Ad-hoc user account creation
First Claim
Patent Images
1. A method for a first computer to gain access to a second computer, the method comprising:
- executing a rules engine on the first computer, the rules engine having one or more conditions managed by a user;
establishing a connection between the first computer and the second computer;
sending a calling card comprising a trusted token to the second computer, the trusted token containing an identity information of the user of the first computer, where the calling card is generated by the rules engine; and
accessing a resource controlled by the second computer, wherein the resource is accessed based on the establishment of an ad hoc user-identity for the user and is characterized by a lack of using third party resources for ad-hoc user-identity establishment at the time of establishment, the ad hoc user-identity comprising the identity information provided in the trusted token; and
wherein the sending of the calling card causes the establishment of the ad hoc user-identity upon authentication of the trusted token.
2 Assignments
0 Petitions
Accused Products
Abstract
A mechanism that allows a user to easily configure a rules engine to apply rules to decide which requests for access to a user'"'"'s computer resources are to be granted and which are denied. A trusted token, such as a certificate of identity issued by a trusted third party authority that verifies identities of computer users, is included in a calling card object provided by the requesting user to the (server) computer that controls the resources desired by the requester. Additional conditions for access may be specified as desired by the user of the server computer.
33 Citations
14 Claims
-
1. A method for a first computer to gain access to a second computer, the method comprising:
-
executing a rules engine on the first computer, the rules engine having one or more conditions managed by a user; establishing a connection between the first computer and the second computer; sending a calling card comprising a trusted token to the second computer, the trusted token containing an identity information of the user of the first computer, where the calling card is generated by the rules engine; and accessing a resource controlled by the second computer, wherein the resource is accessed based on the establishment of an ad hoc user-identity for the user and is characterized by a lack of using third party resources for ad-hoc user-identity establishment at the time of establishment, the ad hoc user-identity comprising the identity information provided in the trusted token; and wherein the sending of the calling card causes the establishment of the ad hoc user-identity upon authentication of the trusted token. - View Dependent Claims (2, 3, 4)
-
-
5. A computerized apparatus, comprising:
-
a network interface capable of receiving one or more requests; a user-identity database that stores user-identity information associated with requests received over the network interface; a rules engine that manages access to the computerized apparatus, the rules engine configured at least in part by a user of the computerized apparatus; and a processing apparatus in communication with the network interface, user-identity database, rules engine, and a storage apparatus, the storage apparatus having a plurality of instructions stored thereon which are configured to, when executed by the processing apparatus; receive a resource request, where the resource request comprises information associated with an other user of an external device; read the resource request to extract the information associated with the other user; apply one or more access rules governed by the rules engine module to the extracted information; create an ad hoc user-identity account associated with only the other user in the user-identity database configured to access the requested resource; store the ad hoc user-identity account for future use; and wherein the ad-hoc user-identity account creation is characterized by a lack of third party resource usage for ad-hoc user-identity account creation at the time of creation. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification