Method of and system for controlling internet access
First Claim
Patent Images
1. A method of controlling access to the Internet by members of a family, which comprises the computer implemented steps of:
- maintaining for each member of a family a session identifier, each said session identifier including an age field that contains an age set for the family member and a parent field that indicates whether or not the family member is a parent;
maintaining for said family a list of resources for parental review; and
, maintaining for said family at least one exception list of resources approved for access by a child of said family.
9 Assignments
0 Petitions
Accused Products
Abstract
A method of and system for controlling access to the Internet by members of an organization that includes at least one supervisor and at least one non-supervisor for which limited Internet access is desired. The system maintains for each member of the organization a session identifier. When the system establishes an Internet session between a member of the organization and the Internet, the system initially sets a user session identifier for said Internet session to a default session identifier, which is the session identifier for the lowest access level member of the organization. When the member requests a resource, the system determines if an access level rating for requested resource is greater than the value of the access level field of the user session identifier. If so, the system blocks the resource and presents member with choices of logging on to the system as a specific member of the organization with a higher access level, or appealing the blocking to a supervisor.
-
Citations
41 Claims
-
1. A method of controlling access to the Internet by members of a family, which comprises the computer implemented steps of:
-
maintaining for each member of a family a session identifier, each said session identifier including an age field that contains an age set for the family member and a parent field that indicates whether or not the family member is a parent;
maintaining for said family a list of resources for parental review; and
,maintaining for said family at least one exception list of resources approved for access by a child of said family. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
establishing an Internet session between a member of said family and the Internet; and
,initially setting a user session identifier for said Internet session to a default session identifier.
-
-
4. The method as claimed in claim 3, wherein said default user session identifier is the session identifier for the youngest non-parent member of said family.
-
5. The method as claimed in claim 3, including the computer implemented steps of:
-
in response to a request for a resource, determining if an age level rating for said resource is greater than the value of the age field of said default user session identifier; and
,blocking said resource if said age rating is greater than the value of the age field of said default user session identifier.
-
-
6. The method as claimed in claim 5, including the computer implemented steps of:
-
in response to blocking said resource, prompting said family member to logon as a specific member of said family;
in response to a logon as a specific family member, authenticating said logon as said specific member of said family; and
,in response to authentication of said logon as said specific member of said family, setting an updated user session identifier to the session identifier for said specific member of said family.
-
-
7. The method as claimed in claim 6, including the computer implemented step of:
if said specific family member is a parent, presenting to said parent said list of resources for parental review.
-
8. The method as claimed in claim 7, including the computer implemented step of:
prompting said parent to select for inclusion in said exception list resources from said list of resources for parental review.
-
9. The method as claimed in claim 6, including the computer implemented steps of:
-
prompting said family to appeal said blocking;
in response to an appeal of said blocking, appending a locator for said resource to said list of resources for parental review.
-
-
10. The method as claimed in claim 1, including the computer implemented steps of:
-
establishing an Internet session between a member of said family and the Internet; and
,setting a user session identifier for said Internet session to the session identifier of said family member.
-
-
11. The method as claimed in claim 10, including the computer implemented steps of:
-
in response to a request for a resource, determining if the parent field of said user session identifier is set to parent; and
,providing said resource if said parent field is set to parent.
-
-
12. The method as claimed in claim 10, including the computer implemented steps of:
-
in response to a request for a resource, determining if said resource is in said exception list; and
,providing said resource if said resource is in said exception list.
-
-
13. The method as claimed in claim 10, wherein each session identifier includes a field that indicates whether not unrated resources are to be blocked.
-
14. The method as claimed in claim 13, including the computer implemented steps of:
-
in response to a request for a resource, determining if said resource is unrated; and
,blocking said resource if said resource is unrated and said user session identifier indicates that unrated resources are to be blocked.
-
-
15. The method as claimed in claim 10, wherein a policy provider is associated with said family.
-
16. The method as claimed in claim 15, including the computer implemented steps of:
-
in response to a request for a resource, querying the policy provider for said family for a rating for said resource; and
,blocking said resource if a rating for said resource is greater than the value of the age field of said user session identifier.
-
-
17. The method as claimed in claim 15, including the steps of:
-
in response to a request for a resource, querying the policy provider for said family for a determination if said resource is suitable for the age specified in said age field of said user session identifier; and
,blocking said resource if said resource is determined to be not suitable for the age specified in the age field of said user session identifier.
-
-
18. The method as claimed in claim 10, including the computer implemented steps of:
-
in response to a request for a resource, determining if said resource has a rating;
determining if said rating is an age rating; and
,blocking said resource if the age rating is greater than the value of the age field of said user session identifier.
-
-
19. The method as claimed in claim 18, including the computer implemented step of:
if said received rating is not an age rating, converting said received rating to an age rating.
-
20. A method of controlling access to the Internet by members of an organization, said organization including at least one supervisor and at least one non-supervisor for which limited Internet access is desired, which comprises the computer implemented step of:
-
maintaining for each member of said organization a session identifier, each said session identifier including an access level field that contains an access level set for the organization member and a supervisor field that indicates whether or not the organization member is a supervisor. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
establishing an Internet session between a member of said organization and the Internet; and
,initially setting a user session identifier for said Internet session to a default session identifier.
-
-
22. The method as claimed in claim 21, wherein said default session identifier is the session identifier for the lowest access level of said organization.
-
23. The method as claimed in claim 21, including the computer implemented steps of:
-
in response to a request for a resource, determining if an access level rating for said resource is greater than the value of the access level field of said default user session identifier; and
,blocking said resource if said access level rating is greater than the value of the access level field of said default user session identifier.
-
-
24. The method as claimed in claim 23, including the computer implemented steps of:
-
in response to blocking said resource, prompting said organization member to logon as a specific member of said organization;
in response to a logon as a specific organization member, authenticating said logon as said specific member of said organization; and
,in response to authentication of said logon as said specific member of said organization, setting an updated user session identifier to the session identifier for said specific member of said organization.
-
-
25. The method as claimed in claim 24, including the computer implemented step of:
-
maintaining for said organization a list of resources for supervisor review and, if said specific organization member is a supervisor;
presenting to said supervisor said list of resources for supervisor review.
-
-
26. The method as claimed in claim 25, including the computer implemented step of:
-
maintaining for said organization at least one exception list of resources approved for access by a non-supervisor member of said organization; and
,prompting said supervisor to select for inclusion in said exception list resources from said list of resources for supervisor review.
-
-
27. The method as claimed in claim 23, including the computer implemented steps of:
-
prompting said organization member to appeal said blocking;
in response to an appeal of said blocking, appending a locator for said resource to a list of resources for supervisor review.
-
-
28. The method as claimed in claim 20, wherein:
-
said organization is a family;
said supervisor is a parent; and
,said non-supervisor is a child.
-
-
29. The method as claimed in claim 28, wherein said access level is an age.
-
30. A system for controlling access to the Internet, which comprises:
-
an authentication database, said authentication database including a session identifier for each member of an organization, each said session identifier including an access level for a member of the said organization;
an authentication server, said authentication server including means for accessing said authentication database to obtain a user session identifier in response to a logon by a member of an organization; and
,a filtering proxy, said filtering proxy including means for receiving requests for Internet resources, and means for tagging requested resources with a user session identifier received from said authentication server; and
,a policy evaluator, said policy evaluator including means for returning a block message to said filtering proxy based upon a user session identifier tagged to a requested resource. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
a list of resources for supervisor review; and
,an appeals administrator, said administrator including means for inserting locators for appealed resources into said list of resources for supervisor review.
-
-
35. The system as claimed in claim 34, including:
an exception list for an organization, said exception list including a list of resources approved for access by a member of said organization.
-
36. The system as claimed in claim 35, wherein said appeals administrator includes means for inserting locator from said list of resources for supervisor review into said exception list.
-
37. The system as claimed in claim 36, wherein said policy evaluator includes means for accessing said exception list.
-
38. A method of controlling access by members of an organization to resources, said organization including at least one supervisor member and non-supervisor members, said method comprising the computer implemented steps of:
-
in response to a request for access to a resource by a non-supervisor member, determining if said requested resource is suitable for said non-supervisor member; and
,blocking access to said requested resource if said requested resource is determined to be not suitable for said non-supervisor member. - View Dependent Claims (39, 40, 41)
said organization is a family;
said supervisor member is a parent; and
,and said non-supervisor members include children.
-
-
40. The method as claimed in claim 38, wherein said resources include Internet resources.
-
41. The method as claimed in claim 38, wherein said step of determining if said requested resource is suitable for said non-supervisor member includes the computer implemented step of:
consulting a policy provider for a determination of the suitability of said requested resource for said non-supervisor member.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeKnapp Investment Company Limited
-
Original AssigneeWorldCom, Inc. (Verizon Communications Inc.)
-
InventorsKhare, Rohit, Klensin, John
-
Primary Examiner(s)Wright, Norman M.
-
Application NumberUS09/219,411Time in Patent Office1,602 DaysField of Search713/201,202US Class Current726/7CPC Class CodesG06F 21/6218 to a system of files or obj...G06F 2221/2113 Multi-level security, e.g. ...H04L 63/083 using passwords cryptograph...H04L 63/0853 using an additional device,...H04L 63/102 Entity profilesH04L 63/105 Multiple levels of security
