Access rights

US 7,668,830 B2
Filed: 11/29/2004
Issued: 02/23/2010
Est. Priority Date: 11/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a request for a service at a first device from a user at a second device, the request including a resource identifier and identity information corresponding to the second device;

authenticating the second device at the first device using a device log-in and password;

identifying the user of the second device comprising;

accessing a contact list at the first device,comparing, at the first device, the identity information received from the second device and information within the accessed contact list,selecting a user identifier corresponding to the user of the second device as any identity information which matches the contact list information when a match is determined, wherein the user identifier is different than the device log-in and password, and wherein the matched information includes a phone number of the second device;

selecting an access group identifier at the first device from the contact list using the user identifier;

selecting an access right for the user using the access group identifier;

determining if the user has permission to access a data item identified by the resource identifier;

when the user has permission to access the data item, determining if the access right allows performance of the service; and

providing the service at the first device when the access right allows performance of the service.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device and method define an access right to a shared data item. The method includes defining a group of one or more contacts in a contact list, assigning an access right to the group of one or more contacts, and assigning the group of one or more contacts to a shared data item. A device and method also provide a service based on the access right to the shared data item. The method includes receiving a request for a service from a user at a second device, the request including a resource identifier, selecting a user identifier for the user, selecting an access group identifier from a contact list using the user identifier, selecting an access right for the user using the access group identifier, determining if the user has permission to access a data item identified by the resource identifier, if the user has permission to access the data item, determining if the access right allows performance of the service, and providing the service at the first device if the access right allows performance of the service.

52 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving a request for a service at a first device from a user at a second device, the request including a resource identifier and identity information corresponding to the second device;
  
  authenticating the second device at the first device using a device log-in and password;
  
  identifying the user of the second device comprising;
  
  accessing a contact list at the first device,comparing, at the first device, the identity information received from the second device and information within the accessed contact list,selecting a user identifier corresponding to the user of the second device as any identity information which matches the contact list information when a match is determined, wherein the user identifier is different than the device log-in and password, and wherein the matched information includes a phone number of the second device;
  
  selecting an access group identifier at the first device from the contact list using the user identifier;
  
  selecting an access right for the user using the access group identifier;
  
  determining if the user has permission to access a data item identified by the resource identifier;
  
  when the user has permission to access the data item, determining if the access right allows performance of the service; and
  
  providing the service at the first device when the access right allows performance of the service.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein selecting the access group identifier for the user comprises:
    - searching the contact list using the user identifier; and
      
      selecting the access group identifier from the contact list information that corresponds to the user identifier when the user identifier is found in the contact list.
  - 3. The method of claim 1, wherein determining if the user has permission to access the data item comprises:
    - identifying a resource access group list for the data item;
      
      searching the resource access group list using the access group identifier; and
      
      determining that the user has permission to access the data item when the access group identifier is found in the resource access group list.
  - 4. The method of claim 1, wherein identifying the user of the second device further comprises:
    - determining that the user corresponding to the matched phone number has an alternative corresponding phone number within the contact list, wherein the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers;
      
      in response to determining that the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers, determining a HTTP authentication username corresponding to the user; and
      
      designating the HTTP authentication username as the user identifier in place of the identity information which matched the contact list information, wherein the HTTP authentication user corresponds to a same or different access group identifier as the matched phone number.
  - 5. The method of claim 1, wherein the identity information comprises at least one of:
    - an authentication code, an email uniform resource identifier (URI), and a uniform resource locator (URL).

6. One or more computer-readable storage media having computer-readable instructions stored thereon that, upon execution by a processor of a first device, cause the processor to perform:
- receiving a request for a service from a user at a second device, the request including a resource identifier and identity information corresponding to the second device;
  
  authenticating the second device using a device log-in and password;
  
  identifying the user of the second device comprising;
  
  accessing a contact list at the first device,comparing the identity information received from the second device and information within the accessed contact list,selecting a user identifier corresponding to the user of the second device as any identity information which matches the contact list information when a match is determined, wherein the user identifier is different than the device log-in and password, and wherein the matched information includes a phone number of the second device;
  
  selecting an access group identifier from the contact list using the user identifier, the contact list including, for each contact, contact identity information;
  
  selecting an access right for the user using the access group identifier;
  
  determining if the user has permission to access a data item identified by the resource identifier;
  
  when the user has permission to access the data item, determine if the access right allows performance of the service; and
  
  providing the service when the access right allows performance of the service.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The computer-readable storage media of claim 6, wherein the instructions causing the processor to perform selecting the access group identifier for the user further comprise:
    - searching the contact list using the user identifier; and
      
      selecting the access group identifier from the contact list information that corresponds to the user identifier when the user identifier is found in the contact list.
  - 8. The computer-readable storage media of claim 6, wherein the instructions causing the processor to perform determining if the user has permission to access the data item further comprise:
    - identifying a resource access group list for the data item;
      
      searching the resource access group list using the access group identifier; and
      
      determining that the user has permission to access the data item when the access group identifier is found in the resource access group list.
  - 9. The computer readable storage media of claim 6, wherein the instructions causing the processor to perform identifying the user of the device further comprises:
    - determining that the user corresponding to the matched phone number has an alternative corresponding phone number within the contact list, wherein the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers;
      
      in response to determining that the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers, determining a HTTP authentication username corresponding to the user; and
      
      designating the HTTP authentication username as the user identifier in place of the identity information which matched the contact list information, wherein the HTTP authentication user corresponds to a same or different access group identifier as the matched phone number.
  - 10. The one or more computer-readable storage media of claim 6, wherein the identity information comprises at least one of:
    - an authentication code, an email uniform resource identifier (URI), and a uniform resource locator (URL).

11. An apparatus comprising:
- a processor; and
  
  a memory having stored therein computer executable instructions that when executed by the processor, cause the apparatus to;
  
  receive a request for a service from a user at a different device, the request including a resource identifier and identity information corresponding to the different device;
  
  authenticate the different device using a device log-in and password received from the different device;
  
  identify the user of the different device comprising;
  
  accessing a contact list at the apparatus,comparing the identity information received from the different device and information within the contact list accessed,selecting a user identifier corresponding to the user of the different device as any identity information which matches the contact list information when a match is determined, wherein the user identifier is different than the device log-in and password, and wherein the matched information includes a phone number of the different device;
  
  select an access group identifier from a contact list using the user identifier, the contact list including, for each contact, contact identity information;
  
  select an access right for the user using the access group identifier;
  
  determine if the user has permission to access a data item identified by the resource identifier;
  
  when the user has permission to access the data item, determine if the access right allows performance of the service; and
  
  provide the service when the access right allows performance of the service.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The apparatus of claim 11, wherein selecting the access group identifier further includes:
    - searching the contact list using the user identifier; and
      
      selecting the access group identifier from the contact list information that corresponds to the user identifier when the user identifier is found in the contact list.
  - 13. The apparatus of claim 11, wherein determining if the user has permission to access the data item comprises:
    - identifying a resource access group list for the data item;
      
      searching the resource access group list using the access group identifier; and
      
      determining that the user has permission to access the data item when the access group identifier is found in the resource access group list.
  - 14. The apparatus of claim 11, wherein identifying the user of the device comprises:
    - determining that the user corresponding to the matched phone number has an alternative corresponding phone number within the contact list, wherein the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers;
      
      in response to determining that the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers, determine a HTTP authentication username corresponding to the user; and
      
      designating the HTTP authentication username as the user identifier in place of the identity information which matched the contact list information, wherein the HTTP authentication user corresponds to a same or different access group identifier as the matched phone number.
  - 15. The apparatus of claim 11, wherein the identity information comprises at least one of:
    - an authentication code, an email uniform resource identifier (URI), and a uniform resource locator (URL).

16. A system comprising:
- a first device, the first device configured to send a request for a service to a second device, the request including a resource identifier and identity information corresponding to the first device; and
  
  the second device configured to receive the request for the service from a user at the first device;
  
  the second device further comprising;
  
  an access controller, the access controller comprising computer code configured to;
  
  authenticate the first device at the second device using a device log-in and password;
  
  identify the user of the first device comprising;
  
  accessing a contact list at the second device,comparing, at the second device, identity information received from the first device and information within the contact list accessed by the second device,selecting a user identifier corresponding to the user of the first device as any identity information which matches the contact list information when a match is determined, wherein the user identifier is different than the device log-in and password, and wherein the matched information includes a phone number of the first device;
  
  select an access group identifier from a contact list using the user identifier, the contact list including, for each contact, contact identity information;
  
  select an access right for the user using the access group identifier;
  
  determine if the user has permission to access a data item identified by the resource identifier;
  
  when the user has permission to access the data item, determine if the access right allows performance of the service; and
  
  provide the service when the access right allows performance of the service;
  
  a memory, wherein the memory stores the access controller; and
  
  a processor coupled to the memory and the second communication interface, the processor configured to execute the access controller.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the computer code configured to select the access group identifier for the user comprises computer code configured to:
    - search the contact list using the user identifier;
      
      select the access group identifier from the contact list information that corresponds to the user identifier when the user identifier is found in the contact list.
  - 18. The system of claim 17, wherein the computer code configured to determine if the user has permission to access the data item comprises computer code configured to:
    - identify a resource access group list for the data item;
      
      search the resource access group list using the access group identifier; and
      
      determine that the user has permission to access the data item when the access group identifier is found in the resource access group list.
  - 19. The system of claim 16, wherein identifying the user of the first device further comprises:
    - determining that the user corresponding to the matched phone number has an alternative corresponding phone number within the contact list, wherein the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers;
      
      in response to determining that the matched phone number and alternative corresponding phone numbers are associated with different access group identifiers, determining a HTTP authentication username corresponding to the user; and
      
      designating the HTTP authentication username as the user identifier in place of the identity information which matched the contact list information, wherein the HTTP authentication user corresponds to a same or different access group identifier as the matched phone number.
  - 20. The system of claim 16, wherein the identity information comprises at least one of:
    - an authentication code, an email uniform resource identifier (URI), and a uniform resource locator (URL).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Hakala, Kimmo
Primary Examiner(s)
To; Baoquoc N

Application Number

US10/998,872
Publication Number

US 20060117010A1
Time in Patent Office

1,912 Days
Field of Search

707/9, 707/1, 707/10, 709/229, 709/202
US Class Current

1/1
CPC Class Codes

G06F 16/176   Support for shared access t...

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/101   Access control lists [ACL]

Y10S 707/99939   Privileged access

Access rights

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Access rights

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links