Method and apparatus for communicating information between devices

US 9,325,679 B2
Filed: 03/02/2006
Issued: 04/26/2016
Est. Priority Date: 03/31/2005
Status: Active Grant

First Claim

Patent Images

1. A method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:

providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points;

in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and

in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network of devices permits data to be stored on the devices and subsequently searched and accessed from any other one of the devices. A plurality of channels are defined to distribute a plurality of access points throughout the network. A mechanism securely assigns authorizations to users to read or write from or to specified ones of the channels, which authorizations are capable of being checked by each of the access points. To write into a channel, a request is made to one of the access points which checks if the requesting user is authorized to write onto the requested channel. If appropriate, the data is associated with the requested channel. To search for data from a particular channel or group of channels, a search request is made to one of the access points which first checks the requesting user is authorized to read from the requested channel or group of channels. If appropriate it issues a corresponding search request or requests to a subset of the devices which checks to see if stored data satisfying the request exists there and, if so, the data is transmitted to the requesting user. Otherwise the search request is forwarded to another one or more of the devices.

Citations

11 Claims

1. A method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:
- providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points;
  
  in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and
  
  in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method as claimed in claim 1 whereinthe access point is implemented using autonomous software agents.
  - 3. The method according to claim 1, whereinthe access point is one of a plurality of access points that collaborate to provide a distributed mechanism for enabling authorizations to be checked.
  - 4. The method according to claim 1, whereinat least some of the devices store data in response to the data being associated with one of a subset of the total number of defined channels.
  - 5. The method according to claim 1, whereinin response to a device determining that it is storing data satisfying the request, then the data is transmitted to the requesting user via the requesting access point.

6. A data storage system for permitting data to be stored and selectively accessed by users of the system, the system comprising:
- a computer network including a plurality of data processing devices connected to the network, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, wherein at least some of the devices, when in use, support access point software modules each of which controls access, by users of the system, to the system, such that prior to permitting a user to retrieve data from, or to write data to, the system it can check the identity of the user and determine from which channels of data the user can read data or to which channels of data the user can write data, and whereineach access point responds to a user request to write data to the data storage system, the request specifying a channel into which data is to be written and checks that the user is authorized to write data belonging to that channel to the system, and responsive to the check, generates an association with the requested channel, encrypting the data so that it is not readable except via the access point and sends the data to one of the devices connected to the network to store the data together with the association, and whereineach access point responds to a user request to access data from the data storage system, the request specifying a particular channel or group of channels to be searched, checks that the user is authorized to read data associated with the or each respective channel, and responsive to the check, searches for the requested data from the device on which the access point software module is operating and any other associated devices, and in response to a determination that the data can not be found, passes the request on to one or more other ones of the devices for them to search for the requested data.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system according to claim 6 whereinthe access points are autonomous software agents.
  - 8. The system according to claim 6, wherein each access point collaborates with one or more other access points to check an authorization of the user in a distributed manner.
  - 9. The system according to claim 6, wherein at least some of the devices store data in response to the data being associated with one of a subset of the total number of defined channels.
  - 10. The system according to claim 6, whereineach device, in response to a search request issued by an access point, if the requested data is found on the device, transmits the data to the requesting user.

11. A non-transitory storage medium storing a computer program which causes a computer to execute an executable code for carrying out a method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:
- providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points;
  
  in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and
  
  in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Ghanea-Hercock, Robert A
Primary Examiner(s)
SCHMIDT, KARI L

Application Number

US11/887,275
Publication Number

US 20090254977A1
Time in Patent Office

3,708 Days
Field of Search

726/1, 726/4, 726/11, 726/22, 713/153, 713/168, 713/193, 709/201, 709/223
US Class Current

1/1
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/102 Entity profiles

Method and apparatus for communicating information between devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for communicating information between devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links