Security systems and methods for social networking

US 10,331,908 B2
Filed: 04/30/2018
Issued: 06/25/2019
Est. Priority Date: 11/14/2011
Status: Active Grant

First Claim

Patent Images

1. A method of encoding electronic data published by a user node, the method comprising:

executing, by one or more processors, a program to cause the one or more processors to perform operations comprising;

detecting, via a listener, when an executing browser is about to draw a third party webpage at the publishing user node;

in response to detecting that the third party webpage is about to be drawn, parsing the third party webpage for input at a form input field by;

parsing contents of the third party webpage to detect one or more form input fields;

in response to detecting input at a detected from input field in the third party webpage, assigning a policy ID associated with the detected form input field;

receiving a unique identifier assigned to the detected form input field and an encoding key for encoding the input of the detected form input field; and

in response to receiving the unique identifier and the encoding key for encoding the input at the detected form input field, encoding the input by replacing the input with encoded content.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods may be provided for masking data on public networks, such as social networking sites. At a publishing node, the system may monitor data input fields in a webpage that are processed by an internet browser. The system may intercept data, such as text, images, and video input at the data input fields, prior to the data being posted online on a public service provider'"'"'s website. The publishing node may control which users are permitted access to the posted data by defining a policy associated with the data input field. The posted data may be transformed or tokenized to ensure that it is inaccessible to a user (or group of users) unless that user/group is granted access to the decoding key under the policy. In this way, data security and data control may be provided to a publishing user node. Data that has already been posted may be destroyed, for example, by deleting the decryption key or a token.

6 Citations

22 Claims

1. A method of encoding electronic data published by a user node, the method comprising:
- executing, by one or more processors, a program to cause the one or more processors to perform operations comprising;
  
  detecting, via a listener, when an executing browser is about to draw a third party webpage at the publishing user node;
  
  in response to detecting that the third party webpage is about to be drawn, parsing the third party webpage for input at a form input field by;
  
  parsing contents of the third party webpage to detect one or more form input fields;
  
  in response to detecting input at a detected from input field in the third party webpage, assigning a policy ID associated with the detected form input field;
  
  receiving a unique identifier assigned to the detected form input field and an encoding key for encoding the input of the detected form input field; and
  
  in response to receiving the unique identifier and the encoding key for encoding the input at the detected form input field, encoding the input by replacing the input with encoded content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method of encoding electronic data as in claim 1 wherein assigning the policy ID further includes assigning a policy associated with the form input field.
  - 3. The method of encoding electronic data as in claim 2 wherein the response to detecting input at the form input field includes transmitting the policy ID to a policy node, the policy node responding by:
    - generating the unique identifier assigned to the form input field;
      
      generating the encoding key for encoding the input at the form input field; and
      
      transmitting, to the publishing user'"'"'s node, the unique identifier assigned to the form input field and the encoding key for encoding the form input field.
  - 4. The method of encoding electronic data as in claim 2 further including responding to the change event associated with the form input field losing focus by determining the policy associated with the form input field.
  - 5. The method of encoding electronic data as in claim 2 wherein the policy is a set of terms to be satisfied by a viewing user node attempting to access the page in order to receive access to a decoded version of the encoded content.
  - 6. The method of encoding electronic data as in claim 5 wherein if the viewing user node accesses the third party webpage and the terms of the policy are not satisfied by the viewing user node, replacing the encoded content with substitution content at the viewing user node.
  - 7. The method of encoding electronic data as in claim 5 wherein if the terms of the policy specify that the viewing user node is permitted access, replacing the encoded content with cleartext.
  - 8. The method of encoding electronic data as in claim 5 wherein the terms of the policy include one or more of the following that need to be satisfied by the viewing user node:
    - defining a group of users that are granted access to the cleartext, where if the viewing user node is a member of the access group, the viewing user node is granted access to the cleartext;
      
      or defining a group of users which are denied access to the cleartext, where if the viewing user node is a member of the access denied group, the viewing user node is denied access to the cleartext.
  - 9. The method of encoding electronic data as in claim 5 wherein the terms of the policy specify an expiration date for providing access to the cleartext.
  - 10. The method of encoding electronic data as in claim 5 wherein the terms of the policy specify a geographic location associated with the operating location of a viewing user node in which access to the cleartext is granted or denied.
  - 11. The method of encoding electronic data as in claim 5 wherein the terms of the policy specify a minimum age or a maximum age of a user associated with the viewing user node to enable access to the cleartext.
  - 12. The method of encoding electronic data as in claim 5 wherein the terms of the policy require the viewing user node to be verified as trustworthy by a machine health monitoring system to enable access to the cleartext.
  - 13. The method of encoding electronic data as in claim 5 wherein the terms of the policy require the viewing user node to provide a passphrase to enable access to the cleartext.
  - 14. The method of encoding electronic data as in claim 5 wherein the terms of the policy require the viewing user node to meet a specified level of cryptographic capability in order to protect access and use of a decoding key for decoding the encoded content.
  - 15. The method of encoding electronic data as in claim 2 wherein the publishing user node selects, from a plurality of potential policies, which policy is associated with the form input field by selecting a style for the form input field.
  - 16. The method of encoding electronic data as in claim 2 further includes:
    - in response to detecting image or video content at the form input field uploaded from the publishing user node, assigning a policy associated with the detected content;
      
      obtaining a unique identifier assigned to the detected content and a key for encoding the detected content;
      
      in response to obtaining the unique identifier and the key for encoding the detected content, encoding the detected content by replacing the detected content with the encoded content.
  - 17. The method of encoding electronic data as in claim 2 wherein the policy associated with the form input field allows the publishing user node to define an encoding process associated with encoding the input at the form input field.
  - 18. The method of encoding electronic data as in claim 1 wherein the form input field is identified by:
    - processing a Document Object Model (DOM) associated with the third party webpage to identify the form input field; and
      
      responding to the identification of the form input field by attaching a change or blur event handler to the form input field.
  - 19. The method of encoding electronic data as in claim 18 wherein the input is detected at the form input field by the event handler such that the event handler detects a change in a value associated with the form input field and the identified form input field loses focus.
  - 20. The method of encoding electronic data as in claim 1 wherein the publishing user node customizes the substitution content.
  - 21. The method of encoding electronic data as in claim 1 wherein the third party webpage is a webpage hosted by a social networking provider and the input is a comment provided by the publishing user node at the social networking webpage.
  - 22. The method of encoding electronic data as in claim 1 wherein the publishing user node selects a style for the form input field, the selected style defining a background color, where the defined background color specifies which one of the plurality of potential polices is associated with the form input field.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ESW Holdings, Inc. (ESW Capital, LLC)
Original Assignee
ESW Holdings, Inc. (ESW Capital, LLC)
Inventors
Sprague, Steven, Sprague, Michael
Primary Examiner(s)
Zhao, Don G

Application Number

US15/967,164
Publication Number

US 20180247080A1
Time in Patent Office

421 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6263   during internet communicati...

H04L 63/105   Multiple levels of security

Y04S 40/20   Information technology spec...

Security systems and methods for social networking

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security systems and methods for social networking

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links