Access to documents in a document management and collaboration system

US 10,432,603 B2
Filed: 10/30/2017
Issued: 10/01/2019
Est. Priority Date: 09/29/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving a first request to provide a user access to a document managed by a document management and collaboration system; and

providing the user with access to the document by at least;

transmitting a notification to a first user device associated with the user indicating access to the document has been provided;

receiving a second request to access the document;

making out-of-band access credentials available to a second user device in response to the second request based at least in part on a login credential associated with the second request provided to the document management and collaboration system;

obtaining the out-of-band access credentials from the first user device; and

providing access to the document by at least;

obtaining the out-of-band access credentials from the first user device; and

determining a confidence score of the out-of-band access credentials, the confidence score determined based at least in part on a number of independent authentication factors including at least the login credential and one or more attributes of the second user device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for securing access to a document stored by a document management and collaboration system are disclosed. In the method and apparatus, access credentials pertaining to a document are obtained, whereby the access credentials are usable for authenticating a request to access the document. A message including the access credentials is then sent out-of-band in relation to a notification indicating availability of the document for access. The document management and collaboration system then receives a request to access the document, whereby the request includes the access credentials, and authenticates the request based at least in part on the access credentials.

109 Citations

20 Claims

1. A computer-implemented method, comprising:
- receiving a first request to provide a user access to a document managed by a document management and collaboration system; and
  
  providing the user with access to the document by at least;
  
  transmitting a notification to a first user device associated with the user indicating access to the document has been provided;
  
  receiving a second request to access the document;
  
  making out-of-band access credentials available to a second user device in response to the second request based at least in part on a login credential associated with the second request provided to the document management and collaboration system;
  
  obtaining the out-of-band access credentials from the first user device; and
  
  providing access to the document by at least;
  
  obtaining the out-of-band access credentials from the first user device; and
  
  determining a confidence score of the out-of-band access credentials, the confidence score determined based at least in part on a number of independent authentication factors including at least the login credential and one or more attributes of the second user device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1, the first request further includes a level of access privilege to be provided to the user.
  - 3. The computer-implemented method of claim 1, wherein the level of access privilege indicates the user can download the document.
  - 4. The computer-implemented method of claim 1, wherein the level of access privilege indicates the user can view and annotate the document.
  - 5. The computer-implemented method of claim 1, wherein the one or more attributes of the second user device are obtained along with the login credentials.
  - 6. The computer-implemented method of claim 1, wherein making the out-of-band access credentials available to the second user device further comprises transmitting the out-of-band access credentials based at least in part on information associated with the login credentials maintained by the document management and collaboration system.

7. A system, comprising:
- one or more processors; and
  
  memory that stores computer-executable instructions that, if executed, cause the system to;
  
  receive a first request to provide access to a document of a document management and collaboration system;
  
  provide a notification to a first computing device as a result of the first request;
  
  receive an access request from the first computing device;
  
  make access credentials, for accessing the document, available to a second computing device;
  
  receive the access credentials from the first computing device;
  
  obtain information indicating one or more attributes of the second computing device prior to providing the second computing device with the access credentials; and
  
  provide access to the document based at least in part on a plurality of authentication factors including at least the one or more attributes of the second computing device.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The system of claim 7, wherein the access credentials are provided out-of-band in relation to the access request.
  - 9. The system of claim 7, wherein the first request is associated with a first user of the document management and collaboration system and the access request is associated with a second user of the document management and collaboration system.
  - 10. The system of claim 7, wherein the access request includes a uniform resource locator usable to access the document.
  - 11. The system of claim 7, wherein the first request includes an access level associated with the document.
  - 12. The system of claim 11, wherein the memory further includes computer-executable instructions that, if executed, cause the system to:
    - determine a confidence interval based at least in part on a number of authentication factors performed to authenticate the access request; and
      
      modify the access level based at least in part on the confidence interval.
  - 13. The system of claim 7, wherein obtaining the information indicating the one or more attributes of the second computing device further includes obtaining the information from data included in the access credentials.

14. A non-transitory computer-readable storage medium having stored thereon executable instructions that, if executed by one or more processors of a computer system, cause the computer system to at least:
- receive, from a first computing device, a request to access a document of a document management and collaboration system;
  
  in response to the request, make an access token available to a second computing device;
  
  determine a score based at least in part on a plurality of independent authentication factors including at least a set of access tokens and one or more attributes obtained from the second computing device; and
  
  provide access to the document, as a result of the score satisfying a set of conditions, and by obtaining, from the first computing device, the access token.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The non-transitory computer-readable storage medium of claim 14, wherein the instructions that cause the computer system to make the access token available to the second computing device further include instructions that, if executed by the one or more processors, cause the computer system to transmit a short message service (SMS) message to the second computing device.
  - 16. The non-transitory computer-readable storage medium of claim 14, wherein the instructions that cause the computer system to make the access token available to the second computing device further include instructions that, if executed by the one or more processors, cause the computer system to provide a voice message specifying the access credentials to the second computing device.
  - 17. The non-transitory computer-readable storage medium of claim 14, wherein the instructions that cause the computer system to make the access token available to the second computing device further include instructions that, if executed by the one or more processors, cause the computer system to initiate a video conference with the second device and a user associated with the document.
  - 18. The non-transitory computer-readable storage medium of claim 14, wherein the instructions further comprise instructions that, if executed by the one or more processors, cause the computer system to receive a second request from a user associated with the document to make the document available to a second user associated with the first computing device.
  - 19. The non-transitory computer-readable storage medium of claim 18, wherein the instructions that cause the computer system to make the access token available to the second computing device further include instructions that, if executed by the one or more processors, cause the computer system to determine the second computing device to provide the access token based at least in part on the second user registering the second computing device as an authentication device with the document management and collaboration system.
  - 20. The non-transitory computer-readable storage medium of claim 14, wherein the instructions that cause the computer system to provide access to the document further include instructions that, if executed by the one or more processors, cause the computer system to obtain authentication credentials associated with the first computing device in addition to the access token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Miller, Jonathan Matthew
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Wyszynski, Aubrey H

Application Number

US15/798,100
Publication Number

US 20180063115A1
Time in Patent Office

701 Days
Field of Search

726 7
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/08   for authentication of entit...

H04L 63/18   using different networks or...

Access to documents in a document management and collaboration system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

109 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Access to documents in a document management and collaboration system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

109 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others