SYSTEM AND METHOD FOR DATA PRIVACY IN URL BASED CONTEXT QUERIES

US 20100125605A1
Filed: 11/18/2008
Published: 05/20/2010
Est. Priority Date: 11/18/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising the steps of:

receiving a reference to a data object from a user;

identifying, via the network, at least one entity that controls the data object;

retrieving, via the network, at least one permission for the data object, wherein the at least one permission is associated with the at least one entity that controls the data object;

determining, via the network, if the user is permitted to access to the data object using the at least one permission for the data object and spatial data, temporal data social data and logical data available to the network that relates to the user and to the at least one permission for the data object, whereinif the user is permitted access to the data object, access is granted to the data object, and if the user is nor permitted access to the data object, access is denied to the data object.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for data privacy in URL based context queries. A reference to a data object is received from a user. At least one entity that controls the data object is identified via the network. At least one permission for the data object is retrieved via the network, wherein the permission is associated with the entity that controls the data object. It is then determined, via the network, if the user is permitted to access to the data object using the permission for the data object and spatial data, temporal data social data and logical data available to the network that relates to the user and to the permission for the data object. If the user is permitted access to the data object, access is granted to the data object, and if the user is nor permitted access to the data object, access is denied to the data object.

230 Citations

27 Claims

1. A method comprising the steps of:
- receiving a reference to a data object from a user;
  
  identifying, via the network, at least one entity that controls the data object;
  
  retrieving, via the network, at least one permission for the data object, wherein the at least one permission is associated with the at least one entity that controls the data object;
  
  determining, via the network, if the user is permitted to access to the data object using the at least one permission for the data object and spatial data, temporal data social data and logical data available to the network that relates to the user and to the at least one permission for the data object, whereinif the user is permitted access to the data object, access is granted to the data object, and if the user is nor permitted access to the data object, access is denied to the data object.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the reference to a data object is one of a of a plurality of references in result set of a context query.
  - 3. The method of claim 1 wherein a reference to the at least one entity that controls the data object is embedded in metadata in the data object.
  - 4. The method of claim 1 wherein spatial, temporal, social and topical data available to the network relating to the data object is retrieved and used to identify the controlling entity for the data object.
  - 5. The method of claim 4 wherein, the process retrieves the spatial, temporal, social and topical data relating to the data object using a global index available to the network.
  - 6. The method of claim 1 wherein the at least one permission for the data object comprises a permission context having at least one permission context criteria, wherein if the user matches the at least one permission context criteria, the at least one permission is used to determine if the user is permitted to access to the data object, and wherein if the user does not match the at least one permission context criteria, the at least one permission is not used to determine if the user is permitted to access to the data object.
  - 7. The method of claim 1 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated and the most restrictive is applied.
  - 8. The method of claim 1 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated and the least restrictive is applied.
  - 9. The method of claim 1 wherein if an object is not controlled by any entity, access is granted to the data object.

10. A system comprising:
- an object reference receiving module that receives references to data objects from users;
  
  a controlling entity identification module that identifies, for each reference to a data object received by the object reference receiving module, at least one entity that controls the data object;
  
  a permission retrieval module that retrieves, for each reference to a data object received by the object reference receiving module and processed by the permission retrieval module, at least one permission for the data object, wherein the at least one permission is associated with the at least entity that controls the data object;
  
  a permission determination module that determines, via the network, for each reference to a data object received by the object reference receiving module and processed by the permission retrieval module and the permission retrieval module, if the user associated with the reference to a data object is permitted to access to the data object using the at least one permission for the data object and spatial data, temporal data social data and logical data available to the network that relates to the user and to the at least one permission for the data object, whereinif the user is permitted access to the data object, access is granted to the data object, and if the user is nor permitted access to the data object, access is denied to the data object.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10 wherein at least some of the references to data objects received by the object reference receiving module are one of a plurality of references in result set of a context query.
  - 12. The system of claim 10 wherein for at least some of the references to data objects received by the object reference receiving module a reference to the at least entity that controls the data object is embedded in metadata in the data object.
  - 13. The system of claim 10 wherein for at least some of the references to data objects received by the object reference receiving module, the controlling entity identification module retrieves and uses spatial, temporal, social and topical data available to the network relating to the data object to identify the controlling entity for the data object.
  - 14. The system of claim 13 wherein, the process retrieves the spatial, temporal, social and topical data relating to the data object using a global index available to the network.
  - 15. The system of claim 10 wherein for at least some of the references to data objects received by the object reference receiving module, the at least one permission for the data object retrieved by the permission retrieval module comprises a permission context having at least one permission context criteria, wherein if the user matches the at least one permission context criteria, the at least one permission is used to determine if the user is permitted to access to the data object, and wherein if the user does not match the at least one permission context criteria, the at least one permission is not used to determine if the user is permitted to access to the data object.
  - 16. The system of claim 10 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated by the permission determination module and the most restrictive is applied.
  - 17. The system of claim 10 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated by the permission determination module and the least restrictive is applied.
  - 18. The system of claim 10 wherein if an object is not controlled by any entity, permission determination module grants access to the data object.

19. A computer-readable medium having computer-executable instructions for a method comprising the steps:
- receiving a reference to a data object from a user;
  
  identifying, via the network, at least one entity that controls the data object;
  
  retrieving, via the network, at least one permission for the data object, wherein the at least one permission is associated with the at least one entity that controls the data object;
  
  determining, via the network, if the user is permitted to access to the data object using the at least one permission for the data object and spatial data, temporal data social data and logical data available to the network that relates to the user and to the at least one permission for the data object, whereinif the user is permitted access to the data object, access is granted to the data object, and if the user is nor permitted access to the data object, access is denied to the data object.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer-readable medium of claim 19 wherein the reference to a data object is one of a of a plurality of references in result set of a context query.
  - 21. The computer-readable medium of claim 19 wherein a reference to the at least one entity that controls the data object is embedded in metadata in the data object.
  - 22. The computer-readable medium of claim 19 wherein spatial, temporal, social and topical data available to the network relating to the data object is retrieved and used to identify the controlling entity for the data object.
  - 23. The computer-readable medium of claim 22 wherein, the process retrieves the spatial, temporal, social and topical data relating to the data object using a global index available to the network.
  - 24. The computer-readable medium of claim 19 wherein the at least one permission for the data object comprises a permission context having at least one permission context criteria, wherein if the user matches the at least one permission context criteria, the at least one permission is used to determine if the user is permitted to access to the data object, and wherein if the user does not match the at least one permission context criteria, the at least one permission is not used to determine if the user is permitted to access to the data object.
  - 25. The computer-readable medium of claim 19 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated and the most restrictive is applied.
  - 26. The computer-readable medium of claim 19 wherein if an object is controlled by two or more entities, permissions for all controlling entities are evaluated and the least restrictive is applied.
  - 27. The computer-readable medium of claim 19 wherein if an object is not controlled by any entity, access is granted to the data object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
R2 Solutions LLC (Acacia Research Corporation)
Original Assignee
Yahoo! Inc. (Apollo Global Management, Inc.)
Inventors
King, Simon P., Davis, Marc Eliot, Higgins, Christopher William, Nair, Rahul

Granted Patent

US 9,805,123 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/784
CPC Class Codes

A61K 31/19   Carboxylic acids, e.g. valp...

A61K 31/194   having two or more carboxyl...

C07C 69/704   Citric acid esters

C12Q 1/25   involving enzymes not class...

G06F 16/9535   Search customisation based ...

H04L 63/102   Entity profiles

H04W 12/084   using delegated authorisati...

H04W 80/08   Upper layer protocols netwo...

SYSTEM AND METHOD FOR DATA PRIVACY IN URL BASED CONTEXT QUERIES

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

230 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR DATA PRIVACY IN URL BASED CONTEXT QUERIES

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

230 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links