Controlling access to information

US 5,991,878 A
Filed: 09/08/1997
Issued: 11/23/1999
Est. Priority Date: 09/08/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method of controlling access to information in a distributed computing system, the method comprising:

receiving a request for the information, the request accompanied by encrypted session state data, the encrypted session state data being valid for a limited duration; and

based on the encrypted session state data, determining whether to pass the request to a source of the information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods are provided for controlling access to information in a distributed computing system. A request for the information is received and is accompanied by encrypted session state data. Based on the encrypted session state data, it is determined whether to pass the request on to a source of the information. In a memory buffer, old data is replaced by overwriting with a unique identifier. After the memory buffer has received new data and a procedure has been executed for copying the contents of the memory buffer to a destination, it is determined whether the unique identifier may be found at the destination.

201 Citations

28 Claims

1. A method of controlling access to information in a distributed computing system, the method comprising:
- receiving a request for the information, the request accompanied by encrypted session state data, the encrypted session state data being valid for a limited duration; and
  
  based on the encrypted session state data, determining whether to pass the request to a source of the information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - providing the encrypted session state data as a generic cookie.
  - 3. The method of claim 1, wherein the encrypted session state data defines an information-accessing session.
  - 4. The method of claim 1, wherein the encrypted session state data includes a unique identifier for an information-accessing session.
  - 5. The method of claim 1, wherein the encrypted session state data comprises an indication of an expiration time.
  - 6. The method of claim 1, further comprising:
    - if the in formation is available from multiple sources, based on the encrypted session state data, causing the request to be passed to a one of the sources to which a previous request was passed.
  - 7. The method of claim 1, wherein the encrypted session state data defines information sources for which a user has access authorization.
  - 8. The method of claim 7, whereinthe information sources are organized in a hierarchy;
    - andthe encrypted session state data defines a portion of the hierarchy, the user having access authorization corresponding to the portion.

9. A method of controlling access to information, the method comprising:
- in a memory buffer, replacing old data by overwriting with a unique identifier; and
  
  after the memory buffer has received new data and a procedure has been executed for copying at least some of the contents of the memory buffer to a destination, determining whether the unique identifier may be found at the destination.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, further comprisingreceiving a request for the new data, wherein the unique identifier associates the memory buffer with the request.
  - 11. The method of claim 9, further comprising:
    - filling the memory buffer with the unique identifier.
  - 12. The method of claim 9, further comprisingreceiving a directive to cause the memory buffer to be allocated with a specified size;
    - andcausing the memory buffer to be allocated with an increased size.
  - 13. The method of claim 12, whereinthe unique identifier has an identifier size;
    - andthe increased size is larger than the specified size by at least an amount equal to twice the identifier size.

14. A method of controlling access to information, the method comprising:
- providing encrypted session state data to browser software running on a client computer, the encrypted session state data including a unique identifier for an information-accessing session;
  
  at a gatekeeper computer, receiving a request for the information, the encrypted session state data accompanying the request;
  
  based on the encrypted session state data, determining whether to pass the request to a server computer serving as a source for the information;
  
  at the server computer, directing that a memory buffer be allocated with a specified size;
  
  causing the memory buffer to be allocated with an increased size being larger than the specified size by amount equal to twice the unique identifier'"'"'s size;
  
  filling the memory buffer with the unique identifier;
  
  providing the information in the memory buffer;
  
  at the gatekeeper computer, causing a gatekeeper memory buffer to be allocated with the increased size;
  
  copying the contents of the memory buffer to the gatekeeper memory buffer;
  
  determining whether the unique identifier may be found in the gatekeeper memory buffer; and
  
  if the unique identifier is found in the gatekeeper memory buffer, providing the information in a substantive response to the browser software.

15. Computer software, residing on a computer-readable storage medium, comprising instructions for use in a computer system to controlling access to information in a distributed computing system, the instructions causing the computer system to:
- receive a request for the information, the request accompanied by encrypted session state data, the encrypted session state data being valid for a limited duration; and
  
  based on the encrypted session state data, determine whether to pass the request to a source of the information.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The computer software of claim 15, wherein the computer software further comprises instructions for causing the computer system to:
    - provide the encrypted session state data as a generic cookie.
  - 17. The computer software of claim 15, wherein the encrypted session state data defines an information-accessing session.
  - 18. The computer software of claim 15, wherein the encrypted session state data includes a unique identifier for an information-accessing session.
  - 19. The computer software of claim 15, wherein the encrypted session state data comprises an indication of an expiration time.
  - 20. The computer software of claim 15, wherein the computer software further comprises instructions for causing the computer system to:
    - if the information is available from multiple sources, based on the encrypted session state data, cause the request to be passed to a one of the sources to which a previous request was passed.
  - 21. The computer software of claim 15, wherein the encrypted session state data defines information sources for which a user has access authorization.
  - 22. The computer software of claim 21, whereinthe information sources are organized in a hierarchy;
    - andthe encrypted session state data defines a portion of the hierarchy, the user having access authorization corresponding to the portion.

23. Computer software, residing on a computer-readable storage medium, comprising instructions for use in a computer system to control access to information, the instructions causing the computer system to:
- in a memory buffer, replace old data by overwriting with a unique identifier; and
  
  after the memory buffer has received new data and a procedure has been executed for copying at least some of the contents of the memory buffer to a destination, determine whether the unique identifier may be found at the destination.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The computer software of claim 23, wherein the computer software further comprises instructions for causing the computer system to:
    - receive a request for the new data, wherein the unique identifier associates the memory buffer with the request.
  - 25. The computer software of claim 23, wherein the computer software further comprises instructions for causing the computer system to:
    - fill the memory buffer with the unique identifier.
  - 26. The computer software of claim 23, wherein the computer software further comprises instructions for causing the computer system to:
    - receive a directive to cause the memory buffer to be allocated with a specified size; and
      
      cause the memory buffer to be allocated with an increased size.
  - 27. The computer software of claim 26, whereinthe unique identifier has an identifier size;
    - andthe increased size is larger than the specified size by at least an amount equal to twice the identifier size.

28. Computer software, residing on a computer-readable storage medium, comprising instructions for use in a computer system to control access to information, the instructions causing the computer system to:
- provide encrypted session state data to browser software running on a client computer, the encrypted session state data including a unique identifier for an information-accessing session;
  
  at a gatekeeper computer, receive a request for the information, the encrypted session state data accompanying the request;
  
  based on the encrypted session state data, determine whether to pass the request to a server computer serving as a source for the information;
  
  at the server computer, direct that a memory buffer be allocated with a specified size;
  
  cause the memory buffer to be allocated with an increased size being larger than the specified size by amount equal to twice the unique identifier'"'"'s size;
  
  fill the memory buffer with the unique identifier;
  
  provide the information in the memory buffer;
  
  at the gatekeeper computer, cause a gatekeeper memory buffer to be allocated with the increased size;
  
  copy the contents of the memory buffer to the gatekeeper memory buffer;
  
  determine whether the unique identifier may be found in the gatekeeper memory buffer; and
  
  if the unique identifier is found in the gatekeeper memory buffer, provide the information in a substantive response to the browser software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
FMR LLC
Original Assignee
FMR Corporation (FMR LLC)
Inventors
McDonough, John C., Saravanan, Thiagarajan, Iannucci, Louis A., Ingham, David M., Amatucci, Michael P.
Primary Examiner(s)
Heckler, Thomas M.

Application Number

US08/925,212
Time in Patent Office

806 Days
Field of Search

713/200, 713/201, 713/202, 707/9, 707/10
US Class Current

726/9
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2211/007   Encryption, En-/decode, En-...

Y10S 707/99939   Privileged access

Controlling access to information

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

201 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Controlling access to information

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

201 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others