Techniques for peer-to-peer communication using a “shared secret”

US 8,966,595 B1
Filed: 12/15/2010
Issued: 02/24/2015
Est. Priority Date: 12/15/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for binding peers in an electronic environment, comprising:

under the control of one or more computer systems configured with executable instructions,embedding, in at least one web page of a Web site, a reference to a trusted script that is able to be sent with the at least one web page to at least one client computing device, wherein the trusted script is configured to begin executing on the at least one client computing device that is displaying the at least one web page in response to the at least one client computing device rendering the at least one web page;

receiving a request for a page of the at least one page of the Web site from a first client computing device;

providing the page for display on the first client computing device, the trusted script and a predetermined security sequence being sent with the page, the predetermined security sequence including a predetermined sequence of inputs to be inputted on the page;

receiving a submission from the first client computing device, wherein the submission includes the predetermined security sequence entered through the trusted script being executed by the first client computing device;

generating a queue for the first client computing device in response to receiving the submission, the queue being configured to store information for events generated on other client computing devices, wherein the other client computing devices were also provided the page for display, and wherein a submission including the predetermined security sequence was received from the other client computing devices; and

in response to a polling request from the first client computing device, sending information for any of the events stored in the queue, whereby the events generated on other client computing devices are able to be replicated on the first client computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for peer-binding are disclosed. In one embodiment, a method for peer-binding includes receiving a security sequence submission entered through a trusted script provided with the content from a first client computing device, rendered on the first client computing device. In response to receiving the security sequence submission from a second client computing device and entered through the trusted script, a common communication channel between the first and second client computing devices is established such that an event generated on one of the first and second client computing devices is sent to another of the first and second client computing devices. The submission results from a user action on one or more content elements included in the content. The trusted script is configured, when executed, to detect user actions and determine security sequences resulting from the user actions.

28 Citations

View as Search Results

24 Claims

1. A computer-implemented method for binding peers in an electronic environment, comprising:
- under the control of one or more computer systems configured with executable instructions,embedding, in at least one web page of a Web site, a reference to a trusted script that is able to be sent with the at least one web page to at least one client computing device, wherein the trusted script is configured to begin executing on the at least one client computing device that is displaying the at least one web page in response to the at least one client computing device rendering the at least one web page;
  
  receiving a request for a page of the at least one page of the Web site from a first client computing device;
  
  providing the page for display on the first client computing device, the trusted script and a predetermined security sequence being sent with the page, the predetermined security sequence including a predetermined sequence of inputs to be inputted on the page;
  
  receiving a submission from the first client computing device, wherein the submission includes the predetermined security sequence entered through the trusted script being executed by the first client computing device;
  
  generating a queue for the first client computing device in response to receiving the submission, the queue being configured to store information for events generated on other client computing devices, wherein the other client computing devices were also provided the page for display, and wherein a submission including the predetermined security sequence was received from the other client computing devices; and
  
  in response to a polling request from the first client computing device, sending information for any of the events stored in the queue, whereby the events generated on other client computing devices are able to be replicated on the first client computing device.
- View Dependent Claims (2, 3)
- - 2. The computer-implemented method of claim 1, further comprising:
    - generating an event on the first client computing device; and
      
      placing the generated event in queues, each queue being associated with one of the other client computing devices,wherein the event generated on the first client computing device is one of mouse clicking, selecting content elements, highlighting, or key pressing.
  - 3. The computer-implemented method of claim 1, wherein inputting the security sequence comprises one of accessing one or more content elements in one of a predetermined sequence or a predetermined number of times.

4. A computer-implemented method for peer binding, comprising:
- under the control of one or more computer systems configured with executable instructions,embedding a trusted script in content, the content including one or more content elements;
  
  sending the content, with the trusted script, to a first computing device of a plurality of client computing devices, the trusted script configured to begin executing in response to at least a portion of the content being rendered by the first computing device;
  
  receiving a submission from a first client computing device, wherein the submission includes a predetermined security sequence, and wherein the predetermined security sequence includes a predetermined sequence of inputs to be inputted on the content elements, the submission being entered through the trusted script sent with the content;
  
  sending the content, with the trusted script, to a second client computing device; and
  
  in response to receiving a second submission from the second client computing device, wherein the second submission also includes the predetermined security sequence and is entered through the trusted script, establishing a common communication channel between the first and second client computing devices such that an event generated on one of the first and second client computing devices is sent to another of the first and second client computing devices via the established common communication channel,wherein the trusted script is configured, when executed, to detect user actions.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The computer-implemented method of claim 4, wherein the content includes elements that have identifiers that are unique to a property pertaining to the content element, and wherein the predetermined security sequence resulting from the input on the content comprises a data string, the data string including a plurality of unique identifiers each associated with the one or more content elements accessed by the first client computing device.
  - 6. The computer-implemented method of claim 5, wherein the property pertaining to the content element comprises one of color, shape, or image.
  - 7. The computer-implemented method of claim 4, wherein the content includes content elements that are one of a button, image, or icon.
  - 8. The computer-implemented method of claim 4, wherein establishing a common communication channel comprises creating queues associated with each of the first and second client computing devices, each queue being configured to store events generated by other client computing devices sharing the common communication channel.
  - 9. The computer-implemented method of claim 4, wherein an event generated by one of the first and second client computing devices occurs on the content.

10. A computer-implemented method for peer binding, comprising:
- under the control of one or more computer systems configured with executable instructions,embedding a trusted script in a page of a Web site, the trusted script configured to be sent with the page and begin executing in response to at least a portion of the page being rendered by a first client computing device;
  
  receiving a security sequence submitted by the first client computing device through the trusted script, wherein the security sequence includes a predetermined sequence of inputs to be inputted on the Web site;
  
  validating the security sequence submitted by the first client computing device;
  
  associating the first client computing device with a data store provided by an online storage Web service;
  
  receiving the security sequence submitted by a second client computing device through the trusted script;
  
  validating the second client computing device with a data store provided by an online storage Web service;
  
  in response to receiving, through the trusted script, an event generated on the second client computing device, causing information for the event to be stored in the data store; and
  
  in response to a request for the event information received from the first client computing device, providing to the first client computing device a pointer to the data store in which the event information is stored, whereby the event generated on the second client computing device is able to be retrieved at the pointer and rendered on the first client computing device.
- View Dependent Claims (11, 12, 13)
- - 11. The computer-implemented method of claim 10, further comprising:
    - receiving account information submitted through the trusted script from the first client computing device rendering the Web site; and
      
      storing the received account information in a local data store associated with the Web site.
  - 12. The computer-implemented method of claim 11, wherein the local data store comprises a dedicated database accessible by the trusted script.
  - 13. The computer-implemented method of claim 10, wherein the event generated on the second client computing device is one of a plurality of events registered with the trusted script, the plurality of events including mouse clicking, selecting content elements, highlighting, or key pressing.

14. A computer system for peer binding, comprising a processor and a memory having computer-executable instructions that, when executed on the processor, cause the processor to:
- embed a trusted script in one or more content elements, the trusted script configured to be sent with the one or more content elements and begin executing in response to at least a portion of the one or more content elements being rendered by a first client computing device;
  
  receive a security sequence submission from the first client computing device, wherein the security sequence includes a predetermined sequence of inputs to be inputted on the content elements, the submission resulting from a first user action on the one or more content elements included in the content rendered on the first client computing device, the submission being entered through the trusted script provided with the content; and
  
  in response to receiving the security sequence submission resulting from a second user action on the one or more of the plurality of content elements included in the content rendered on a second client computing device and entered through the trusted script, establish a common communication channel between the first and second client computing devices such that an event generated on one of the first and second client computing devices is sent to another of the first and second client computing devices via the established common communication channel,wherein the trusted script is configured, when executed, to detect user actions and determine security sequences resulting from the user actions.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer system of claim 14, wherein the computer-executable instructions that cause the processor to establish a common communication channel between the first and second client computing devices further cause the processor to create queues associated with each of the first and second client computing devices, each queue being configured to store events generated by other client computing devices sharing the common communication channel.
  - 16. The computer system of claim 14, wherein the computer-executable instructions further cause the processor to detect an event generated on one of the first and second client computing devices.
  - 17. The computer system of claim 14, wherein the first user action comprises accessing the one or more content elements in one of a predetermined sequence or a predetermined number of times.
  - 18. The computer system of claim 14, wherein each of the content elements has an identifier that is unique to a property pertaining to the content element and the security sequence resulting from the user action comprises a data string, the data string comprising a plurality of unique identifiers each associated with the one or more content elements accessed by the first user.

19. A non-transitory computer-readable storage medium having computer-executable instructions for peer binding stored thereon that, when executed by a computer, cause the computer to:
- embed a trusted script in one or more content elements, the trusted script configured to be sent with the one or more content elements and begin executing in response to at least a portion of the one or more content elements being rendered by a first client computing device;
  
  receive a security sequence submission from the first client computing device, wherein the security sequence includes a predetermined sequence of inputs to be inputted on the content elements, the submission resulting from a first user action on the one or more content elements included in the content rendered on the first client computing device, the submission being entered through the trusted script; and
  
  in response to receiving the security sequence submission resulting from a second user action on the one or more of the plurality of content elements included in the content rendered on a second client computing device and entered through the trusted script, establish a common communication channel between the first and second client computing devices such that an event generated on one of the first and second client computing devices is sent to another of the first and second client computing devices via the established common communication channel,wherein the trusted script is configured, when executed, to detect user actions and determine security sequences resulting from the user actions.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The non-transitory computer-readable storage medium of claim 19, wherein the computer-executable instructions that cause the computer to establish a common communication channel between the at least two users further cause the computer to create queues associated with each of the first and second client computing devices, each queue being configured to store events generated by other client computing devices sharing the common communication channel.
  - 21. The non-transitory computer-readable storage medium of claim 19, wherein the computer-executable instructions further cause the computer to detect an event generated on one of the first and second client computing devices.
  - 22. The non-transitory computer-readable storage medium of claim 19, wherein the first user action comprises accessing the one or more content elements in one of a determined sequence or a determined number of times.
  - 23. The non-transitory computer-readable storage medium of claim 22, wherein each of the content elements has an identifier that is unique to a property pertaining to the content element and the security sequence resulting from the first user action comprises a data string, the data string including a plurality of unique identifiers each associated with the one or more content elements accessed by the first user.
  - 24. The non-transitory computer-readable storage medium of claim 23, wherein the computer-executable instructions further cause the computer to store the security sequence.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
A9.com Incorporated (Amazon.com, Inc.)
Original Assignee
A9.com Incorporated (Amazon.com, Inc.)
Inventors
Amacker, Matthew W.
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
Sarker, Sanchit

Application Number

US12/969,382
Time in Patent Office

1,532 Days
Field of Search

726/5, 715/733
US Class Current

726/5
CPC Class Codes

G06F 21/606 by securing the transmissio...

H04L 63/04 for providing a confidentia...

Techniques for peer-to-peer communication using a “shared secret”

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Techniques for peer-to-peer communication using a “shared secret”

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links