Segmenting access to electronic message boards
First Claim
1. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising:
- under control of one or more computer systems configured with executable instructions, providing a user interface for displaying at least a portion of the content of the electronic message board on a computing device;
receiving, via the user interface, a request from a user to perform an action with respect to a selected thread on an electronic message board, the electronic messaging system capable of hosting a plurality of threads on the electronic message board;
retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads specifying at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads;
in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action;
determining whether the user is authorized to perform the requested action by validating user profile information associated with the user against the specified level of authentication, the user profile information being accessed using a user profile module configured to obtain the user profile information from at least one data store, the user profile information capable of being validated using a credit card number of the user for the strong level of authentication and capable of being validated using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and
performing the requested action when the user is determined to be authorized to perform the action on the selected thread.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for fine level access control over message content in an electronic messaging system. Access criteria associated with the message content define requirements that a user must satisfy in order to perform specified actions on message content. The user'"'"'s complete profile is examined at run time and compared to access criteria to make a real time decision about the level of access that a user should have to message content. Depending on the access criteria associated with content, stronger authentication or weaker authentication of the user profile information may be performed on the user profile to determine the level of access that should be granted to the user.
-
Citations
17 Claims
-
1. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising:
-
under control of one or more computer systems configured with executable instructions, providing a user interface for displaying at least a portion of the content of the electronic message board on a computing device; receiving, via the user interface, a request from a user to perform an action with respect to a selected thread on an electronic message board, the electronic messaging system capable of hosting a plurality of threads on the electronic message board; retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads specifying at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads; in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action; determining whether the user is authorized to perform the requested action by validating user profile information associated with the user against the specified level of authentication, the user profile information being accessed using a user profile module configured to obtain the user profile information from at least one data store, the user profile information capable of being validated using a credit card number of the user for the strong level of authentication and capable of being validated using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and performing the requested action when the user is determined to be authorized to perform the action on the selected thread. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising the steps of:
under control of one or more computer systems configured with executable instructions, receiving a request from a user to perform an action on a selected thread of a message board, the request sent via a user interface configured to display the content of the electronic messaging system on a computing device, the message board capable of providing a plurality of threads, each provided thread having access criteria for each of a plurality of actions capable of being performed with respect to the thread; retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least two different levels of authentication for one or more actions on one or more of the threads, the at least two different levels of authentication including at least a strong level of authentication and a weak level of authentication; in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action; accessing user profile information in at least one data store using a user profile module; sending a text message to a mobile phone of the user, determined using the user profile information, when the determined level of authentication is the strong level of authentication, the text message including an authentication code that, when entered into an authentication interface of the electronic messaging system, authorizes the user to perform the requested action; validating at least one of a gender, an age, and a zip code of the user profile information when the determined level of authentication is the weak level of authentication, in order to authorize the user to perform the requested action; and performing the requested action when the user is determined to be authorized to perform the action on the selected thread. - View Dependent Claims (10)
-
11. A system for operating an electronic messaging system, comprising:
-
a processor; a user profile interface; and a memory device including instructions that, when executed by the processor, cause the processor to; enable a user to access content of the electronic messaging system through a user interface executing on a computing device; receive a request from a user to perform an action on a selected thread of a message board, the message board capable of providing a plurality of threads, each provided thread having access criteria for a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads; determine whether the user is authorized to perform the action on the selected thread based on user profile information associated with the user and the level of authentication specified by the access criteria associated with the action to be performed on the selected thread, the user profile information being obtained from a data store using the user profile interface and capable of being validated using a credit card number of the user for the strong level of authentication and capable of being authorized using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and perform the requested action when the user is determined to be authorized to perform the action on the selected thread. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium with computer-executable code tangibly embodied thereon for operating an electronic messaging system, comprising:
-
program code for receiving a request from a user to perform an action on a selected thread of a message board, the request being transmitted via a user interface configured to enable the user to access content of the electronic messaging system on a computing device, the message board capable of providing a plurality of threads, each provided thread having access criteria for a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads; program code for determining whether the user is authorized to perform the action on the selected thread based on user profile information associated with the user and the level of authentication specified by the access criteria associated with the action to be performed on the selected thread, the user profile information being obtained from a data store using a user profile module and capable of being validated using a credit card number of the user for the strong level of authentication and capable of being authorized using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and program code for performing the requested action when the user is determined to be authorized to perform the action on the selected thread.
-
Specification