Integrating operating systems with content offered by web based entities

US 8,572,716 B2
Filed: 04/23/2007
Issued: 10/29/2013
Est. Priority Date: 04/23/2007
Status: Active Grant

First Claim

Patent Images

1. A method of facilitating a computer logon session comprising:

receiving, by a logon screen generated by an operating system, a user'"'"'s credential associated with the user, the operating system including a kernel;

transmitting a validation request to an internet based service provider, wherein said validation request includes the user'"'"'s credentials, said credentials being verifiable by said internet based service provider;

receiving information related to said user from said internet based service provider, wherein said information includes a security context;

utilizing, by an authentication process of the operating system, said user security context to generate an operating system security token;

logging said user into the operating system, wherein the operating system security token is used by said operating system to determine whether a user associated with the user'"'"'s credential is authorized to use system resources; and

using the security context to obtain content from one or more internet based service providers.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments are provided for integrating operating systems with content offered by internet based entities.

40 Citations

View as Search Results

19 Claims

1. A method of facilitating a computer logon session comprising:
- receiving, by a logon screen generated by an operating system, a user'"'"'s credential associated with the user, the operating system including a kernel;
  
  transmitting a validation request to an internet based service provider, wherein said validation request includes the user'"'"'s credentials, said credentials being verifiable by said internet based service provider;
  
  receiving information related to said user from said internet based service provider, wherein said information includes a security context;
  
  utilizing, by an authentication process of the operating system, said user security context to generate an operating system security token;
  
  logging said user into the operating system, wherein the operating system security token is used by said operating system to determine whether a user associated with the user'"'"'s credential is authorized to use system resources; and
  
  using the security context to obtain content from one or more internet based service providers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - configuring the operating system to accept credentials associated with said internet based service provider.
  - 3. The method of claim 1, further comprising:
    - rendering, by the operating system, a challenge after receiving incorrect credentials associated with said internet based service provider one or more times.
  - 4. The method of claim 1, further comprising:
    - caching said security context, wherein said information includes a ticket, said ticket operable to acquire content associated with one or more storage services.
  - 5. The method of claim 1, further comprising:
    - determining whether said user has permission to access content by checking the operating system security token;
      
      transmitting a request for said content to one or more remote storage services; and
      
      receiving said content from said one or more storage services.
  - 6. The method of claim 1, further comprising:
    - transmitting a request to configure access rights for content associated with the user, wherein said access rights are operable to enable one or more additional users to access said content.
  - 7. The method of claim 1, further comprising:
    - configuring a common view of the operating system.
  - 8. The method of claim 1, wherein said transmitting a validation request to an internet based service provider further comprises:
    - transmitting a validation request to said internet based service provider, wherein validation of said user'"'"'s credentials is required to access the system resources.
  - 9. The method of claim 1, wherein said transmitting a validation request to an internet based service provider further comprises:
    - transmitting a validation request to said internet based service provider, wherein said internet based service provider is selected from a plurality of internet based service providers.
  - 10. The method of claim 1, wherein said utilizing said security context to generate the operating system security token further comprises:
    - utilizing said security context to generate operating system security token that includes a security identifier, wherein said security identifier includes a user'"'"'s privileges.

11. A computer system, comprising:
- a processor;
  
  a memory coupled to the processor, wherein the memory includes executable instructions that upon execution by the processor cause the computer system to;
  
  receive, via an operating system log-on screen, a credential;
  
  send the credential to an internet-based service provider;
  
  receive a security context generated by the internet-based service provider;
  
  generate an operating system logon token using information stored in the security context;
  
  download, prior to logging a user associated with the logon token into the operating system, a file from the internet-based service provider;
  
  log the user into the operating system using the operating system logon token, the operating system including a kernel; and
  
  display, by the operating system, an icon for the downloaded file.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer system of claim 11, wherein the memory further comprises instructions that upon execution by the processor cause the computer system to:
    - open, by the operating system, a file stored in a file system of the operating system based on a privilege stored in the operating system logon token.
  - 13. The computer system of claim 11, wherein said memory further comprises instructions that upon execution by the processor cause the computer system to:
    - select the internet-based service provider from a plurality of internet-based service providers.
  - 14. The computer system of claim 11, wherein said memory further comprises that upon execution by the processor cause the computer system to:
    - send a request to set access control parameters for content associated with the security context to the internet-based service provider, wherein said access control parameters are operable to enable one or more additional users to access said content associated with the security context to the internet-based service provider.
  - 15. The computer system of claim 11, wherein said memory further comprises that upon execution by the processor cause the computer system to:
    - send a request to access an administrative profile to the internet-based service provider, wherein the administrative profile is configured to manage one or more restricted profiles.

16. A computer-readable storage medium wherein the medium is not a signal including executable instructions that upon execution by a processor cause a computer system to facilitate a computer system logon session, the computer-readable storage medium comprising:
- instructions that upon execution by the processor cause the computer system to display a logon screen for an operating system;
  
  instructions that upon execution by the processor cause the computer system to receive, by the logon screen, a credential;
  
  instructions that upon execution by the processor cause the computer system to transmit a validation request to an internet based service provider, wherein said validation request includes the credential, said credentials being verifiable by said internet based service provider;
  
  instructions that upon execution by the processor cause the computer system to receive, in response to said validation request, a user security context from said internet based service provider;
  
  instructions that upon execution by the processor cause the computer system to generate an operating system logon token from said user security context;
  
  instructions that upon execution by the processor cause the computer system to log a user associated with the operating system logon token into the operating system, the operating system including a kernel, wherein the operating system is configured to use said operating system logon token to control access to local computing resources of the operating system;
  
  ; and
  
  instructions that upon execution by the processor cause the computer system to use the security context to obtain content from one or more internet based service providers.
- View Dependent Claims (17, 18, 19)
- - 17. The computer-readable storage medium of claim 16, further comprising:
    - instructions that upon execution by the processor cause the computer system to open a file stored in a file system of the operating system based on a privilege stored in the operating system logon token.
  - 18. The computer-readable storage medium of claim 16, further comprising:
    - instructions that upon execution by the processor cause the computer system to select the internet based service provider from a plurality of internet based service providers.
  - 19. The computer-readable storage medium of claim 16, further comprising:
    - instructions that upon execution by the processor cause the computer system to download, prior to logging the user into the operating system, a file from the internet based service provider; and
      
      instructions that upon execution by the processor cause the computer system to cause the operating system to display an icon for the downloaded file after logging the user into the operating system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Chander, Girish, Dutta, Tanmoy, Ilac, Cristian, Kavsan, Bronislav, Li, Ziquan, Luther, Andreas K., Medvinsky, Gennady, Zhu, Liquiang
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US11/789,270
Publication Number

US 20080263651A1
Time in Patent Office

2,381 Days
Field of Search

726/10, 726/19, 726/2, 726/9, 709/219
US Class Current

726/10
CPC Class Codes

G06F 21/335   for accessing specific reso...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/123   received data contents, e.g...

Integrating operating systems with content offered by web based entities

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

Integrating operating systems with content offered by web based entities

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others