Method and apparatus for managing and displaying contact authentication in a peer-to-peer collaboration system
First Claim
1. A method of operating a computing device providing an endpoint in a peer-to-peer collaboration system in which each user has an identity and a display name, the method comprising:
- in response to communicating with a first user, recording the first user as a contact in a contact data store in memory associated with the computing device, the recording comprising storing at least an identity and display name of the first user;
in response to receiving a communication from a second user;
determining whether the display name of the second user is equivalent to the display name of a user in the contact data store; and
when the display name of the second user is equivalent to the display name of a user in the contact data store, and the identity of the second user is different than the identity of the user in the contact data store with the matching display name, generating a warning on a display associated with the computing device, wherein generating the warning comprises generating a warning about a potentially masquerading user having a display name equivalent to the display name of the user in the contact data store with the matching display name, the potentially masquerading user selected from a set of users having display names equivalent to the display name of the user in the contact data store with the matching display name, the set including the user in the contact data store with the matching display name, and the potentially masquerading user being selected based on relative authorization levels of the users in the set, wherein;
the warning comprises a name conflict indicator displayed in a first graphical user interface to the computing device indicating a conflict with a conflicted display name, the conflicted display name being the display name common to the second user and the user in the contact data store with the matching display name; and
the method further comprises;
in response to user input received through the first graphical user interface, the user input being associated with the name conflict indicator, displaying on the computing device a plurality of equivalent display names that are equivalent to the conflicted display name;
receiving user input from a user of the computing device specifying an alternative display name for a selected display name, the alternative display name being selected by the user from the plurality of equivalent display names displayed on the computing device, the alternative display name being associated with a selected identity and being different than the conflicted display name; and
identifying on a second graphical user interface of the computing device the selected identity with the alternative display name, the second graphical user interface providing a function related to controlling communication within the peer-to-peer collaboration system, the communication being between the computing device and a second device associated with the selected identity.
3 Assignments
0 Petitions
Accused Products
Abstract
Proper user-to-data associations are maintained in shared spaces created in a peer-to-peer collaborative system by means of a simplified and minimal user interface that permits users to easily authenticate other members of a shared space. In particular, support is provided for automatically building authenticated relationships even if users do not take the time to authenticate other users. When a user enters a shared space and views the contacts in that space, the display names of each contact are accompanied by distinctive icons that identify that authentication status of that contact. A mechanism is provided for resolving conflicts between contacts with the same display names to prevent confusion and contact “spoofing.” Security policies can be established to provide a uniform approach to authentication. These policies can be set by a user or, alternatively, the policies can be set by an administrator.
-
Citations
31 Claims
-
1. A method of operating a computing device providing an endpoint in a peer-to-peer collaboration system in which each user has an identity and a display name, the method comprising:
-
in response to communicating with a first user, recording the first user as a contact in a contact data store in memory associated with the computing device, the recording comprising storing at least an identity and display name of the first user; in response to receiving a communication from a second user; determining whether the display name of the second user is equivalent to the display name of a user in the contact data store; and when the display name of the second user is equivalent to the display name of a user in the contact data store, and the identity of the second user is different than the identity of the user in the contact data store with the matching display name, generating a warning on a display associated with the computing device, wherein generating the warning comprises generating a warning about a potentially masquerading user having a display name equivalent to the display name of the user in the contact data store with the matching display name, the potentially masquerading user selected from a set of users having display names equivalent to the display name of the user in the contact data store with the matching display name, the set including the user in the contact data store with the matching display name, and the potentially masquerading user being selected based on relative authorization levels of the users in the set, wherein; the warning comprises a name conflict indicator displayed in a first graphical user interface to the computing device indicating a conflict with a conflicted display name, the conflicted display name being the display name common to the second user and the user in the contact data store with the matching display name; and the method further comprises; in response to user input received through the first graphical user interface, the user input being associated with the name conflict indicator, displaying on the computing device a plurality of equivalent display names that are equivalent to the conflicted display name; receiving user input from a user of the computing device specifying an alternative display name for a selected display name, the alternative display name being selected by the user from the plurality of equivalent display names displayed on the computing device, the alternative display name being associated with a selected identity and being different than the conflicted display name; and identifying on a second graphical user interface of the computing device the selected identity with the alternative display name, the second graphical user interface providing a function related to controlling communication within the peer-to-peer collaboration system, the communication being between the computing device and a second device associated with the selected identity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of operating a computing device providing an endpoint in a peer-to-peer collaboration system in which each user has an identity and a display name, the method comprising:
-
receiving an input setting a security policy from a user of the computing device and/or a system administrator; in response to an event that triggers a function that includes display of a display name of a first user; determining an authentication level of the first user, the authentication level comprising an authentication level being selected from a set comprising a certified level, an authenticated level, and an unauthenticated level, the certified level being higher then the authenticated level and the authenticated level being higher than the unauthenticated level; selectively responding to the event based on the authentication level and the security policy, the security policy having at least an allow option, a restrict option and a warn option, and the selectively responding comprising; when the security policy option is determined to be allow, presenting on a graphical user interface the display name of the first user in conjunction with performance of the function in response to the event; when the security policy option is determined to be warn and the authentication level is less than or equal to a threshold level, presenting on the graphical user interface the display name of the first user in conjunction with performance of the function, the presenting including presenting a warning on the authentication level of the first user; and when the security policy option is set to restrict and the authentication level is less than or equal to the threshold level, omitting performance of the function. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer readable storage medium storing computer-executable instructions that, when executed on a computing device providing an endpoint in a peer-to-peer collaboration system in which each user has an identity and a display name, perform a method comprising:
-
receiving an input setting a security policy from a user of the computing device and/or a system administrator; in response to an event that triggers a function that includes display of a display name of a first user; determining an authentication level of the first user, the authentication level comprising an authentication level being selected from a set comprising a certified level, an authenticated level, and an unauthenticated level, the certified level being higher then the authenticated level and the authenticated level being higher than the unauthenticated level; selectively responding to the event based on the authentication level and the security policy, the security policy having at least an allow option, a restrict option and a warn option, and the selectively responding comprising; when the security policy option is determined to be allow, presenting on a graphical user interface the display name of the first user in conjunction with performance of the function in response to the event; when the security policy option is determined to be warn and the authentication level is less than or equal to a threshold level, presenting on the graphical user interface the display name of the first user in conjunction with performance of the function, the presenting including presenting a warning on the authentication level of the first user, wherein when the first user is not determined to be certified, the method comprises; displaying a graphical user interface presenting information about the first user and containing an input area adapted to receive input from a user of the computing device authenticating the first user; when input is received from the user of the computing device authenticating the first user, determining that the first user has an authentication level of authenticated; and when input is not received from the user of the computing device authenticating the first user, determining that the first user has an authentication level of unauthenticated; and when the security policy option is set to restrict and the authentication level is less than or equal to the threshold level, omitting performance of the function.
-
-
27. A computer readable storage medium storing computer-executable instructions that, when executed on a computing device providing an endpoint in a peer-to-peer collaboration system in which each user has an identity and a display name, perform a method comprising:
-
in response to an event adapted to trigger a function associated with a first user different than a user of the computing device; determining an authentication level of the first user, the authentication level comprising an authentication level being selected from a set comprising a certified level, an authenticated level, and an unauthenticated level, the certified level being higher then the authenticated level and the authenticated level being higher than the unauthenticated level; selectively responding to the event based on the authentication level and a security policy, the security policy having at least an allow option, a restrict option and a warn option, and the selectively responding comprising; when the security policy option is set to restrict and the authentication level is less than or equal to a threshold level, blocking performance of the function; and when the security policy option is determined to be warn and the authentication level is less than or equal to the threshold level, presenting on a graphical user interface the display name of the first user in conjunction with performance of the function in response to the event, the presenting including presenting a warning on the authentication level of the first user, wherein; the authentication level comprises an authentication level selected from a set comprising a certified level, an authenticated level, and an unauthenticated level, the certified level being higher then the authenticated level and the authenticated level being higher than the unauthenticated level; and the method further comprises; when the first user is not determined to be certified; displaying a graphical user interface presenting information about the first user and containing an input area adapted to receive input from a user of the computing device authenticating the first user; when input is received from the user of the computing device authenticating the first user, determining that the first user has an authentication level of authenticated; and when input is not received from the user of the computing device authenticating the first user, determining that the first user has an authentication level of unauthenticated. - View Dependent Claims (28, 29, 30, 31)
-
Specification