Dynamic binding of access and usage rights to computer-based resources

US 20070239998A1
Filed: 04/11/2007
Published: 10/11/2007
Est. Priority Date: 04/11/2006
Status: Abandoned Application

First Claim

Patent Images

1. A computer program product, tangibly embodied in a computer-readable media, the computer program product comprising instructions to cause data processing apparatus to perform operations comprising:

receiving data characterizing a request for content, the content being secured with a first security against access by a user;

determining whether first security credentials authenticate the user; and

replacing the first security of the content with a second security if the user is authenticated by the first security credentials and authorized to use the content, the replacing comprising removing the first security in accordance with second security credentials and the replacing to enable the user to perform actions to the content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus, including computer program products, related to dynamic binding of access and usage rights to a computer-based resource. In general, data characterizing a request for content is received, a determination as to whether first security credentials authenticate a user is made, and, if so and the user is authorized to access or use the content, security is of the content is replaced. Replacing security may involve removing the security from the content in accordance with second security credentials. The removal of security may enable the user to perform actions to the content. The removal of security may be followed with an addition of security of a second type such that content is moved from a first trusted environment to a second trusted environment.

Citations

20 Claims

1. A computer program product, tangibly embodied in a computer-readable media, the computer program product comprising instructions to cause data processing apparatus to perform operations comprising:
- receiving data characterizing a request for content, the content being secured with a first security against access by a user;
  
  determining whether first security credentials authenticate the user; and
  
  replacing the first security of the content with a second security if the user is authenticated by the first security credentials and authorized to use the content, the replacing comprising removing the first security in accordance with second security credentials and the replacing to enable the user to perform actions to the content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer program product of claim 1, wherein the receiving data is performed by a server application receiving the data from a client application performing the request, and the server application performs the replacing the first security to move the content from a first trusted environment to a second trusted environment, the second trusted environment comprising a secure session between the server and client applications.
  - 3. The computer program product of claim 1, wherein the actions comprise one or more types of actions authorized to be performed at a client of the user.
  - 4. The computer program product of claim 1, wherein the content is secured against access in accordance with a decryption scheme, the removing security comprises decrypting the content with the second security credentials not being available to the user, and the operations further comprise initiating transmission of the content to the user in accordance with a secure server session.
  - 5. The computer program product of claim 1, further comprising determining whether the user is associated with rights to perform the access, and wherein the replacing the first security comprises replacing the first security if the user has the rights to perform the access.
  - 6. The computer program product of claim 5, wherein the user is authorized to access or use the content at a first time but is not authorized to access or use the content at a second time later than the first time or earlier than the first time based on a modification of a policy of the user.
  - 7. The computer program product of claim 1, wherein the content is medical health information.
  - 8. The computer program product of claim 7, wherein the content is a component of an electronic medical record comprising a plurality of components, the user being authorized for the content but not being authorized for at least one other of the components.
  - 9. The computer program product of claim 1, wherein the actions comprise at least one or more of causing the content to be viewed, printed, copied, modified, or exported.
  - 10. The computer program product of claim 1, wherein the user is authorized for at least one type of action but not other types of actions.
  - 11. The computer program product of claim 1, wherein the user is authorized for a set of actions different from actions authorized for another user.

12. A computer-implemented method comprising:
- receiving data characterizing a request for content, the content being secured with a first security against access by a user;
  
  determining whether first security credentials authenticate the user; and
  
  replacing the first security of the content with a second security if the user is authenticated by the first security credentials and authorized to use the content, the replacing comprising removing security from the content in accordance with second security credentials and the replacing to enable the user to perform actions to the content.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12, wherein the receiving data is performed by a server application receiving the data from a client application performing the request, and the server application performs the replacing the first security to move the content from a first trusted environment to a second trusted environment, the second trusted environment comprising a secure session between the server and client applications.
  - 14. The method of claim 12, wherein the content is secured against access in accordance with a decryption scheme, the removing security comprises decrypting the content with the second security credentials not being available to the user, and the method further comprises initiating transmission of the content to the user in accordance with a secure server session.
  - 15. The method of claim 12, wherein the user is authorized to access or use the content at a first time but is not authorized to access or use the content at a second time later than or earlier than the first time based on a modification of a policy of the user.
  - 16. The method of claim 12, wherein the content is medical health information.
  - 17. The method of claim 16, wherein the content is a component of an electronic medical record comprising a plurality of components, the user being authorized for the content but not being authorized for at least one other of the components.

18. A computer program product, tangibly embodied in a computer-readable media, the computer program product comprising instructions to cause data processing apparatus to perform operations comprising:
- receiving at a server data characterizing a request for content, the content being secured with a first security against access by a client of a user;
  
  determining whether first security credentials authenticate the user; and
  
  if the user is authenticated by the first security credentials and authorized to use the content,replacing the first security of the content with a second security, the replacing comprising removing security from the content in accordance with second security credentials; and
  
  authorizing the user to perform at least one action of a plurality of types of actions, the at least one action being associated with the user at the server.
- View Dependent Claims (19, 20)
- - 19. The computer program product of claim 18, wherein the content is medical health information.
  - 20. The computer program product of claim 18, wherein the user is authorized to access or use the content at a first time but is not authorized to access or use the content at a second time later than the first time or earlier than the first time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Medox Technologies, Inc.
Original Assignee
Medox Exchange, Inc.
Inventors
Beck, Michael E.

Application Number

US11/786,485
Publication Number

US 20070239998A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/604   Tools and structures for ma...

G06F 21/6245   Protecting personal data, e...

G06F 21/6272   by registering files or doc...

G16H 10/60   for patient-specific data, ...

G16H 50/20   for computer-aided diagnosi...

G16H 70/20   relating to practices or gu...

G16H 80/00   ICT specially adapted for f...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

Dynamic binding of access and usage rights to computer-based resources

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic binding of access and usage rights to computer-based resources

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links