Method and System for Peer-to-Peer Authorization

US 20080289023A1
Filed: 07/31/2008
Published: 11/20/2008
Est. Priority Date: 12/19/2002
Status: Active Grant

First Claim

Patent Images

1-12. -12. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authorization mechanism within a peer-to-peer network is presented. A central server that operates a centralized data repository search engine within a peer-to-peer network performs authentication and authorization operations with respect to users that access its services. A user at a peer node reviews peer-to-peer search results that have been gathered and returned by the centralized search engine. When the user desires to retrieve a file from another peer node, the user'"'"'s peer node must obtain an authorization token from the central server, which authenticates the user or has previously authenticated the user. The user'"'"'s peer node then presents the authorization token along with a request to retrieve the file from the other peer node. After verifying the authorization token, the other peer node responds with the requested file. If the other peer node cannot verify the authorization token, then the other peer node denies access to the file.

Citations

36 Claims

1-12. -12. (canceled)

13. A computer program product in a computer readable storage medium for use in a data processing system for an authorization operation, the computer program product comprising:
- means for receiving, at a central server within a peer-to-peer network from a first peer node within the peer-to-peer network, a search query for one or more resources within the peer-to-peer network;
  
  means for identifying by the central server a resource at a second peer node that satisfies the search query;
  
  means for inserting by the central server information about the resource into a search result dataset in response to a determination that the first peer node or a user of the first peer node is authorized to access the resource;
  
  means for returning by the central server the search result dataset to the first peer node;
  
  means for receiving, by the central server, a selection of a resource from the search result dataset from the first peer node;
  
  means for generating an authorization token for the first peer node to access the resource at the second peer node in response to a determination that the first peer node or a user of the first peer node is authorized to access the resource; and
  
  means for returning the authorization token to the first peer node for use by the first peer node in sending a request to obtain the selected resource from the second peer node.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The computer program product of claim 13 further comprising:
    - means for performing the generation of the authorization token in response to receipt of the selection of the resource.
  - 16. The computer program product of claim 13 further comprising:
    - means for attaching or embedding the authorization token in the search result dataset that is returned to the first peer node.
  - 17. The computer program product of claim 13 further comprising:
    - means for authenticating the first peer node or a user of the first peer node prior to generating the authorization token.
  - 18. The computer program product of claim 13 further comprising:
    - means for sending the authorization token from the first peer node to the second peer node to obtain access to the resource at the second peer node.
  - 19. The computer program product of claim 18 further comprising:
    - means for providing access to the resource in response to a verification of the authorization token at the second peer node.
  - 20. The computer program product of claim 13 further comprising:
    - means for digitally signing the authorization token for subsequent verification.
  - 21. The computer program product of claim 13 further comprising:
    - means for inserting an identifier for the second peer node into the authorization token; and
      
      means for extracting the identifier for the second peer node from the authorization token at the first peer node to identify the second peer node.
  - 22. The computer program product of claim 13 further comprising:
    - means for inserting an identifier for the resource into the authorization token; and
      
      means for extracting the identifier for the resource from the authorization token at the second peer node to identify the resource.
  - 23. The computer program product of claim 13 wherein the authorization token is generated at the central server.
  - 24. The computer program product of claim 13 wherein the authorization token is generated at a trusted centralized authority.

14. (canceled)

25. A data processing system comprising:
- means for receiving, at a central server within a peer-to-peer network from a first peer node within the peer-to-peer network, a search query for one or more resources within the peer-to-peer network;
  
  means for identifying by the central server a resource at a second peer node that satisfies the search query;
  
  means for inserting by the central server information about the resource into a search result dataset in response to a determination that the first peer node or a user of the first peer node is authorized to access the resource;
  
  means for returning by the central server the search result dataset to the first peer node;
  
  means for receiving, by the central server, a selection of a resource from the search result dataset from the first peer node;
  
  means for generating, by the central server, an authorization token for the first peer node to access the resource at the second peer node in response to a determination that the first peer node or a user of the first peer node is authorized to access the resource; and
  
  means for returning the authorization token to the first peer node for use by the first peer node in sending a request to obtain the selected resource from the second peer node.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 27. The data processing system of claim 25 further comprising:
    - means for performing the generation of the authorization token in response to receipt of the selection of the resource.
  - 28. The data processing system of claim 25 further comprising:
    - means for attaching or embedding the authorization token in the search result dataset that is returned to the first peer node.
  - 29. The data processing system of claim 25 further comprising:
    - means for authenticating the first peer node or a user of the first peer node prior to generating the authorization token.
  - 30. The data processing system of claim 25 further comprising:
    - means for sending the authorization token from the first peer node to the second peer node to obtain access to the resource at the second peer node.
  - 31. The data processing system of claim 30 further comprising:
    - means for providing access to the resource in response to a verification of the authorization token at the second peer node.
  - 32. The data processing system of claim 25 further comprising:
    - means for digitally signing the authorization token for subsequent verification.
  - 33. The data processing system of claim 25 further comprising:
    - means for inserting an identifier for the second peer node into the authorization token; and
      
      means for extracting the identifier for the second peer node from the authorization token at the first peer node to identify the second peer node.
  - 34. The data processing system of claim 25 further comprising:
    - means for inserting an identifier for the resource into the authorization token; and
      
      means for extracting the identifier for the resource from the authorization token at the second peer node to identify the resource.
  - 35. The data processing system of claim 25 wherein the authorization token is generated at the central server.
  - 36. The data processing system of claim 25 wherein the authorization token is generated at a trusted centralized authority.

26. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Patrick Ryan Wardrop
Original Assignee
Patrick Ryan Wardrop
Inventors
Wardrop, Patrick Ryan

Granted Patent

US 7,877,480 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 16/1834   implemented based on peer-t...

G06F 21/335   for accessing specific reso...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/10   for controlling access to d...

H04L 63/12   Applying verification of th...

H04L 63/20   for managing network securi...

Method and System for Peer-to-Peer Authorization

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Method and System for Peer-to-Peer Authorization

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links