Method and system for restricting access to user resources
First Claim
Patent Images
1. A computer program product comprising:
- a non-transitory computer usable storage medium having computer executable instructions embodied therein for managing access to an application program interface (API) comprising a plurality of functions, the computer executable instructions comprising instructions for;
receiving a message containing code calling a function in the API and data indicating API function execution rights for the message;
determining whether the data indicate that the message has a right to execute the called function;
executing the called function responsive to the data indicating that the message has the right to execute the called function; and
sending a response to an originator of the message indicating whether the code successfully executed the function in the API.
0 Assignments
0 Petitions
Accused Products
Abstract
A user'"'"'s set top box (STB), or other client, executes a shell and has an application program interface (API) by which certain features of the client can be controlled. The client is in communication with a walled garden proxy server (WGPS). The client sends a request to the WGPS to access a service provided by a site in the garden. The site sends the client a message containing code calling a function in the API. The WGPS traps the message from the site and looks up the site in a table to determine the access control list (ACL) for the site. The WGPS includes the ACL in the header of the hypertext transport protocol (HTTP) message to the client. The shell receives the message and extracts the ACL. If the code lacks permission, the shell stops execution.
129 Citations
20 Claims
-
1. A computer program product comprising:
a non-transitory computer usable storage medium having computer executable instructions embodied therein for managing access to an application program interface (API) comprising a plurality of functions, the computer executable instructions comprising instructions for; receiving a message containing code calling a function in the API and data indicating API function execution rights for the message; determining whether the data indicate that the message has a right to execute the called function; executing the called function responsive to the data indicating that the message has the right to execute the called function; and sending a response to an originator of the message indicating whether the code successfully executed the function in the API. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A computer for managing access to an application program interface (API) comprising a plurality of functions, the computer comprising:
-
a processor for executing computer program instructions; and a non-transitory computer usable storage medium having computer program instructions embodied therein, the computer program instructions comprising instructions for; receiving a message containing code calling a function in the API and data indicating API function execution rights for the message; determining whether the data indicate that the message has a right to execute the called function; executing the called function responsive to the data indicating that the message has the right to execute the called function; and sending a response to an originator of the message indicating whether the code successfully executed the function in the API. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of using a computer processor to manage access to an application program interface (API) comprising a plurality of functions, comprising:
-
receiving a message containing code calling a function in the API and data indicating API function execution rights for the message; determining, by the computer processor, whether the data indicate that the message has a right to execute the called function; executing the called function responsive to the data indicating that the message has the right to execute the called function; and sending a response to an originator of the message indicating whether the code successfully called the function in the API. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeAt Home Bondholders Liquidating Trust (At Home Corporation)
-
Original AssigneeAt Home Bondholders Liquidating Trust (At Home Corporation)
-
InventorsBrown, Ralph William, Medin, Milo S., Keller, Robert, Temkin, David
-
Primary Examiner(s)LEMMA, SAMSON B
-
Application NumberUS14/137,023Publication NumberTime in Patent Office515 DaysField of Search726/2, 726/4, 709/229US Class Current726/4CPC Class CodesG06F 21/10 Protecting distributed prog...H04L 12/1836 with heterogeneous network ...H04L 12/1845 broadcast or multicast in a...H04L 12/1854 with non-centralised forwar...H04L 12/1877 Measures taken prior to tra...H04L 12/2801 Broadband local area networksH04L 12/2856 Access arrangements, e.g. I...H04L 12/2861 Point-to-multipoint connect...H04L 12/287 Remote access server, e.g. ...H04L 12/2883 ATM DSLAMH04L 63/0807 using tickets, e.g. Kerbero...H04L 63/101 Access control lists [ACL]H04L 67/2885 Hierarchically arranged int...H04L 67/52 specially adapted for the l...H04L 67/568 Storing data temporarily at...H04L 69/329 in the application layer [O...H04L 9/40 Network security protocolsH04N 21/2225 Local VOD serversH04N 21/23106 involving caching operation...
