Token-based remote data access

US 7,895,445 B1
Filed: 03/13/2006
Issued: 02/22/2011
Est. Priority Date: 04/26/2001
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

causing, at least in part, receiving, by a processor, resource selections and content-sharing characteristics from a packet-communicating device associated with a registered user via a packet-based user interface, wherein the content-sharing characteristics includes data specifying a period of time during which content is available for sharing;

in response to the resource selections, creating, by the processor, a share that designates content-sharing characteristics by generating an electronic key that specifies resources that are the subject of the received resource selections, and associating a unique identifier with the key, the unique identifier identifying an agent via which access to the specified resources can be made;

generating, by the processor, a unique authentication for the key and assigning the generated authentication to the key;

creating, by the processor, an electronic token bearing the key, the unique identifier and the unique authentication for use by a remotepacket-communicating device as a function of the share characteristics;

selectively initiating authentication of the token as a function of the unique authentication tofacilitate access, by the remote user'"'"'s packet-communicating device, to the requested content via the registered user'"'"'s packet-communicating device as a function of the resources specified by the key in the token; and

selectively constructing an authentication cookie to permit access to the requested content by a remote appliance.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data transfer between remote and home locations over a network is effected using an electronic token to facilitate access to the data. According to an example embodiment of the present invention, a network-based server facilitates the generation of a token specifying conditions upon which data access to a registered user'"'"'s data can be made. When a request for data transfer is received in connection with a token, information in the token is used together with the request to selectively authenticate and serve the request.

214 Citations

16 Claims

1. A method comprising:
- causing, at least in part, receiving, by a processor, resource selections and content-sharing characteristics from a packet-communicating device associated with a registered user via a packet-based user interface, wherein the content-sharing characteristics includes data specifying a period of time during which content is available for sharing;
  
  in response to the resource selections, creating, by the processor, a share that designates content-sharing characteristics by generating an electronic key that specifies resources that are the subject of the received resource selections, and associating a unique identifier with the key, the unique identifier identifying an agent via which access to the specified resources can be made;
  
  generating, by the processor, a unique authentication for the key and assigning the generated authentication to the key;
  
  creating, by the processor, an electronic token bearing the key, the unique identifier and the unique authentication for use by a remotepacket-communicating device as a function of the share characteristics;
  
  selectively initiating authentication of the token as a function of the unique authentication tofacilitate access, by the remote user'"'"'s packet-communicating device, to the requested content via the registered user'"'"'s packet-communicating device as a function of the resources specified by the key in the token; and
  
  selectively constructing an authentication cookie to permit access to the requested content by a remote appliance.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein generating an electronic key includes generating a file system path to the specified resources and associating the key with the generated file system path.
  - 3. The method of claim 1, wherein generating an electronic key includes specifying file locations of a collection of resources at different locations and storing information associating the key with the collection of resources.
  - 4. The method of claim 1, wherein receiving content-sharing characteristics from the registered user includes receiving information specifying a communications approach via which to provide the token by sending the token to the remote user via the specified communications approach.
  - 5. The method of claim 1, wherein providing the token includes at least one of:
    - notifying the remote user that the token is available for access, notifying the registered user that the token is available, providing the token to the registered user for distribution, providing the token to the remote user, and placing the token into a URL and providing the URL to the remote user.
  - 6. The method of claim 1, wherein providing the token includes placing the token into a URL and providing the URL to the remote user, the user implementing the token by accessing the URL, wherein authenticating the token includes extracting the token from the URL and authenticating the extracted token.
  - 7. The method of claim 1, wherein creating an electronic token includes generating a cryptographic hash value and including the cryptographic hash value with the token, and wherein authenticating the token includes generating a new cryptographic hash value and comparing the new cryptographic hash value with the cryptographic hash value in the token and authenticating the token in response to the cryptographic hash values matching.
  - 8. The method of claim 1, wherein generating an electronic key that specifies resources that are the subject of the received resource selections includes storing an identification of the received resource selections in association with the key.
  - 9. The method of claim 8, wherein facilitating access to the requested content includes accessing the stored identification of the received resource selections associated with the key and providing access to requested content specified in the stored identification.
  - 10. The method of claim 1, wherein the remote appliance is a remote Internet appliance to which the content request is made and using the authentication cookie at the remote Internet appliance to facilitate access to the content.
  - 11. The method of claim 1, wherein facilitating access to the requested content includes generating a new URL and passing that new URL to a remote user, the new URL pointing to a web page via which the remote user can access the requested content.
  - 12. The method of claim 1, further comprising receiving and storing access control rules form the registered user, and wherein facilitating access to the requested content includes applying the access control rules specified by the registered user.
  - 13. The method of claim 1, further comprising, in response to receiving the token from a remote user, providing a web interface accessible by the remote user, the web interface identifying content available to the remote user.
  - 14. The method of claim 1, wherein creating a share includes creating and storing information that designates the characterized time period, and wherein facilitating access to the requested content includes limiting access to the requested content to the period of time specified in the share characteristics.
  - 15. The method of claim 1, wherein receiving share characteristics includes receiving a password from the registered user, and wherein authenticating the token includes authenticating the token in response to a password provided by the remote user matching the password received from the registered user.

16. An apparatus comprising:
- a processing circuit configured to cause, at least in part;
  
  receive resource selections and content-sharing characteristics from a packet-communicating device associated with a registered user via a packet-based user interface, wherein the content-sharing characteristics includes data specifying a period of time during which content is available for sharing;
  
  in response to the resource selections, create a share that designates content-sharing characteristics by generating an electronic key that specifies resources that are the subject of the received resource selections, and associating a unique identifier with the key, the unique identifier identifying an agent via which access to the specified resources can be made;
  
  generate a unique authentication for the key and assign the generated authentication to the key;
  
  create an electronic token bearing the key, the unique identifier and the unique authentication for use by a remotepacket-communicating device as a function of the share characteristics;
  
  selectively initiating authentication of the token as a function of the unique authentication tofacilitate access, by the remote user'"'"'s packet-communicating device, to the requested content via the registered user'"'"'s packet-communicating device as a function of the resources specified by the key in the token; and
  
  selectively constructing an authentication cookie to permit access to the requested content by a remote appliance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Henderson, James Roland, Barraclough, Keith, Philander, Rodrigo, Albanese, Michael J., Irvine, David
Primary Examiner(s)
Shiferaw; Eleni A
Assistant Examiner(s)
Reza; Mohammad W

Application Number

US11/374,414
Time in Patent Office

1,807 Days
Field of Search

713/172, 713/178, 713/182, 713/185, 726/27, 726/9, 726/20, 725/29
US Class Current

713/185
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 43/00   Arrangements for monitoring...

H04L 45/00   Routing or path finding of ...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 67/63   Routing a service request d...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/3234   involving additional secure...

Token-based remote data access

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

214 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Token-based remote data access

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

214 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others