Segmenting access to electronic message boards

US 8,214,446 B1
Filed: 06/04/2009
Issued: 07/03/2012
Est. Priority Date: 06/04/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising:

under control of one or more computer systems configured with executable instructions, providing a user interface for displaying at least a portion of the content of the electronic message board on a computing device;

receiving, via the user interface, a request from a user to perform an action with respect to a selected thread on an electronic message board, the electronic messaging system capable of hosting a plurality of threads on the electronic message board;

retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads specifying at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads;

in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action;

determining whether the user is authorized to perform the requested action by validating user profile information associated with the user against the specified level of authentication, the user profile information being accessed using a user profile module configured to obtain the user profile information from at least one data store, the user profile information capable of being validated using a credit card number of the user for the strong level of authentication and capable of being validated using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and

performing the requested action when the user is determined to be authorized to perform the action on the selected thread.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for fine level access control over message content in an electronic messaging system. Access criteria associated with the message content define requirements that a user must satisfy in order to perform specified actions on message content. The user'"'"'s complete profile is examined at run time and compared to access criteria to make a real time decision about the level of access that a user should have to message content. Depending on the access criteria associated with content, stronger authentication or weaker authentication of the user profile information may be performed on the user profile to determine the level of access that should be granted to the user.

Citations

17 Claims

1. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising:
- under control of one or more computer systems configured with executable instructions, providing a user interface for displaying at least a portion of the content of the electronic message board on a computing device;
  
  receiving, via the user interface, a request from a user to perform an action with respect to a selected thread on an electronic message board, the electronic messaging system capable of hosting a plurality of threads on the electronic message board;
  
  retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads specifying at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads;
  
  in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action;
  
  determining whether the user is authorized to perform the requested action by validating user profile information associated with the user against the specified level of authentication, the user profile information being accessed using a user profile module configured to obtain the user profile information from at least one data store, the user profile information capable of being validated using a credit card number of the user for the strong level of authentication and capable of being validated using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and
  
  performing the requested action when the user is determined to be authorized to perform the action on the selected thread.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1 wherein the requested action involves posting a new message to the electronic messaging system.
  - 3. The computer-implemented method of claim 1 wherein the requested action involves creating a new thread on the electronic messaging system.
  - 4. The computer-implemented method of claim 1 wherein the requested action involves reading a thread on the electronic messaging system.
  - 5. The computer-implemented method of claim 1 wherein the requested action involves replying to a message to the electronic messaging system.
  - 6. The computer-implemented method of claim 1 wherein the user profile information is further capable of, for the strong level of authentication, being validated by:
    - sending a text message to a mobile phone of the user;
      
      receiving a text message from the mobile phone of the user in response to the text message sent to the mobile phone of the user; and
      
      updating user profile information associated with the user to indicate that the identity of the user has been verified.
  - 7. The computer-implemented method of claim 1 wherein the user profile information is further capable of being validated using transactional account information for a transactional account associated with the user for the strong level of authentication.
  - 8. The computer-implemented method of claim 7 wherein the transactional account is an ecommerce account that has been used to complete a transaction for an item shipped to the user.

9. A computer-implemented method for controlling access to content of an electronic messaging system, the method comprising the steps of:
- under control of one or more computer systems configured with executable instructions,receiving a request from a user to perform an action on a selected thread of a message board, the request sent via a user interface configured to display the content of the electronic messaging system on a computing device, the message board capable of providing a plurality of threads, each provided thread having access criteria for each of a plurality of actions capable of being performed with respect to the thread;
  
  retrieving access criteria associated with the action to be performed on the selected thread, each thread on the electronic message board having access criteria for each of a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least two different levels of authentication for one or more actions on one or more of the threads, the at least two different levels of authentication including at least a strong level of authentication and a weak level of authentication;
  
  in response to receiving the request, determining the level of authentication specified by the access criteria for the selected thread and the requested action;
  
  accessing user profile information in at least one data store using a user profile module;
  
  sending a text message to a mobile phone of the user, determined using the user profile information, when the determined level of authentication is the strong level of authentication, the text message including an authentication code that, when entered into an authentication interface of the electronic messaging system, authorizes the user to perform the requested action;
  
  validating at least one of a gender, an age, and a zip code of the user profile information when the determined level of authentication is the weak level of authentication, in order to authorize the user to perform the requested action; and
  
  performing the requested action when the user is determined to be authorized to perform the action on the selected thread.
- View Dependent Claims (10)
- - 10. The computer-implemented method of claim 9 wherein when the access criteria further indicates that a weak level of authentication of the user is required:
    - identifying any waiting periods imposed on the user that limit the user'"'"'s access to message content.

11. A system for operating an electronic messaging system, comprising:
- a processor;
  
  a user profile interface; and
  
  a memory device including instructions that, when executed by the processor, cause the processor to;
  
  enable a user to access content of the electronic messaging system through a user interface executing on a computing device;
  
  receive a request from a user to perform an action on a selected thread of a message board, the message board capable of providing a plurality of threads, each provided thread having access criteria for a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads;
  
  determine whether the user is authorized to perform the action on the selected thread based on user profile information associated with the user and the level of authentication specified by the access criteria associated with the action to be performed on the selected thread, the user profile information being obtained from a data store using the user profile interface and capable of being validated using a credit card number of the user for the strong level of authentication and capable of being authorized using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and
  
  perform the requested action when the user is determined to be authorized to perform the action on the selected thread.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system of claim 11 wherein the instructions that cause the processor to validate user profile information further comprise, instructions that, when executed by the processor, cause the processor to:
    - send a text message to a mobile phone of the user, the text message including an authentication code that, when entered into an authentication interface of the electronic messaging system, authorizes the user to perform the requested action.
  - 13. The system of claim 11 wherein the instructions that cause the processor to validate user profile information further comprise, instructions that, when executed by the processor, cause the processor to:
    - send a text message to a mobile phone of the user;
      
      receive a text message from the mobile phone of the user in response to the text message sent to the mobile phone of the user; and
      
      update user profile information associated with the user to indicate that the identity of the user has been verified.
  - 14. The system of claim 11 wherein the instructions when executed by the processor further cause the processor to:
    - identify any waiting periods imposed on the user that limit the user'"'"'s access to message content when the access criteria indicates that the weak level of authentication of the user is required.
  - 15. The system of claim 11 wherein the instructions that cause the processor to validate user profile information further comprise instructions that, when executed by the processor, cause the processor to:
    - enable the user profile information to be validated against transactional account information for a transactional account associated with the user for the strong level of authentication.
  - 16. The system of claim 15 wherein the transactional account is an ecommerce account that has been used to complete a transaction for an item shipped to the user.

17. A non-transitory computer-readable medium with computer-executable code tangibly embodied thereon for operating an electronic messaging system, comprising:
- program code for receiving a request from a user to perform an action on a selected thread of a message board, the request being transmitted via a user interface configured to enable the user to access content of the electronic messaging system on a computing device, the message board capable of providing a plurality of threads, each provided thread having access criteria for a plurality of actions capable of being performed with respect to the thread, the access criteria for the plurality of threads including at least a strong level of authentication and a weak level of authentication for one or more actions on one or more of the threads;
  
  program code for determining whether the user is authorized to perform the action on the selected thread based on user profile information associated with the user and the level of authentication specified by the access criteria associated with the action to be performed on the selected thread, the user profile information being obtained from a data store using a user profile module and capable of being validated using a credit card number of the user for the strong level of authentication and capable of being authorized using at least one of a gender, and age, or a zip code of the user for the weak level of authentication; and
  
  program code for performing the requested action when the user is determined to be authorized to perform the action on the selected thread.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IMDb.com, Inc. (Amazon.com, Inc.)
Original Assignee
IMDb.com, Inc. (Amazon.com, Inc.)
Inventors
Siegel, Hillard B., Dave, Pratik S.
Primary Examiner(s)
Avellino, Joseph
Assistant Examiner(s)
KHAN, AFTAB N

Application Number

US12/478,214
Time in Patent Office

1,125 Days
Field of Search

709223-226, 709/206, 726 2- 7, 726/21, 726/27, 726/30, 713/168, 705/5
US Class Current

709/207
CPC Class Codes

G06F 21/31   User authentication

G06Q 10/02   Reservations, e.g. for tick...

G06Q 50/01   Social networking

H04L 51/00   User-to-user messaging in p...

Segmenting access to electronic message boards

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Segmenting access to electronic message boards

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links