Dynamic control of authorization to access internet services

US 20030046550A1
Filed: 09/05/2001
Published: 03/06/2003
Est. Priority Date: 09/05/2001
Status: Active Grant

First Claim

Patent Images

1. A method of managing authorization to access a service, comprising the steps of:

creating a listener object associated with a session object, wherein the session object includes a condition of authorization;

receiving, by the listener object, information sent by a broadcast object; and

analyzing the information, by the listener object, to determine whether the condition of authorization is satisfied.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing authorization to access Internet services. A session object is created when a user logs onto a web site. The session object includes authorization-privilege information for N services. The user selects the service desired from the web site, at which point the server checks the session object. If the session object does not include authorization to access the selected service, the server consults a directory service. If the user is authorized according to the directory service, authorization-to-access information is incorporated into the session object. When authorization is conditional, a listener object is created within the session object. The listener object registers with a broadcast object and receives information germane to conditions of authorization. The listener object analyzes the information according to conditions of authorization, and terminates access to the selected service when conditions of authorization are not satisfied.

50 Citations

View as Search Results

14 Claims

1. A method of managing authorization to access a service, comprising the steps of:
- creating a listener object associated with a session object, wherein the session object includes a condition of authorization;
  
  receiving, by the listener object, information sent by a broadcast object; and
  
  analyzing the information, by the listener object, to determine whether the condition of authorization is satisfied.

2. A method of managing authorization to access a service, comprising the steps of:
- creating a listener object associated with a session object, wherein the session object includes a condition of authorization for a selected service;
  
  registering the listener object with a broadcast object;
  
  receiving, by the listener object, information sent by the broadcast object;
  
  analyzing the information, by the listener object, to determine whether the condition of authorization is satisfied; and
  
  terminating access to the selected service when the condition of authorization is not satisfied.
- View Dependent Claims (3, 4, 5, 6)
- - 3. The method of claim 2, wherein the condition of authorization includes a time of day.
  - 4. The method of claim 2, wherein the condition of authorization includes a day of the week.
  - 5. The method of claim 2, wherein the condition of authorization includes an indicator of server loading.
  - 6. The method of claim 2, wherein the condition of authorization includes content of a debit account.

7. A method for managing a session object, comprising the steps of:
- accepting a request from a user to establish a session with a server;
  
  creating a session object that includes authorization to access N services provided by the server and previously accessed by the user, wherein N is a positive integer;
  
  receiving an instruction from the user to access a selected service;
  
  determining whether the session object includes authorization to access the selected service;
  
  when the session object does not include authorization to access the selected service, consulting a directory service to determine whether the user has authorization to access the selected service; and
  
  incorporating authorization to access the selected service into the session object when the directory service provides authorization to access the selected service.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein the authorization to access is conditional.
  - 9. The method of claim 8, further including the step of incorporating conditions of authorization into the session object.
  - 10. The method of claim 7, wherein the N services are N services accessed most recently by the user.
  - 11. The method of claim 7, wherein the N services are N services accessed most frequently by the user.

12. Programmable media containing programmable software for managing authorization to access a service, programmable software comprising the steps of:
- creating a listener object associated with a session object, wherein the session object includes a condition of authorization;
  
  receiving, by the listener object, information sent by a broadcast object; and
  
  analyzing the information, by the listener object, to determine whether the condition of authorization is satisfied.

13. Programmable media containing programmable software for managing authorization to access a service, programmable software comprising the steps of:
- creating a listener object associated with a session object, wherein the session object includes a condition of authorization for a selected service;
  
  registering the listener object with a broadcast object;
  
  receiving, by the listener object, information sent by the broadcast object;
  
  analyzing the information, by the listener object, to determine whether the condition of authorization is satisfied; and
  
  terminating access to the selected service when the condition of authorization is not satisfied.

14. Programmable media containing programmable software for managing a session object, programmable software comprising the steps of:
- accepting a request from a user to establish a session with a server;
  
  creating a session object that includes authorization to access N services provided by the server and previously accessed by the user, wherein N is a positive integer;
  
  receiving an instruction from the user to access a selected service;
  
  determining whether the session object includes authorization to access the selected service;
  
  when the session object does not include authorization to access the selected service, consulting a directory service to determine whether the user has authorization to access the selected service; and
  
  incorporating authorization to access the selected service into the session object when the directory service provides authorization to access the selected service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Trevathan, Matthew Bunkley, Schorr, Judd Adam, Yochem, Daniel Joseph, Yochem, Angela Jo, Carroll, Patrick Colum

Granted Patent

US 7,370,365 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

H04L 63/102 Entity profiles

Dynamic control of authorization to access internet services

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

50 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic control of authorization to access internet services

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links