System, method, and policy engine for granting temporary access to electronic content
First Claim
1. A method of granting a first user temporary, limited access to a second user'"'"'s electronic content, the method comprising the steps of:
- receiving by a hardware processor controlling a Policy Engine, a request originating from the first user to access the second user'"'"'s electronic content stored on a server, wherein the second user is distinct from the server;
retrieving by the hardware processor controlling the Policy Engine from a relationship database, relationship information regarding a relationship between the first and second users;
applying by the hardware processor controlling the Policy Engine, an access rule matching the relationship information, the access rule specifying a portion of the second user'"'"'s electronic content and a period of time the portion of the second user'"'"'s electronic content is available, wherein different access rules specify different portions of the second user'"'"'s electronic content or different periods of time the portions of the second user'"'"'s electronic content are available, depending on the relationship between the first and second users;
when the specified period of time has not expired, the hardware processor controlling the Policy Engine granting the first user access to only the specified portion of the second user'"'"'s electronic content; and
when the specified period of time has expired, the hardware processor controlling the Policy Engine denying the first user access to the specified portion of the second user'"'"'s electronic content, and sending from the hardware processor controlling the Policy Engine to the second user, a notification that the first user attempted to access the second user'"'"'s electronic content after the specified period of time expired;
wherein the first user has at least one identifiable characteristic, and the access rule also specifies that all users having the at least one identifiable characteristic can access the specified portion of the second user'"'"'s electronic content during the specified period of time without requesting access from the second user.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method, and Policy Engine for granting a first user temporary access to a second user'"'"'s electronic content. The Policy Engine receives a request originating from the first user to access the second user'"'"'s content, and retrieves from a relationship database, relationship information regarding a relationship between the two users. If an access rule matching the relationship information is stored in the Policy Engine, the Policy Engine applies the access rule to control access by the first user for a period of time specified in the rule. If an access rule is not stored, the Policy Engine obtains the access rule from the second user. The Policy Engine allows access when the matching rule grants access and the matching rule has not expired, and denies access when there is no matching rule, when the matching rule does not allow access, or when the matching rule has expired.
10 Citations
15 Claims
-
1. A method of granting a first user temporary, limited access to a second user'"'"'s electronic content, the method comprising the steps of:
-
receiving by a hardware processor controlling a Policy Engine, a request originating from the first user to access the second user'"'"'s electronic content stored on a server, wherein the second user is distinct from the server; retrieving by the hardware processor controlling the Policy Engine from a relationship database, relationship information regarding a relationship between the first and second users; applying by the hardware processor controlling the Policy Engine, an access rule matching the relationship information, the access rule specifying a portion of the second user'"'"'s electronic content and a period of time the portion of the second user'"'"'s electronic content is available, wherein different access rules specify different portions of the second user'"'"'s electronic content or different periods of time the portions of the second user'"'"'s electronic content are available, depending on the relationship between the first and second users; when the specified period of time has not expired, the hardware processor controlling the Policy Engine granting the first user access to only the specified portion of the second user'"'"'s electronic content; and when the specified period of time has expired, the hardware processor controlling the Policy Engine denying the first user access to the specified portion of the second user'"'"'s electronic content, and sending from the hardware processor controlling the Policy Engine to the second user, a notification that the first user attempted to access the second user'"'"'s electronic content after the specified period of time expired; wherein the first user has at least one identifiable characteristic, and the access rule also specifies that all users having the at least one identifiable characteristic can access the specified portion of the second user'"'"'s electronic content during the specified period of time without requesting access from the second user. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A Policy Engine for controlling access by a first user to a second user'"'"'s electronic content, the Policy Engine comprising a control hardware processor for controlling a plurality of units, the units including:
-
a communication unit for receiving a request originating from the first user to access the second user'"'"'s electronic content stored on a server, wherein the second user is distinct from the server; a relationship retrieval unit for retrieving from a relationship database, relationship information regarding a relationship between the first and second users; a matching unit for applying an access rule matching the relationship between the first and second users, the access rule specifying a portion of the second user'"'"'s electronic content and a period of time the second user'"'"'s electronic content is available, wherein different access rules specify different portions of the second user'"'"'s electronic content or different periods of time the portions of the second user'"'"'s electronic content are available, depending on the relationship between the first and second users; and a timer for determining whether the specified period of time has expired; wherein when the specified period of time has not expired, the communication unit is configured to send a response toward the first user indicating that only the specified portion of the second user'"'"'s electronic content is available to the first user; and wherein when the specified period of time has expired, the communication unit sends a response toward the first user indicating that the specified portion of the second user'"'"'s electronic content is no longer available, and the communication unit sends to the second user, a notification that the first user attempted to access the second user'"'"'s electronic content after the specified period of time expired; wherein the first user has at least one identifiable characteristic, and the access rule also specifies that all users having the at least one identifiable characteristic can access the specified portion of the second user'"'"'s electronic content during the specified period of time without requesting access from the second user. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A system for controlling access by a first user to a second user'"'"'s electronic social content, the system comprising:
-
a Social Media Portal (SMP) for providing the first user with access to a social media network; a Policy Engine in communication with the SMP for storing and applying access rules for controlling access to electronic social content of a plurality of users; and an Active Address Book (AAB) in communication with the Policy Engine for storing relationship information regarding relationships between the plurality of users; wherein the SMP includes means for forwarding to the Policy Engine, a request originating from the first user to access the second user'"'"'s electronic social content stored on a server in the social media network, wherein the second user is distinct from the server; wherein the Policy Engine includes a control hardware processor for controlling a plurality of units, the units including; a relationship retrieval unit for retrieving from the AAB, relationship information regarding a relationship between the first and second users; a matching unit for applying an access rule matching the relationship between the first and second users, the access rule specifying a portion of the second user'"'"'s electronic content and a period of time the second user'"'"'s electronic content is available, wherein different access rules specify different portions of the second user'"'"'s electronic content or different periods of time the portions of the second user'"'"'s electronic content are available, depending on the relationship between the first and second users; a timer for determining whether the specified period of time has expired; and a communication unit configured to; send a response to the SMP allowing access when the matching rule grants access and the matching rule has not expired; and send a response to the SMP denying access when there is no matching rule, when the matching rule does not allow access, or when the matching rule has expired, wherein the communication unit sends to the second user, a notification that the first user was denied access, and when the matching rule has expired, the communication unit is configured to send a response toward the first user indicating that the specified portion of the second user'"'"'s electronic content is no longer available, and to send to the second user, a notification that the first user attempted to access the second user'"'"'s electronic content after the matching rule expired; and wherein the first user has at least one identifiable characteristic, and the access rule also specifies that all users having the at least one identifiable characteristic can access the specified portion of the second user'"'"'s electronic content during the specified period of time without requesting access from the second user. - View Dependent Claims (15)
-
Specification