Data file access control

US 20080097998A1
Filed: 10/23/2006
Published: 04/24/2008
Est. Priority Date: 10/23/2006
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

generating a data file;

generating a policy, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts; and

associating the policy with the data file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a data file and policy are generated. The policy is then associated with the data file, wherein the policy includes one or more unassigned accounts and an access control definition that defines an access permission associated with each of the one or more unassigned accounts.

82 Citations

View as Search Results

38 Claims

1. A method, comprising:
- generating a data file;
  
  generating a policy, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts; and
  
  associating the policy with the data file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 36)
- - 2. The method of claim 1, including associating a target user with a first unassigned account of the one or more unassigned accounts.
  - 3. The method of claim 2, including communicating authentication data pertaining to the first unassigned account to the target user, the authentication data used by the target user to access the data file.
  - 4. The method of claim 3, wherein the authentication data is a user name corresponding to the first unassigned account and a password to activate an access key associated with the access control definition defining the access permission associated with the first unassigned account.
  - 5. The method of claim 3, including receiving a contact message indicating a target user is online and has access to the data file.
  - 6. The method of claim 3, including revoking access of a target user to the data file based on determining the target user has not communicated a contact message within an offline threshold time.
  - 7. The method of claim 3, including revoking the target user access to the data file based on the target user accessing the data file beyond an access threshold.
  - 8. The method of claim 7, wherein the access threshold is a time determined by when the data file was communicated to the target user.
  - 9. The method of claim 7, wherein the access threshold is a number of times the target user has accessed the data file.
  - 10. The method of claim 1, wherein the access permission associated with access to the data file includes at least one selected from a group including view, print, edit, distribute, and copy.
  - 11. The method of claim 1, including receiving a request from the target user to access to the data file.
  - 12. The method of claim 11, wherein the request from the target user to access to the data file includes payment information for accessing the data file.
  - 13. The method of claim 11, including receiving a second request from the target user to renew access to the data file.
  - 14. The method of claim 13, including renewing access to the data file and maintaining the association of the target user to the first unassigned account.
  - 15. The method of claim 1, including receiving a request from a data file administrator to provision a target user access to the data file.
  - 36. The method of claim 1, including communicating authentication data pertaining to the first unassigned account to the target user, the authentication data used by the target user to access the data file.

16. A system, comprising:
- a file creation module to generate a data file; and
  
  a policy creation module to create a policy and to associate the policy with the data file, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 17. The system of claim 16, including a mapping module to map a target user with a first unassigned account of the one or more unassigned accounts.
  - 18. The system of claim 17, wherein prior to the mapping module to map, the broker module to receive a request from a data file administrator to permit the target user access to the data file.
  - 19. The system of claim 17, including an authentication module to communicate authentication data for the first unassigned account to a target user of a client machine used to access the data file according to the access permission associated with the first unassigned account.
  - 20. The system of claim 19, including an authentication module to communicate new authentication data to provide a target user with a new level of access to the data file.
  - 21. The system of claim 19, including a broker module to receive a request from the target user to continue provisional access to the data file.
  - 22. The system of claim 19, wherein the authentication data includes a user name corresponding to the first unassigned account and a password to access an access key to access the data file.
  - 23. The system of claim 16, including a broker module to receive a request to communicate the data file to a target user.
  - 24. The system of claim 16, including a broker module to receive a request from a target user to access to the data file.
  - 25. The system of claim 16, including the broker module to receive a contact message indicating the target user has access to the data file.
  - 26. The system of claim 16, including the broker module to determine the target user has not communicated a contact message within an offline threshold time and to revoke access to the data file.
  - 27. The system of claim 16, including the broker module to determine the target user accessed the data file beyond an access threshold and to revoke access to the data file.
  - 28. The system of claim 27, wherein the access threshold is a time determined by when the data file was communicated to the target user.
  - 29. The system of claim 27, wherein the access threshold is a number of times the target user has accessed the data file.

30. A machine-readable medium embodying instructions that, when executed by a machine, cause the machine to:
- generate a data file; and
  
  create a policy and to associate the policy with the data file, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts.
- View Dependent Claims (31, 32, 33, 34)
- - 31. The machine-readable medium of claim 30, the instructions to further cause the machine to map a target user with a first unassigned account of the one or more unassigned accounts.
  - 32. The machine-readable medium of claim 31, the instructions to further cause the machine to communicate authentication data for the first unassigned account to a target user of a client machine used to access the data file according to the access permission associated with the first unassigned account.
  - 33. The machine-readable medium of claim 32, the instructions to further cause the machine to determine the target user has not communicated a contact message within an offline threshold time and to revoke access to the data file.
  - 34. The machine-readable medium of claim 32, the instructions to further cause the machine to determine the target user accessed the data file beyond an access threshold and to revoke access to the data file.

35. A method, comprising:
- associating a policy with a data file to be accessed by a target user, the policy including one or more unassigned accounts and an access control definition defining an access permission associated with each of the one or more unassigned accounts; and
  
  associating the target user with a first unassigned account of the one or more unassigned accounts.

37. A computer-readable medium having stored thereon a data structure, the data structure comprising:
- a first data field containing data representing one or more unassigned accounts; and
  
  a second data field containing data representing an access control definition defining an access permission associated with each of the one or more unassigned accounts.

38. A computer-readable medium having stored thereon a data structure, the data structure comprising:
- a first data field containing data representing one or more unassigned accounts; and
  
  a second data field containing data representing an access control definition defining an access permission associated with each of the one or more unassigned accounts.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Herbach, Jonathan D.

Granted Patent

US 8,554,749 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 16/122   using management policies b...

G06F 17/00   Digital computing or data p...

G06F 3/00   Input arrangements for tran...

G06F 9/00   Arrangements for program co...

Data file access control

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

82 Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Data file access control

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links