Resource distribution in network environment
First Claim
1. A method comprising the steps of:
- (a) generating hash data based on at least one of a universal resource locator (URL) of a resource, resource access right data defining restriction(s) on a web access device (WAD) and/or user thereof to access the resource, and an internet protocol (IP) address of the WAD; and
(b) combining the hash data, URL, and resource access right data in a web page.
2 Assignments
0 Petitions
Accused Products
Abstract
A resource provider subsystem (“RPS”) secures and combines resource access right data with a universal resource locator (URL) as a secure URL in a web page document. The RPS transmits the web page document with the secure URL including resource access right data, to a web access device (“WAD”) via a network. The WAD executes a browser application to display the secure URL of the web page document. A user of the WAD can activate the secure URL to generate a signal. The signal includes the secure URL and is transmitted from the WAD to the resource distribution subsystem (“RDS”). The RDS receives the signal, authenticates the request, and verifies that the resource access right data has not been changed after it was established by the RPS. If the request is authenticated and verified, the RDS uses the resource access right data to determine the rights the WAD and/or user thereof has with respect to the resource. If authorized, the RDS provides access to the resource to the WAD. The resource can include data, text, image(s), applet(s), and/or a downloadable program module. Alternatively, the resource can be a server application optionally programmed to permit the user of the web access device to interact therewith. Through use of the secure URL, the RPS can control access to the resource even though it is hosted at distributed sites of a network.
-
Citations
60 Claims
-
1. A method comprising the steps of:
-
(a) generating hash data based on at least one of a universal resource locator (URL) of a resource, resource access right data defining restriction(s) on a web access device (WAD) and/or user thereof to access the resource, and an internet protocol (IP) address of the WAD; and
(b) combining the hash data, URL, and resource access right data in a web page. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising the steps of:
-
at a resource provider subsystem (RPS), (a) receiving a request for a web page from a web access device via a network, the request including a network address of the web access device;
(b) determining resource access right data for the web access device and/or a user thereof, the resource access right data defining restriction(s) for the web access device and/or user thereof to access a resource;
(c) securing a universal resource locator (URL) for a resource by generating hash data based on at least one of the URL, a network address of the web access device, and/or resource access right data, and combining the URL, resource access right data, and hash data together in the web page; and
(d) transmitting the web page having the secure URL to the web access device via the network in response to the request received in step (a) from the web access device. - View Dependent Claims (7, 8)
-
-
9. A method comprising the steps of:
-
(a) receiving a signal requesting a web page document from a web access device (WAD), the signal including an Internet protocol (IP) address of the WAD;
(b) retrieving data for the web page document including a universal resource locator (URL) of a document referenced in the web page document;
(c) retrieving resource access right data for the URL using the IP address of the web access device and/or user name and password established through a log-in procedure;
(d) generating hash and/or encrypted data to generate secure resource access right data;
(e) combining the resource access right data with the respective URL to generate a secure URL; and
(f) generating the web page document including the secure URL; and
(g) transmitting the secure URL to the WAD.
-
-
10. A method comprising the step of:
-
at a web access device (WAD), (a) transmitting a signal requesting a web page document to a resource provider subsystem (RPS); and
(b) receiving the web page document having a secure universal resource locator (URL) with hash data, URL, and resource access right data, in response to the request. - View Dependent Claims (11, 13, 14, 15, 16, 18, 19, 20)
-
-
12. A method comprising the steps of:
-
(a) at a web access device (WAD), generating and transmitting a request for a web page document to a resource provider subsystem (RPS);
(b) receiving the requested web page document having a secure universal resource locator (URL) with secured resource access right data from the resource provider subsystem (RPS);
(c) executing a browser application and web page document with the WAD to generate and transmit a signal to request a resource distribution subsystem (RDS) to provide access to a resource identified by the secure URL, the request signal including the URL and secure resource access right data; and
(d) if access to the resource is permitted by the RDS, accessing the resource with the WAD.
-
-
17. A method comprising the steps of:
-
at a resource distribution subsystem (RDS), (a) receiving a signal requesting access to a resource from a web access device (WAD), the signal including at least a universal resource locator (URL), resource access right data, and hash data;
(b) verifying that the resource access right data as set by a resource provider subsystem (RPS) has not been changed, using the hash data;
(c) if the verifying establishes that the resource access right data has not been changed, determining whether access to the resource is permitted to the WAD and/or user thereof based on the resource access right data; and
(d) if the resource access right data indicates that the WAD and/or user thereof is authorized to access the resource, permitting access to the resource to the WAD and/or user thereof.
-
-
21. A method comprising the steps of:
-
(a) receiving a signal requesting access to a resource, the signal having a secure universal resource locator (URL) with secured resource access right data;
(b) extracting an Internet protocol (IP) address from the secured resource access right data;
(c) comparing the extracted IP address with the IP address included in a hypertext transport protocol (HTTP) message of the request signal; and
(d) authenticating that the IP address of the secured resource access right data corresponds to the IP address of a device requesting access to the resource, based on the comparing of step (c). - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method comprising the steps of:
-
(a) receiving a signal requesting access to a resource, the request signal including a universal resource locator (URL), secured resource access right data, and an Internet protocol (IP) address of a device requesting access to the resource, and hash data;
(b) verifying whether key data is valid based on data corresponding to the key data in a secure content key database;
(c) if the key data is verified as valid in step (b), generating hash data based on at least the IP address, URL, and the key data; and
(d) verifying that the hash data generated in the step (c) matches the hash data included in the request signal received in the step (a). - View Dependent Claims (33, 34, 35, 36, 37, 38, 40, 41, 42, 43, 44, 45, 46, 48, 49, 50)
-
-
39. A method comprising the steps of:
-
(a) receiving via the Internet a request signal including a universal resource locator (URL) indicating a location of a resource, secured resource access right data indicating rights of a device to access the resource, and an Internet protocol (IP) address of the device;
(b) determining whether access to the resource is to be provided to the device identified by the IP address, based on secured resource access right data included in the request signal; and
(c) providing access to the resource to a device identified by the IP address if the determining of the step (c) indicates that access to the resource is to be provided.
-
-
47. A system using the Internet, the system comprising:
-
at least one web access device (WAD) executing a browser application, the WAD generating a signal requesting a web page document having a secure universal resource locator (URL), receiving the web page document having the secure URL, displaying the web page document having the secure URL, and generating a signal requesting a resource indicated by the secure URL of the web page document;
a resource provider subsystem (RPS) coupled to receive via the Internet the signal requesting the web page document from the WAD, the RPS generating the secure URL to include resource access right data defining restriction(s) of the WAD and/or user thereof to access the resource indicated by the URL, the RPS transmitting the web page document with the secure URL to the WAD; and
at least one resource distribution subsystem (RDS) coupled to receive via the Internet the signal from the WAD requesting access to the resource, the RDS determining whether the resource access right data has been changed from establishment by the RPS, and, if the RDS determines that the resource access right data has not been changed, the RDS determining whether the WAD and/or user thereof is authorized to access the resource using the resource access right data, the RDS permitting access to the resource if the WAD and/or user thereof is authorized to access the resource.
-
- 51. A server storing a secure universal resource locator (URL) generator module executable by the server to generate a URL having secure resource access right data defining restriction(s) on a web access device (WAD) and/or user thereof to access a resource indicated by the secure URL, the resource access right data secured by the server so that modification of the resource access right data can be detected.
-
57. A server of a resource distribution subsystem (RDS) storing an access right enforcer module executable by the server, the server executing the access right enforcer module in response to a signal from a web access device (WAD) requesting access to a resource, the request signal having a universal resource locator (URL) with secure resource access right data, the server executing the access right enforcer module using resource access right data to determine whether the resource access right data has been modified after its establishment by a resource provider subsystem (RPS), the server preventing access to the resource if the resource access right data has been modified after its establishment, the server further executing a secure caching module if the resource access right data has not been modified to provide access to the resource if the WAD is determined by the server to have the right to access the resource based on the resource access right data, and the server blocking access to the resource if the WAD is determined not to have the right to access the resource.
Specification