Authorization and Authentication Based on an Individual's Social Network

US 20140280945A1
Filed: 05/29/2014
Published: 09/18/2014
Est. Priority Date: 07/22/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a service provider, a request from a first user to access content on the service provider, the request identifying a user identifier (ID) of the first user;

transmitting, to a social networking system that is external to the service provider, a request to determine whether the first user is authorized to access content on the service provider based on a gray list comprising user IDs of the users who are not authorized to access content on the service provider, wherein the gray list is based on a black list; and

permitting, at the service provider, the content to be accessed by the first user if an indication is received from the social networking system that the first user is authorized to access the content based on the gray list.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In particular embodiments, a method includes receiving a request to transmit content related to a first user to a second user, determining whether transmission of the content is authorized based on a list of unauthorized users, and transmitting the content to the second user if the transmission is authorized based on the list.

34 Citations

View as Search Results

19 Claims

1. A method comprising:
- receiving, at a service provider, a request from a first user to access content on the service provider, the request identifying a user identifier (ID) of the first user;
  
  transmitting, to a social networking system that is external to the service provider, a request to determine whether the first user is authorized to access content on the service provider based on a gray list comprising user IDs of the users who are not authorized to access content on the service provider, wherein the gray list is based on a black list; and
  
  permitting, at the service provider, the content to be accessed by the first user if an indication is received from the social networking system that the first user is authorized to access the content based on the gray list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, further comprising:
    - accessing a graph structure comprising a plurality of nodes and a plurality of edges connecting the nodes, each of the edges between two of the nodes representing a single degree of separation between them, the nodes comprising a first-user node corresponding to the first user and a second-user node corresponding to a second user.
  - 3. The method of claim 2, wherein the content is related to the second user.
  - 4. The method of claim 3, wherein the content comprises an email, instant message, text message, or voicemail from the second user.
  - 5. The method of claim 2, further comprising:
    - accessing a white list comprising a first set of user IDs of a first set of users, each user of the first set of users corresponding to a user associated with the service provider; and
      
      authenticating the first user to access content on the external service provider if the first-user node is connected in the graph structure to one or more nodes corresponding to users of the first set of users by a series of nodes and edges that does not comprise a node corresponding to a user on the gray list.
  - 6. The method of claim 2, further comprising:
    - accessing the black list comprising a first set of user IDs of a first set of users;
      
      wherein the gray list comprises a second set of user IDs of a second set of users, each of the nodes corresponding to the users in the second set of users being separated in the graph structure from at least one of the nodes corresponding to the users in the first set of users by only one degree of separation.
  - 7. The method of claim 2, further comprising:
    - accessing the black list comprising a first set of user IDs of a first set of users;
      
      wherein the gray list comprises a second set of user IDs of a second set of users, each of the nodes corresponding to the users in the second set of users being separated in the graph structure from at least one of the nodes corresponding to the users in the first set of users by a threshold degree of separation.
  - 8. The method of claim 7, further comprising:
    - determining whether transmission of the content is authorized based on the gray list; and
      
      authorizing transmission of the content to the first user if the first-user node and the second-user node are connected to each other in the graph structure by a series of edges and nodes that does not comprise a node corresponding to a user in the first set of users or the second set of users.
  - 9. The method of claim 7, wherein the gray list further comprises a third set of user IDs of a third set of users, the nodes corresponding to the users of the third set of users being connected to either the first-user node or the second-user node in the graph structure by a series of edges and nodes that comprises a node corresponding to a user in the first set of users or the second set of users.
  - 10. The method of claim 2, wherein the gray list comprises a first set of user IDs of a first set of users, the nodes corresponding to the users of the first set of users being connected to either the first-user node or the second-user node in the graph structure through a series of edges and nodes that comprises an unauthorized node.
  - 11. The method of claim 1, further comprising:
    - accessing the black list comprising a first set of user IDs of a first set of users.
  - 12. The method of claim 11, wherein the black list comprises user IDs of the users whose content is not authorized to be transmitted to the first user.
  - 13. The method of claim 11, wherein the black list comprises user IDs of the users who are not authorized to view content associated with the service provider.
  - 14. The method of claim 1, wherein the content comprises an e-mail communication.
  - 15. The method of claim 1, wherein the content comprises profile information of a user of the service provider.
  - 16. The method of claim 1, wherein the content comprises content posted by a user of the service provider.
  - 17. The method of claim 1, further comprising:
    - authorizing transmission of the content to the first user if the gray list does not comprise a user ID of the first user.
  - 18. The method of claim 1, further comprising:
    - prohibiting transmission of the content to the first user if the transmission is not authorized.

19. A service provider system comprising:
- one or more processors; and
  
  one or more servers having a memory storing computer-executable instructions that when executed by one or more of the processors cause the processors to;
  
  receive, at the service provider, a request from a first user to access content on the service provider, the request identifying a user identifier (ID) of the first user;
  
  transmit, to a social networking system that is external to the service provider, a request to determine whether the first user is authorized to access content on the service provider based on a gray list comprising user IDs of the users who are not authorized to access content on the service provider, wherein the gray list is based on a black list; and
  
  permit, at the service provider, the content to be accessed by the first user if an indication is received from the social networking system that the first user is authorized to access the content based on the gray list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Lunt, Christopher

Granted Patent

US 9,391,971 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

G06F 16/24575   using context

G06F 16/248   Presentation of query results

G06F 16/9024   Graphs; Linked lists G06F16...

G06F 21/31   User authentication

G06F 21/604   Tools and structures for ma...

G06Q 50/01   Social networking

H04L 51/04   Real-time or near real-time...

H04L 51/212   using filtering or selectiv...

H04L 51/52   for supporting social netwo...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/101   Access control lists [ACL]

H04L 63/145   the attack involving the pr...

H04L 67/02   based on web technology, e....

H04L 67/306   User profiles

H04L 67/60   Scheduling or organising th...

Authorization and Authentication Based on an Individual's Social Network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Authorization and Authentication Based on an Individual's Social Network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links