage location is in the predetermined number of top Internet-accessible storage locations, augmenting, by the server, an authentication token for the user to indicate that the user is authorized to access the content item at the first Internet-accessible storage location by adding a location path of the content item at the first Internet-accessible storage location to the authentication token, the augmented authentication token comprising a plurality of location paths of content items at the predetermined number of top Internet-accessible storage locations;
receiving a second request by the user to access the content item at the first Internet-accessible storage location;
receiving the augmented authentication token in connection with the second request;
determining that the augmented authentication token comprises the location path to the first Internet-accessible storage location;
authenticating, by the server, the user to access the content item at the first Internet-accessible storage location in response to determining that the augmented authentication token comprises the location path to the first Internet-accessible storage location; and
providing, to the user, access to the content item at the first Internet-accessible storage location based on authenticating the user to access the content item using the augmented authentication token.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for controlling access to content include an authentication process that provides for increased speed by reducing, or eliminating in some cases, steps in the authentication process. In particular, the systems and methods can encode content paths previously authenticated for a particular user into an authentication token. When the user attempts to access one of the top content paths, the systems and methods can verify the user based on the encoded authentication token rather than following a complete authentication process.
20 Citations
20 Claims
-
1. A method of controlling access to content in a distributed storage environment, comprising:
-
tracking, by a server, access by a user to a plurality of Internet-accessible storage locations of the distributed storage environment; compiling, by the server, a list ranking the Internet-accessible storage locations of the distributed storage environment accessed by the user based on a number of times the Internet-accessible storage locations are accessed by the user; identifying, by the server, a predetermined number of top Internet-accessible storage locations on the list ranking the Internet-accessible storage locations accessed by the user, the predetermined number of top Internet-accessible storage locations comprising a subset of the plurality of Internet-accessible storage locations; receiving, at the server, a first request by the user to access a content item at a first Internet-accessible storage location, access to the content item at the first Internet-accessible storage location requiring authentication of the user; successfully authenticating, by the server, the user to access the content item at the first Internet-accessible storage location; determining that the first Internet-accessible storage location is in the predetermined number of top Internet-accessible storage locations; based on the successful authentication and in response to determining that the first Internet-accessible storage location is in the predetermined number of top Internet-accessible storage locations, augmenting, by the server, an authentication token for the user to indicate that the user is authorized to access the content item at the first Internet-accessible storage location by adding a location path of the content item at the first Internet-accessible storage location to the authentication token, the augmented authentication token comprising a plurality of location paths of content items at the predetermined number of top Internet-accessible storage locations; receiving a second request by the user to access the content item at the first Internet-accessible storage location; receiving the augmented authentication token in connection with the second request;
determining that the augmented authentication token comprises the location path to the first Internet-accessible storage location;authenticating, by the server, the user to access the content item at the first Internet-accessible storage location in response to determining that the augmented authentication token comprises the location path to the first Internet-accessible storage location; and providing, to the user, access to the content item at the first Internet-accessible storage location based on authenticating the user to access the content item using the augmented authentication token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer readable medium storing instructions thereon that, when executed by at least one processor, cause a computing device to perform steps comprising:
-
tracking access by a user to a plurality of Internet-accessible storage locations of a distributed storage environment; compiling a list ranking the Internet-accessible storage locations of the distributed storage environment accessed by the user based on a number of times the Internet-accessible storage locations are accessed by the user with successful authentication; augmenting an authentication token by adding to the authentication token, a plurality of location paths of content items at a predetermined number of top Internet-accessible storage locations on the list ranking the Internet-accessible storage locations accessed by the user, the predetermined number of top Internet-accessible storage locations comprising a subset of the plurality of Internet-accessible storage locations; receiving the augmented authentication token in connection with a first request to access a content item at a first Internet-accessible storage location, access to the content at the first Internet-accessible storage location requiring authentication based on authentication credentials in the token; comparing a first location path of the content item at the first Internet-accessible storage location to the plurality of location paths in the token corresponding to the predetermined number of top Internet-accessible storage locations; determining that the first location path matches one of the plurality of location paths in the token; and providing, in response to a determination that the first location path matches one of the plurality of location paths in the token, access to the content item at the first Internet-accessible location without accessing an access list in a repository to authenticate the authentication credentials in the token. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system for controlling access to content in a distributed storage environment, comprising:
-
at least one processor; and at least one non-transitory computer readable storage medium storing instructions thereon, that, when executed by the at least one processor, cause the system to; track access by a user to a plurality of location paths of content items on one or more content servers; compile a list ranking the plurality of location paths accessed by the user based on a number of times each of the plurality of location paths is accessed by the user; identify a predetermined number of top location paths on the list ranking the plurality of location paths accessed by the user, the predetermined number of top location paths comprising a subset of the plurality of location paths; receive a first request to access a content item at a first location path of the content item on one or more content servers, access to the content item at the first location path requiring authentication; successfully authenticate access to the content item at the first location path based on accessing an access list at a repository; determine that the first location path is in the predetermined number of top location paths; based on the successful authentication and in response to determining that the first location path is in the predetermined number of top location paths, augment a token to authorize access to the content item at the first location path by adding the first location path of the content item on the one or more content servers to the token, the token comprising the predetermined number of top location paths; receive the augmented token in connection with a second request to access the content item at the first location path on the one or more servers; compare the first location path to one or more location paths encoded within the token; determine that the first location path is encoded within the token; and provide access to the content item at the first location path on the one or more servers based on the first location path being encoded within the token. - View Dependent Claims (18, 19, 20)
-
Specification