Data access in a distributed environment

US 20030163566A1
Filed: 02/27/2002
Published: 08/28/2003
Est. Priority Date: 02/27/2002
Status: Active Grant

First Claim

Patent Images

1. A method for providing a first network resource access to a second network resource, comprising:

receiving profile data;

generating temporary credentials for accessing the second network resource using the profile data; and

providing the first network resource with the temporary credentials.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing a first network resource limited access to a second network resource. A method embodying the invention includes receiving profile data. Using the profile data, temporary credentials are then generated for accessing the second network resource. The temporary credentials are then made available to the first network resource. In a preferred embodiment, the temporary credentials are invalidated following a termination event such as the lapse of a set time period or after the second resource has been accessed.

41 Citations

View as Search Results

59 Claims

1. A method for providing a first network resource access to a second network resource, comprising:
- receiving profile data;
  
  generating temporary credentials for accessing the second network resource using the profile data; and
  
  providing the first network resource with the temporary credentials.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising the act of invalidating the temporary credentials following a termination event.
  - 3. The method of claim 2, wherein the termination event involves the lapse of a set time period.
  - 4. The method of claim 2, wherein the termination event involves the first server accessing the second server.
  - 5. The method of claim 1, wherein the act of generating temporary credentials includes generating temporary credentials that provide limited access to the second server.

6. A method for accessing a data service, comprising:
- instructing a client to provide profile data to an identification service, the identification service having access to one or more profiles used to access one or more data services, the profile data identifying a particular profile;
  
  receiving the profile data;
  
  generating temporary credentials for accessing the data service identified by the particular profile; and
  
  accessing the data service using the temporary credentials.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method of claim 6, wherein the act of instructing the client includes providing a user interface that includes instruction to send profile data to the identification service, and sending the interface to the client.
  - 8. The method of claim 6, wherein the act of instructing the client comprises redirecting the client to the identification service.
  - 9. The method of claim 6, further comprising the act of invalidating the temporary credentials following a termination event.
  - 10. The method of claim 6, wherein the act of generating temporary credentials comprises generating temporary credentials that provide limited access to the data service.
  - 11. The method of claim 6, wherein the act of generating an interface includes generating a framed web page having a first frame and a second frame, the method further comprising providing, for the first frame, content for directing an application, and providing, for the second frame, content for selecting one or more electronic files managed by the data service identified by the specified profile.
  - 12. The method of claim 11, wherein the act of sending the profile data includes sending a cookie identifying the particular profile upon opening the framed web page.
  - 13. The method of claim 11, wherein the act of generating an interface includes generating an interface that includes instructions to request a web bug from the identification service, and wherein the act of sending the profile data includes requesting the web bug, the request including a cookie identifying the particular profile.

14. A method for accessing a data service, comprising:
- receiving, from a client, a request to direct an application;
  
  instructing the client device to provide profile data to an identification service, the identification service having access to one or more profiles for identifying accessing one or more data services, the profile data identifying a particular profile;
  
  receiving the profile data generating temporary credentials for accessing the data service identified by the particular profile; and
  
  accessing the data service using the temporary credentials.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, wherein the act of instructing the client includes generating a user interface that includes instruction to send profile data to the identification service, and sending the interface to the client.
  - 16. The method of claim 14, wherein the act of instructing the client comprises redirecting the client to the identification service.
  - 17. The method of claim 14, further comprising the act of invalidating the temporary credentials following a termination event.
  - 18. The method of claim 14, wherein the act of generating temporary credentials comprises generating temporary credentials that provide limited access to the data service.
  - 19. The method of claim 14, wherein the act of generating an interface includes generating a framed web page having a first frame and a second frame, the method further comprising providing, for the first frame, content for directing an application, and providing, for the second frame, content for selecting one or more electronic files managed by the data service identified by the particular profile.
  - 20. The method of claim 19, wherein the act of generating the framed web page includes generating a framed web page that includes instructions to request a web bug from the identification service, and wherein the act of sending the profile data includes requesting the web bug upon opening the framed web page, the request including a cookie identifying the specified profile.

21. A computer readable medium having instructions for:
- receiving profile data;
  
  using the profile data to generate temporary credentials for accessing a first server; and
  
  providing a second server with the temporary credentials.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The medium of claim 21, further having instructions for invalidating the temporary credentials following a termination event.
  - 23. The medium of claim 22, wherein the termination event involves the lapse of a set period of time.
  - 24. The medium of claim 22, wherein the termination event involves the first server accessing the second server.
  - 25. The medium of claim 21, wherein the instructions for generating temporary credentials include instructions for generating temporary credentials that provide limited access to the second server.

26. A computer readable medium having instructions for:
- instructing a client to provide profile data to an identification service, the identification service having access to one or more profiles used to access one or more data services, the profile data identifying a particular profile;
  
  receiving the profile data;
  
  generating temporary credentials for accessing the data service identified by the particular profile; and
  
  accessing the data service with the temporary credentials.

30. The medium of claim 30, wherein the instructions for generating an interface include instructions for generating a framed web page having a first frame and a second frame, the medium comprising further instructions for providing, for the first frame, content for directing an application, and providing, for the second frame, content for selecting one or more electronic files managed by the accessed data service.
- View Dependent Claims (27, 28, 29, 31)
- - 27. The medium of claim 30, wherein the instructions for instructing the client include instructions for generating a user interface that includes instruction to send profile data to the identification service, and sending the interface to the client.
  - 28. The medium of claim 30, wherein the instructions for instructing the client comprise instructions for redirecting the client to the identification service.
  - 29. The medium of claim 30, wherein the instructions for generating temporary credentials comprise instructions for generating temporary credentials that provide limited access to the data service.
  - 31. The medium of claim 30, wherein the instructions for generating the framed web page include instructions for generating a framed web page that includes instructions to request a web bug from the identification service, the request to include a cookie identifying the particular profile.

32. A computer readable medium having instructions for:
- generating an interface having user accessible controls for creating a profile for accessing a data service;
  
  creating a profile according to selections made through the interface;
  
  providing a client device with profile data identifying a created profile;
  
  upon receiving profile data, retrieving a profile identified by the profile data received;
  
  generating temporary credentials for accessing the data service identified by the retrieved profile; and
  
  providing an application server with the temporary credentials.

36. The medium of claim 36, wherein the instructions for generating temporary credentials comprise instructions for generating temporary credentials that provide limited access to the data service.
- View Dependent Claims (33, 34, 35, 37)
- - 33. The medium of claim 36, further comprising instructions for invalidating the temporary credentials following a termination event.
  - 34. The medium of claim 37, wherein the termination event involves the lapse of a set time period.
  - 35. The medium of claim 37, wherein the termination event involves accessing the data service.
  - 37. The medium of claim 36, wherein the instructions for providing a client device with profile data comprise instructions for generating a cookie containing data identifying the created profile and instructing a web browser operating on the client device to save the cookie.

38. A computer readable medium having instructions for:
- generating a profile interface having user accessible controls for creating a profile for locating and accessing a data service;
  
  creating a profile according to selections made through the profile interface;
  
  providing a client device with profile data identifying a created profile;
  
  receiving a request to access an application;
  
  instructing a client to send profile data;
  
  receiving the profile data;
  
  retrieving a profile identified by the profile data;
  
  generating temporary credentials for accessing a data service identified by the retrieved profile; and
  
  accessing the data service with the temporary credentials.
- View Dependent Claims (39, 40, 41, 42, 43)
- - 39. The medium of claim 38, wherein the instructions for instructing the client include instructions for generating a user interface that includes instruction to send profile data to the identification service, and sending the interface to the client.
  - 40. The medium of claim 38, wherein the instructions for instructing the client comprise instructions for redirecting the client to the identification service.
  - 41. The medium of claim 38, wherein the instructions for generating temporary credentials comprise instructions for generating temporary credentials that provide limited access to the data service.
  - 42. The medium of claim 38, wherein the instructions for generating an interface include instructions for generating a framed web page having a first frame and a second frame, the medium having further instructions for providing, for the first frame, content for directing the application, and providing, for the second frame, content for selecting one or more electronic files managed by the accessed data service.
  - 43. The medium of claim 38, wherein the instructions for providing a client device with profile data comprise instructions for providing the client device with a cookie, and wherein the instructions for generating the framed web page include instructions for generating a framed web page that includes instructions to request a web bug from the identification service, the request to include the cookie.

44. A system for providing a first server with access to a second server, comprising:
- an identification service in communication with a credential module, the credential module operable to use a profile acquired by the identification service to generate temporary credentials for accessing the second server, the identification service being operable to receive profile data, to acquire a profile identified by the profile data, and to provide the first server with the temporary credentials generated by the credential module.
- View Dependent Claims (45, 46, 47, 48)
- - 45. The system of claim 44, wherein the credential module is further operable to invalidate the temporary credentials following a termination event.
  - 46. The system of claim 45, wherein the termination event involves the lapse of a set time period.
  - 47. The system of claim 45, wherein the termination event involves the first server accessing the second server.
  - 48. The system of claim 44, wherein the credential module is further operable to generate temporary credentials that provide limited access to the second server.

49. A system for accessing a data service comprising:
- an identification service operable to receive profile data identifying a particular profile and to provide that profile, the profile to contain electronic data used to identify the data service;
  
  a credential module operable to obtain the profile from the identification service, generate temporary credentials, and map those credentials to the data service identified by the profile; and
  
  an application server operable to serve an interface containing instructions to send profile data to the identification service, to obtain the temporary credentials, and to access the data service with the temporary credentials.
- View Dependent Claims (50, 51, 52, 53)
- - 50. The system of claim 49, wherein the credential module is further operable to invalidate the temporary credentials following a termination event.
  - 51. The system of claim 49, further comprising:
    - an application content provider in communication with the application server and operable to generate content for directing an application; and
      
      a data content provider in communication with the application server and operable to generate content for selecting electronic files managed by the accessed data service.
  - 52. The system of claim 51, wherein the application server is operable to create the interface in the form of a framed web page having a first frame for displaying the content generated by the application content provider and a second frame for displaying the content generated by the data content provider, the framed web page also including instructions to request a web bug from the identification service, the request to include the profile data.
  - 53. The system of claim 51, further comprising a web browser operable to request and display the interface in the form of the framed web page and to request the web bug providing the profile data to the identification service.

54. A system for accessing a data service comprising:
- an identification service operable to generate a profile interface having user accessible controls for creating a profile containing electronic data used to identify the data service, to create a profile using selections made through the profile interface, to issue instructions to store profile data used to access the created profile, to receive profile data identifying a particular profile, and to provide that profile;
  
  a credential module operable to obtain the profile from the identification service, generate temporary credentials, and map those credentials to the data service identified by the profile; and
  
  an application server operable to serve an application interface that includes instructions to send profile data to the identification service, to obtain the temporary credentials, and to access the data service using the temporary credentials.
- View Dependent Claims (55, 56, 57, 58)
- - 55. The system of claim 54, wherein the credential module is further operable to invalidate the temporary credentials following a termination event.
  - 56. The system of claim 54, further comprising:
    - an application content provider in communication with the application server and operable to generate application content for directing an application; and
      
      a data content provider in communication with the application server and operable to generate data content for selecting electronic files managed by the accessed data service.
  - 57. The system of claim 56, wherein the application server is operable to create the application interface in the form of a framed web page having a first frame for displaying the content generated by the application content provider and a second frame for displaying the content generated by the data content provider, the framed web page also including instructions to request a web bug from the identification service, the request to include the profile data.
  - 58. The system of claim 54, further comprising a browser operable to request and display the profile and application interfaces.

59. A system for accessing data, comprising:
- a means for generating a profile interface having user accessible controls for creating a profile containing electronic data used to identify a particular data service;
  
  a means for creating a profile using selections made through the profile interface;
  
  a means for issuing instructions to store profile data used to access the created profile;
  
  a means for receiving profile data identifying a particular profile;
  
  a means for providing the particular profile;
  
  a means for generating temporary credentials;
  
  a means for mapping the temporary credentials to the data service identified by the provided profile;
  
  a means for serving an application interface that includes instructions to send profile data to the identification service;
  
  a means for accessing the data service using the temporary credentials; and
  
  a means for invalidating the temporary credentials.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Sandfort, Patrick O?apos;Neil, Simpson, Shell Sterling, Perkins, Gregory Eugene

Granted Patent

US 7,149,806 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 2221/2137   Time limited access, e.g. t...

H04L 63/102   Entity profiles

Data access in a distributed environment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

59 Claims

Specification

Solutions

Use Cases

Quick Links

Data access in a distributed environment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

59 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links