Secure computerized system, method and computer program product for children and/or pre-literate/illiterate users

US 10,198,963 B2
Filed: 12/11/2017
Issued: 02/05/2019
Est. Priority Date: 06/18/2015
Status: Active Grant

First Claim

Patent Images

1. A secured computerized social networking system for pupil end-users including:

a mail server including a processor, operative to;

a. communicate with external recipients via a gateway to at least one external communication network serving the external recipients; and

b. communicate with at least one internal recipient including the pupil end-users, thereby to define an internal secured network;

computer memory/storage accessible by the mail server and operative to store;

associations between individual parents who are nodes in the at least one external communication network and individual internal recipients from among the pupil end-users thereby to define at least one parent end-user of the individual parents for each of the pupil end-users; and

white-lists of authorized communicants for individual pupil end-users of the pupil end-users, provided by the mail server;

wherein the mail server is operative to interface with;

a secured parent environment including a parent'"'"'s user-interface, operative, responsive to control by a processor, to allow each of said individual parents whose association with a given pupil from among the pupil end-users is stored in said memory, to authenticate himself and subsequently to define for the mail server, a white-list of the pupil end-users with whom said given pupil'"'"'s parent authorizes his child (said given pupil) to communicate; and

a secured pupil environment including a pupil'"'"'s user-interface, operative, responsive to control by a processor, to allow the given pupil to communicate via said mail server with any of the pupil end-users appearing on the whitelist of internal recipients stored in the memory for the given pupil;

wherein for at least one first and at least one second pupil end-user from among the pupil end-users, the mail server'"'"'s logic is configured such that the whitelist provided to the memory for the first pupil end-user includes the second pupil end-user, if and only if, the first and second pupil end users'"'"' parents of the individual parents, as defined by said associations, have each, via their respective parent'"'"'s user-interface, authorized communication between the first and second pupil end users, thereby to define the first and second pupil end users as an authorized pair of communicants, and wherein the system includes a pupil database storing a pupil data record for each of the pupil end-users in a supported pupil population and wherein each pupil data record is operative for storing an association between each of the pupil end-users and an individual class and wherein the default internal recipient white-list for each of the pupil end-users is the pupil end-users in her/his individual class,the system comprising;

a what-you-know authentication test-protected secured environment; and

a security server with a what-you-know authentication test-based access control subsystem protecting access to the secured environment, providing access only to users who have interacted with what-you-know testing functionality and passed a what-you-know authentication test comprising entry of a picture-based password memorable to and producible by a pre-literate or semi-literate child,wherein network security is not solely based on the picture-based password and instead at least one additional layer of security is provided, thereby to provide picture-password based access control, cocooned within at least one additional layer of security,the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising;

a processor-controlled touch-triggered actor which, responsive to at least each first gesture applied by an end-user to an individual location within the touch screen, from among a plurality of touch screen locations, performs at least one individual action, from among said plurality of actions, which corresponds to said individual location; and

a processor-controlled touch-triggered oral presenter which, responsive to at least each second gesture applied by an end-user to an individual location within the touch screen, from among the plurality of touch screen locations, presents an oral characterization of the at least one individual action, from among said plurality of actions, which corresponds to said individual location.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secured computerized social networking system for pupils including a mail server operative to interface with a secured parent environment; and a secured pupil environment, the system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test; a what-you-know testing functionality; and a graphic what-you-know test-configuring functionality, the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising: a processor-controlled touch-triggered actor; and a processor-controlled touch-triggered oral presenter.

19 Citations

16 Claims

1. A secured computerized social networking system for pupil end-users including:
- a mail server including a processor, operative to;
  
  a. communicate with external recipients via a gateway to at least one external communication network serving the external recipients; and
  
  b. communicate with at least one internal recipient including the pupil end-users, thereby to define an internal secured network;
  
  computer memory/storage accessible by the mail server and operative to store;
  
  associations between individual parents who are nodes in the at least one external communication network and individual internal recipients from among the pupil end-users thereby to define at least one parent end-user of the individual parents for each of the pupil end-users; and
  
  white-lists of authorized communicants for individual pupil end-users of the pupil end-users, provided by the mail server;
  
  wherein the mail server is operative to interface with;
  
  a secured parent environment including a parent'"'"'s user-interface, operative, responsive to control by a processor, to allow each of said individual parents whose association with a given pupil from among the pupil end-users is stored in said memory, to authenticate himself and subsequently to define for the mail server, a white-list of the pupil end-users with whom said given pupil'"'"'s parent authorizes his child (said given pupil) to communicate; and
  
  a secured pupil environment including a pupil'"'"'s user-interface, operative, responsive to control by a processor, to allow the given pupil to communicate via said mail server with any of the pupil end-users appearing on the whitelist of internal recipients stored in the memory for the given pupil;
  
  wherein for at least one first and at least one second pupil end-user from among the pupil end-users, the mail server'"'"'s logic is configured such that the whitelist provided to the memory for the first pupil end-user includes the second pupil end-user, if and only if, the first and second pupil end users'"'"' parents of the individual parents, as defined by said associations, have each, via their respective parent'"'"'s user-interface, authorized communication between the first and second pupil end users, thereby to define the first and second pupil end users as an authorized pair of communicants, and wherein the system includes a pupil database storing a pupil data record for each of the pupil end-users in a supported pupil population and wherein each pupil data record is operative for storing an association between each of the pupil end-users and an individual class and wherein the default internal recipient white-list for each of the pupil end-users is the pupil end-users in her/his individual class,the system comprising;
  
  a what-you-know authentication test-protected secured environment; and
  
  a security server with a what-you-know authentication test-based access control subsystem protecting access to the secured environment, providing access only to users who have interacted with what-you-know testing functionality and passed a what-you-know authentication test comprising entry of a picture-based password memorable to and producible by a pre-literate or semi-literate child,wherein network security is not solely based on the picture-based password and instead at least one additional layer of security is provided, thereby to provide picture-password based access control, cocooned within at least one additional layer of security,the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising;
  
  a processor-controlled touch-triggered actor which, responsive to at least each first gesture applied by an end-user to an individual location within the touch screen, from among a plurality of touch screen locations, performs at least one individual action, from among said plurality of actions, which corresponds to said individual location; and
  
  a processor-controlled touch-triggered oral presenter which, responsive to at least each second gesture applied by an end-user to an individual location within the touch screen, from among the plurality of touch screen locations, presents an oral characterization of the at least one individual action, from among said plurality of actions, which corresponds to said individual location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A system according to claim 1 and also comprising an oral presentation library including a plurality of recorded oral presentations in a computer-implemented memory which, when played to the end user by the oral presenter, orally characterize the plurality of actions respectively.
  - 3. A system according to claim 1 wherein the oral presenter also presents an oral characterization of the individual action, from among said plurality of actions, which corresponds to said individual location, responsive to each first gesture applied by an end-user to the individual location within the touch screen.
  - 4. A system according to claim 2 and also comprising a rules database storing, in a computer-implemented memory, at least one rule governing the behavior of at least one of the oral presenter and the actor, responsive to at least one sequence of end-user gestures including initial and subsequent end-user gestures.
  - 5. A system according to claim 4 wherein the rules database stores at least one premature-gesture-handling rule governing the oral presenter'"'"'s behavior responsive to situations in which an end-user triggers a recorded oral presentation of an individual action A by applying a gesture to an individual location AA corresponding to action A and subsequently, “
    - prematurely”
      
      i.e. before the recorded oral presentation of individual action A has finished playing, the end-user applies a gesture to an individual location BB corresponding to action B.
  - 6. A system according to claim 5 wherein least one premature-gesture-handling rule is operative for instructing the oral presenter to abort playing of a recorded oral presentation of at least one individual action A and to begin playing, instead, the recorded oral presentation of individual action B, if the end-user has applied an initial gesture, triggering playing of a recorded oral presentation of an action A, to an individual location AA corresponding to action A and subsequently, before the recorded oral presentation of individual action A has finished playing, the end-user applied a subsequent gesture, triggering playing of a recorded oral presentation of action B, to an individual location BB corresponding to action B.
  - 7. A system according to claim 4 wherein the rules database stores at least one immediately-subsequent-gesture-handling rule governing the behavior, of at least one of the oral presenter and the actor, responsive to situations in which an end-user applies a subsequent gesture “
    - immediately”
      
      after i.e. within a predetermined time window after an initial gesture.
  - 8. A system according to claim 4 and wherein said actions are each assigned one of at least 2 levels of priority and wherein the rules database stores rules governing behavior of at least one of the oral presenter and the actor responsive to at least one sequence of end-user gestures including initial and subsequent end-user gestures and wherein one of the rules is selected for application depending at least partly on a level of priority of the action corresponding to the initial end-user gesture.
  - 9. A system according to claim 1 wherein said first gesture comprises a brief tap.
  - 10. A system according to claim 1 wherein said second gesture comprises a tap-hold.
  - 11. A system according to claim 1 and also comprising a touch screen operative to detect, and distinguish between, the first and second gestures.
  - 12. A system according to claim 1 and also comprising a tablet having a touch screen operative to detect, and distinguish between, the first and second gestures.
  - 13. A system according to claim 8 wherein said levels of priority determine whether or not an action of at least one of the oral presenter and the actor, initiated responsive to the initial end-user gesture, is interruptible if the action interferes with another action which is to be initiated responsive to the subsequent end-user gesture.
  - 14. A system according to claim 1 wherein the mail server and gateway allow outgoing communication with external network/s and the gateway comprises a one-way gateway which does not allow incoming communication, thereby to generate an internal network secured from incoming communication from external networks;
    - and wherein an identity manager is associated with the email server and is operative to control access of users depending on their roles as stored in computer memory, and subject to their providing authentication;
      
      and wherein the system is pre-configured such that no communication is possible other than communication between authorized pairs of communicants and wherein rules defining authorized pairs of communicants includes that pupils of a single teacher can all communicate with one another.

15. A secured computerized social networking method serving pupil end-users and including:
- providing a mail server including a processor, operative to;
  
  a. communicate with external recipients via a gateway to at least one external communication network serving the external recipients; and
  
  b. communicate with at least one internal recipient including the pupil end-users, thereby to define an internal secured network;
  
  using computer memory/storage to store;
  
  associations between individual parents who are nodes in the at least one external communication network and individual internal recipients from among the pupil end-users; and
  
  white-lists of authorized communicants for individual pupil end-users of the pupil end-users, provided by the mail server;
  
  wherein the mail server is operative to interface with;
  
  a secured parent environment including a parent'"'"'s user-interface, operative, responsive to control by a processor, to allow each of said individual parents whose association with a given pupil from among the pupil end-users is stored in said memory, to authenticate himself and subsequently to define for the mail server, a white-list of the pupil end-users with whom said given pupil'"'"'s parent authorizes his child (said given pupil) to communicate; and
  
  a secured pupil environment including a pupil'"'"'s user-interface, operative, responsive to control by a processor, to allow the given pupil to communicate via said mail server with any of the pupil end-users appearing on the whitelist of internal recipients stored in the memory for the given pupil;
  
  wherein for at least one first and at least one second pupil end-user from among the pupil end-users, the mail server'"'"'s logic is configured such that the whitelist provided to the memory for the first pupil end-user includes the second pupil end-user, if and only if, the first and second pupil end users'"'"' parents, as defined by said associations, have each, via their respective parent'"'"'s user-interface, authorized communication between the first and second pupil end users, thereby to define the first and second pupil end users as an authorized pair of communicants, and wherein the system includes a pupil database storing a pupil data record for each of the pupil end-users in a supported pupil population and wherein each pupil data record is operative for storing an association between each of the pupil end-users and an individual class and wherein the default internal recipient white-list for each of the pupil end-users is the pupil end-users in her/his individual class,the method comprising;
  
  providing a what-you-know authentication test-protected secured environment; and
  
  providing a security server with a what-you-know authentication test-based access control subsystem protecting access to the secured environment, providing access only to users who have interacted with what-you-know testing functionality and passed a what-you-know authentication test comprising entry of a picture-based password memorable to and producible by a pre-literate or semi-literate child,wherein network security is not solely based on the picture-based password and instead at least one additional layer of security is provided, thereby to provide picture-password based access control, cocooned within at least one additional layer of security,the method being operative to perform a plurality of selectable system-actions responsive to user input, the method interfacing with non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the method comprising;
  
  responsive to at least each first gesture applied by an end-user to an individual location within the touch screen, from among a plurality of touch screen locations, performing at least one individual action, from among said plurality of actions, which corresponds to said individual location; and
  
  responsive to at least each second gesture applied by an end-user to an individual location within the touch screen, from among the plurality of touch screen locations, presenting an oral characterization of the at least one individual action, from among said plurality of actions, which corresponds to said individual location.

16. A computer program product, comprising a non-transitory tangible computer readable medium having computer readable program code embodied therein, said computer readable program code adapted to be executed to implement a secured computerized social networking method serving pupil end-users and including:
- providing a mail server including a processor, operative to;
  
  a. communicate with external recipients via a gateway to at least one external communication network serving the external recipients; and
  
  b. communicate with at least one internal recipient including pupil end-users, thereby to define an internal secured network;
  
  using computer memory/storage to store;
  
  associations between individual parents who are nodes in the at least one external communication network and individual internal recipients from among the pupil end-users; and
  
  white-lists of authorized communicants for individual pupil end-users of the pupil end-users, provided by the mail server;
  
  wherein the mail server is operative to interface with;
  
  a secured parent environment including a parent'"'"'s user-interface, operative, responsive to control by a processor, to allow each of said individual parents whose association with a given pupil from among the pupil end-users is stored in said memory, to authenticate himself and subsequently to define for the mail server, a white-list of the pupil end-users with whom said given pupil'"'"'s parent authorizes his child (said given pupil) to communicate; and
  
  a secured pupil environment including a pupil'"'"'s user-interface, operative, responsive to control by a processor, to allow the given pupil to communicate via said mail server with any of the pupil end-users appearing on the whitelist of internal recipients stored in the memory for the given pupil;
  
  wherein for at least one first and at least one second pupil end-user from among the pupil end-users, the mail server'"'"'s logic is configured such that the whitelist provided to the memory for the first pupil end-user includes the second pupil end-user, if and only if, the first and second pupil end-users'"'"' parents, as defined by said associations, have each, via their respective parent'"'"'s user-interface, authorized communication between the first and second pupil end-users, thereby to define the first and second pupil end-users as an authorized pair of communicants, and wherein the system includes a pupil database storing a pupil data record for each of the pupil end-users in a supported pupil population and wherein each pupil data record is operative for storing an association between each of the pupil end-users and an individual class and wherein the default internal recipient white-list for each of the pupil end-users is the pupil end-users in her/his individual class, the method comprising;
  
  providing a what-you-know authentication test-protected secured environment; and
  
  providing a security server with a what-you-know authentication test-based access control subsystem protecting access to the secured environment, providing access only to users who have interacted with what-you-know testing functionality and passed a what-you-know authentication test comprising entry of a picture-based password memorable to and producible by a pre-literate or semi-literate child,wherein network security is not solely based on the picture-based password and instead at least one additional layer of security is provided, thereby to provide picture-password based access control, cocooned within at least one additional layer of security,the method being operative to perform a plurality of selectable system-actions responsive to user input, the method interfacing with non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the method comprising;
  
  responsive to at least each first gesture applied by an end-user to an individual location within the touch screen, from among a plurality of touch screen locations, performing at least one individual action, from among said plurality of actions, which corresponds to said individual location; and
  
  responsive to at least each second gesture applied by an end-user to an individual location within the touch screen, from among the plurality of touch screen locations, presenting an oral characterization of the at least one individual action, from among said plurality of actions, which corresponds to said individual location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Googale (2009), Ltd.
Original Assignee
Googale (2009), Ltd.
Inventors
Michalowitz, Nir, Peled Rosenvald, Michal
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Almeida, Devin E

Application Number

US15/837,656
Publication Number

US 20180114461A1
Time in Patent Office

421 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/53   by executing in a restricte...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2149   Restricted operating enviro...

G06F 3/041   Digitisers, e.g. for touch ...

G06F 3/0488   using a touch-screen or dig...

G06Q 10/107   Computer-aided management o...

G06Q 50/01   Social networking

G09B 19/0053   Computers, e.g. programming

G09B 5/062   Combinations of audio and p...

G09B 5/065   Combinations of audio and v...

H04L 51/212   using filtering or selectiv...

H04L 51/52   for supporting social netwo...

H04L 63/083   using passwords cryptograph...

H04L 63/101   Access control lists [ACL]

Secure computerized system, method and computer program product for children and/or pre-literate/illiterate users

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Secure computerized system, method and computer program product for children and/or pre-literate/illiterate users

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others