Methods and systems for sharing a network resource with a user without current access

US 7,353,282 B2
Filed: 11/25/2002
Issued: 04/01/2008
Est. Priority Date: 11/25/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of sharing a network resource with a user not currently having access to the network resource, comprising:

generating a placeholder in an access list for the network resource, wherein the placeholder contains a known identifier;

communicating instructions to a computer of the user, wherein the instructions include instructions to obtain, from an authentication identifier server, an authentication identifier associated with the known identifier;

obtaining, at the computer of the user, the authentication identifier associated with the known identifier from the authentication identifier server in response to receiving the instruction;

obtaining the authentication identifier associated with the known identifier from the computer of the user upon an attempt to access the network resource;

storing a copy of the authentication identifier obtained from the computer of the user in the placeholder that contains the known identifier within the access list;

granting the computer of the user access to the network resource upon storing the copy of the authentication identifier; and

upon a subsequent attempt to access the network resource, obtaining the authentication identifier from the computer of the user and comparing the authentication identifier obtained from the computer of the user to the authentication identifier stored in the access list to grant the computer of the user access to the network resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems provide for sharing of a network resource that requires an authentication ID for access with a user not currently having an authentication ID. A placeholder is generated in an access list providing authorization for the network resource and the placeholder is associated with a known identifier of the user. Upon the user obtaining an authentication ID and attempting to access the network resource, the authentication ID for the user is stored in the placeholder to establish authorization for the user to the network resource. Several checks may be made prior to storing the authentication ID within the placeholder, including determining whether the user has verified obtaining the authentication ID with the issuer, determining whether the authentication ID of the user attempting access matches the authentication ID the issuer has provided for the user, and determining whether the known identifier stored in the placeholder matches a sign-in provided by the user.

Citations

26 Claims

1. A method of sharing a network resource with a user not currently having access to the network resource, comprising:
- generating a placeholder in an access list for the network resource, wherein the placeholder contains a known identifier;
  
  communicating instructions to a computer of the user, wherein the instructions include instructions to obtain, from an authentication identifier server, an authentication identifier associated with the known identifier;
  
  obtaining, at the computer of the user, the authentication identifier associated with the known identifier from the authentication identifier server in response to receiving the instruction;
  
  obtaining the authentication identifier associated with the known identifier from the computer of the user upon an attempt to access the network resource;
  
  storing a copy of the authentication identifier obtained from the computer of the user in the placeholder that contains the known identifier within the access list;
  
  granting the computer of the user access to the network resource upon storing the copy of the authentication identifier; and
  
  upon a subsequent attempt to access the network resource, obtaining the authentication identifier from the computer of the user and comparing the authentication identifier obtained from the computer of the user to the authentication identifier stored in the access list to grant the computer of the user access to the network resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein communicating instructions to the computer of the user comprises sending an email to an email address of the user.
  - 3. The method of claim 2, wherein the email includes a link to the authentication identification server and wherein the network resource is accessed by activating the link.
  - 4. The method of claim 2, wherein the email includes a link to the network resource.
  - 5. The method of claim 1, wherein obtaining the authentication identifier from the authentication identifier server comprises:
    - accessing the authentication identifier server with the computer of the user; and
      
      sending the authentication identifier from the authentication identifier server to the computer of the user.
  - 6. The method of claim 1, further comprising:
    - sending an email from the authentication identifier server to the user to request verification of obtaining the authentication identifier;
      
      replying at the computer of the user to the email from the authentication identifier server to verify obtaining the authentication identifier;
      
      upon receiving the request to access the network resource from the computer of the user, contacting the authentication identifier server to determine whether the authentication identifier is verified;
      
      when the authentication identifier is verified, then storing the authentication identifier in the access list; and
      
      when the authentication identifier is not verified, then denying storage of the authentication identifier in the access list.
  - 7. The method of claim 1, further comprising:
    - assigning permissions for the network resource for the user within the access list at the placeholder associated with the known identifier prior to storing the authentication identifier in the placeholder.
  - 8. The method of claim 1, further comprising directing the computer of the user to log in with the authentication identifier server to obtain the authentication identifier when attempting to access the network resource.
  - 9. The method of claim 1, further comprising:
    - obtaining the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource;
      
      obtaining the authentication identifier that the authentication identifier server associated with the obtained known identifier;
      
      comparing the authentication identifier that the authentication identifier server associated with the obtained known identifier to the authentication identifier obtained from the computer of the user attempting to access the network resource; and
      
      when the authentication identifier that the authentication identifier server associated with the obtained known identifier matches the authentication identifier obtained from the computer of the user, then storing the copy of the authentication identifier in the placeholder containing the known identifier.
  - 10. The method of claim 9, wherein obtaining the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource comprises:
    - providing a web form to the computer of the user that requests entry of the known identifier associated with the authentication identifier; and
      
      receiving the known identifier input at the web form.
  - 11. The method of claim 1, further comprising:
    - obtaining the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource;
      
      comparing the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource with the known identifier stored in the placeholder; and
      
      when the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource matches the known identifier stored in the placeholder, then storing the copy of the authentication identifier in the placeholder for the known identifier.

12. A computer system for sharing a network resource with a user not currently having access to the network resource, comprising:
- storage containing an access list for the network resource;
  
  a network interface; and
  
  a processing device configured to generate a placeholder within the network resource that contains the known identifier, generate a message through the network interface to the user instructing the user to obtain an authentication identifier from an authentication identifier server, store to a computer of the user the authentication identifier, obtain the authentication identifier through the network interface from the computer of the user, obtained from the authentication identifier server, upon attempting to access the network resource, store a copy of the authentication identifier obtained from the computer of the user in the placeholder containing the known identifier within the storage, grant the computer of the user access to the network resource upon storing the copy of the authentication identifier and upon a subsequent attempt by the computer of the user to access the network resource, obtain the authentication identifier from the computer of the user and compare the authentication identifier obtained from the computer of the user to the authentication identifier stored in the access list to grant access to the network resource.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The computer system of claim 12, wherein the generated message is an email that includes a link to the authentication identifier server and a link to the network resource.
  - 14. The computer system of claim 12, wherein the processing device is further configured to, upon receiving the request to access the network resource, contact the authentication identifier server to determine whether the authentication identifier is verified, and when the authentication identifier is not verified, then deny storage of the authentication identifier in the placeholder.
  - 15. The computer system of claim 12, wherein the processing device is further configured to receive an assignment of permissions to the network resource for the computer of the user and store the permissions to the network resource in the placeholder for the known identifier within the access list prior to storing the authentication identifier in the placeholder.
  - 16. The computer system of claim 12, wherein the processing device is further configured to direct the computer of the user to log in with the authentication identifier server to obtain the authentication identifier upon receiving the attempt to access the network resource.
  - 17. The computer system of claim 12, wherein the processing device is further configured to obtain the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource, obtain the authentication identifier that the authentication identifier server associates with the obtained known identifier, compare the authentication identifier that the authentication identifier server associates with the obtained known identifier to the authentication identifier obtained from the computer of the user attempting to access the network resource, and deny storing the authentication identifier in the placeholder when the authentication identifier that the authentication identifier server associates with the obtained known identifier does not match the authentication identifier obtained from the computer of the user.
  - 18. The computer system of claim 12, wherein the processing device is further configured to provide through the network interface a web form from storage that requests entry of the known identifier associated with the authentication identifier and receive through the network interface the known identifier input at the web form.
  - 19. The method of claim 12, wherein the processing device is further configured to obtain the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource, compare the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource with the known identifier stored in the placeholder, and when the known identifier associated with the authentication identifier of the computer of the user attempting to access the network resource does not match the known identifier stored in the placeholder, then deny storing the copy of the authentication identifier in the placeholder containing the known identifier.

20. A network system for sharing a network resource with a user not currently having access to the network resource, comprising:
- a first server computer that provides the network resource and that maintains an access list providing permissions for the network resource, and wherein the first server generates a placeholder within the access list, stores a known identifier of the user in the placeholder, sends a message to the known identifier instructing the user to obtain an authentication identifier from an authentication identifier server, obtains the authentication identifier from a client computer, stores the authentication identifier obtained from the client computer within the placeholder containing the known identifier, grant the computer of the user access to the network resource upon storing the copy of the authentication identifier and upon a subsequent attempt by the computer of the user to access the network resource, obtain the authentication identifier from the computer of the user and compare the authentication identifier obtained from the computer of the user to the authentication identifier stored in the access list to grant access to the network resource;
  
  whereinthe client computer receives the message to the known identifier, obtains an authentication identifier associated with the known identifier from the authentication identifier server, and attempts to access the network resource at the first server after obtaining the authentication identifier.
- View Dependent Claims (21, 22, 23)
- - 21. The network system of claim 20, wherein the client computer replies to a message to the known identifier from the authentication identifier server to verify obtaining the authentication identifier and wherein prior to storing the authentication identifier, the first server contacts the authentication identifier server to determine whether the client computer verified obtaining the authentication identifier.
  - 22. The network system of claim 20, wherein prior to storing the authentication identifier, the first server computer obtains the known identifier for the computer of the user and compares the authentication identifier of the computer of the user attempting to access the network resource to the authentication identifier obtained from the authentication identifier server for the known identifier.
  - 23. The network system of claim 20, wherein prior to storing the authentication identifier, the first server computer obtains the known identifier for the computer of the user and compares the known identifier obtained from the computer of the user to the known identifier stored in the placeholder.

24. A computer readable storage medium comprising instructions that when executed by a computer perform the steps of:
- generating a placeholder storing a known identifier of a computer of a user in storage;
  
  communicating instructions to the computer of the user, wherein the computer of the user is instructed to access a network resource and obtain an authentication identifier from an authentication identifier server;
  
  upon receiving an attempt by the computer of the user to access a network resource, detecting whether an authentication identifier being provided by the computer of the user has been verified with an authentication identifier server of the authentication identifier, comparing an authentication identifier of the authentication identifier server that is associated with the known identifier of the computer of the user with the authentication identifier being provided by the computer of the user, and comparing the known identifier of the computer of the user to the known identifier in the placeholder;
  
  when the authentication identifier being provided by the computer of the user has been verified with the authentication identifier server and matches the authentication identifier of the authentication identifier server that is associated with the known identifier of the computer of the user, and when the known identifier of the computer of the user matches the known identifier in the placeholder, then storing the authentication identifier provided by the computer of the user in the placeholder;
  
  granting the computer of the user access to the network resource upon storing the copy of the authentication identifier; and
  
  upon a subsequent attempt to access the network resource, obtaining the authentication identifier from the computer of the user and comparing the authentication identifier obtained from the computer of the user to the authentication identifier stored in the placeholder to grant the computer of the user access to the network resource.
- View Dependent Claims (25, 26)
- - 25. The computer readable storage medium of claim 24, wherein the known identifier is an email address and wherein the instructions when executed by the computer perform the additional steps of:
    - providing an email to the computer of the user at the email address that instructs the computer of the user to obtain the authentication identifier from the authentication identifier server, and wherein the email includes a link to the authentication identifier server and a link to the network resource.
  - 26. The computer readable storage medium of claim 24, wherein the instructions when executed by the computer perform the additional steps of:
    - providing a web form to the computer of the user attempting to access the network resource that requests entry of the known identifier associated by the authentication identifier server with the authentication identifier; and
      
      receiving the known identifier input by the computer of the user at the web form.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Olsen, Thomas, Nichols, Isaac, Roma, Ricard, Kuppusamy, Ashok
Primary Examiner(s)
JACOBS, LASHONDA T

Application Number

US10/304,187
Publication Number

US 20040103203A1
Time in Patent Office

1,954 Days
Field of Search

709/203, 709/217, 709/219, 709/223, 709/224, 709/225, 709/229, 707 9- 10, 713/151, 713/168, 713/182
US Class Current

709/229
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

Methods and systems for sharing a network resource with a user without current access

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for sharing a network resource with a user without current access

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links