Secure file transfers within network-based storage

US 10,250,579 B2
Filed: 08/13/2013
Issued: 04/02/2019
Est. Priority Date: 08/13/2013
Status: Active Grant

First Claim

Patent Images

1. A first server, comprising:

a processor and a memory communicatively connected to the processor, the processor configured to;

generate, by the first server, an announcement message including a link specifying a file location and a file name of a user file stored on the first server for a user, wherein the link has a property of the user encoded therein;

propagate, by the first server, the announcement message for delivery to the user;

receive, by the first server from a second server, a request to establish a secure connection between the first server and the second server;

receive, by the first server from the second server, a request for the user file stored on the first server for the user, wherein the request includes the link;

determine, by the first server based on receipt of the request for the user file from the second server, that the user file is protected by a challenge-response authentication process;

propagate, by the first server toward the second server, a challenge comprising a request for a challenge value associated with the user file;

receive, by the first server from the second server, a challenge response including the challenge value associated with the user file, wherein the challenge value associated with the user file comprises the property of the user;

determine, by the first server based on the link, a comparison value associated with the user file, wherein the comparison value associated with the user file comprises the property of the user; and

propagate the user file from the first server toward the second server via the secure connection based on a determination that the challenge value and the comparison value match.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A capability is provided for securely transferring a file within network-based storage. A capability is provided for securely transferring a user file of a user from a first server to a second server. The first server may be associated with a first service provider and the second server may be associated with a second service provider. The secure transfer of a user file from the first server to the second server may be performed based on a One-Click File Transfer capability in which only a single click by the user is needed in order for the user file to be transferred. The secure transfer of a user file from the first server to the second server may be performed based on a Zero-Click File Transfer capability in which the user file may be transferred without any interaction by the user.

Citations

20 Claims

1. A first server, comprising:
- a processor and a memory communicatively connected to the processor, the processor configured to;
  
  generate, by the first server, an announcement message including a link specifying a file location and a file name of a user file stored on the first server for a user, wherein the link has a property of the user encoded therein;
  
  propagate, by the first server, the announcement message for delivery to the user;
  
  receive, by the first server from a second server, a request to establish a secure connection between the first server and the second server;
  
  receive, by the first server from the second server, a request for the user file stored on the first server for the user, wherein the request includes the link;
  
  determine, by the first server based on receipt of the request for the user file from the second server, that the user file is protected by a challenge-response authentication process;
  
  propagate, by the first server toward the second server, a challenge comprising a request for a challenge value associated with the user file;
  
  receive, by the first server from the second server, a challenge response including the challenge value associated with the user file, wherein the challenge value associated with the user file comprises the property of the user;
  
  determine, by the first server based on the link, a comparison value associated with the user file, wherein the comparison value associated with the user file comprises the property of the user; and
  
  propagate the user file from the first server toward the second server via the secure connection based on a determination that the challenge value and the comparison value match.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The first server of claim 1, wherein the processor is configured to generate the announcement message based on generation of the user file by the first server, receipt of the user file at the first server, or a determination that availability of the user file is to be announced to the user.
  - 3. The first server of claim 1, wherein the announcement message comprises at least one of an email message to an email account of the user, a message to a mobile device of the user, an instant message, or a quick response (QR) code.
  - 4. The first server of claim 1, wherein the processor is configured to:
    - generate the link specifying the file location and the file name of the user file.
  - 5. The first server of claim 4, wherein, to generate the link specifying the file location and the file name of the user file, the processor is configured to perform at least one of:
    - generate the link to have a length greater than a threshold;
      
      embed pre-determined text within the link;
      
      orencode the property of the user within at least one of a path-name-to-user-file portion of the link or a user-file-name portion of the link.
  - 6. The first server of claim 1, wherein the processor is configured to determine the comparison value by at least one of:
    - retrieving the comparison value from the link;
      
      ordecoding the comparison value from the link based on application of a hash function to at least a portion of the link.
  - 7. The first server of claim 1, wherein the processor is configured to:
    - encrypt the user file based on a code comprising a first code part and a second code part, wherein the announcement message includes the first code part, wherein the second code part comprises a property that is associated with the user and that is known to the first server.

8. A user device, comprising:
- a processor and a memory communicatively connected to the processor, the processor configured to;
  
  receive, by the user device from a first server, an announcement message including a link specifying a file location and a file name of a user file stored on the first server for a user, wherein the link includes a property of the user;
  
  determine, by the user device based on at least one characteristic of the link, whether the link is associated with a file transfer process for triggering transfer of the file from the first server to a second server; and
  
  propagate the link from the user device toward the second server based on a determination that the link is associated with the file transfer process for triggering transfer of the file from the first server to the second server.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The user device of claim 8, wherein the property of the user comprises at least one of a zip code of a billing address of the user, a portion of a Social Security Number (SSN) of the user, a portion of a telephone number of the user, or a pin of the user.
  - 10. The user device of claim 8, wherein the at least one characteristics of the link comprises the property of the user being included as predefined text within the link or the property of the user being encoded within the link.
  - 11. The user device of claim 8, wherein the at least one characteristic of the link comprises at least one of an inclusion of predefined text within the link or an encoding of information within the link.
  - 12. The user device of claim 8, wherein the processor is configured to:
    - propagate, from the user device toward the first server prior to receiving the announcement message from the first server, the property of the user.
  - 13. The user device of claim 8, wherein, to propagate the link toward the second server, the processor is configured to:
    - initiate establishment of a secure connection with the second server; and
      
      propagate the link toward the second server via the secure connection.
  - 14. The user device of claim 8, wherein the processor is configured to:
    - receive, by the user device from the second server, the user file.
  - 15. The user device of claim 8, wherein the user file is encrypted based on a code comprising a first code part and a second code part, wherein the announcement message includes the first code part.
  - 16. The user device of claim 8, wherein the processor is configured to:
    - send, from the user device toward the second server, information to enable the second server to recover the property of the user from the link for use as a challenge response to obtain the user file from the first server.

17. A first server, comprising:
- a processor and a memory communicatively connected to the processor, the processor configured to;
  
  receive, by the first server from a user device of a user, a message including a link specifying a file location and a file name of a user file stored on a second server for the user, wherein the link includes a property of the user;
  
  initiate, by the first server responsive to the message from the user device and based on the link included within the message from the user device, establishment of a secure connection between the first server and the second server;
  
  propagate, from the first server toward the second server based on the link, a request for the user file;
  
  receive, by the first server from the second server, a challenge comprising a request for a challenge value associated with the user file;
  
  propagate, by the first server toward the second server, a challenge response including the challenge value associated with the user file, wherein the challenge value associated with the user file comprises the property of the user;
  
  receive, by the first server from the second server via the secure connection, the user file;
  
  store, by the first server, the user file;
  
  receive, by the first server from the user device of the user or from a second user device of the user, a request to access the user file; and
  
  propagate the user file from the first server toward the user device of the user or toward the second user device of the user.
- View Dependent Claims (18, 19, 20)
- - 18. The first server of claim 17, wherein the processor is configured to:
    - receive, from the user device, a request to establish a secure connection with the user device; and
      
      receive the message including the link via the secure connection with the user device.
  - 19. The first server of claim 17, wherein the processor is configured to determine the challenge value by at least one of:
    - retrieving the property of the user from the link;
      
      ordecoding the property of the user from the link based on application of a hash function to at least a portion of the link.
  - 20. The first server of claim 17, wherein the file name has a property encoded therein, wherein the processor is configured to:
    - determine, by the first server based on the property, whether the second server is authorized to transfer the user file to the first server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Guo, Katherine H., Soljanin, Emina, Woo, Thomas
Primary Examiner(s)
Giddins, Nelson

Application Number

US13/965,809
Publication Number

US 20150052593A1
Time in Patent Office

2,058 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/168   above the transport layer

Secure file transfers within network-based storage

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure file transfers within network-based storage

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links