Cross-network reputation for online services

US 8,001,582 B2
Filed: 01/18/2008
Issued: 08/16/2011
Est. Priority Date: 01/18/2008
Status: Active Grant

First Claim

Patent Images

1. A computerized method of a processor of a computing device for authenticating a user based on a network-wide reputation for the user, said user having a user account associated therewith for accessing one or more online services of the network, said method comprising:

associating, by the processor, reputation feedback with the user account, said reputation feedback being based on one or more past transactions between the user and at least one of the online services of the network, said reputation feedback indicating whether or not any of the past transactions constitutes a misuse of the network;

calculating, by the processor, a reputation score for the user based on the reputation feedback associated with the user account for the past transactions, said reputation score indicating a likelihood of misuse of the network;

generating, by the processor, a reputation packet including the user'"'"'s reputation score;

authenticating, by the processor, the reputation packet in response to a request from the user to perform a present transaction with at least one of the online services of the network, said request to perform the present transaction and said authenticated reputation packet being sent to the at least one of the online services;

receiving, by the processor, from the at least one of the online services, a reputation feedback based on a solved at least one of a computational proof and a human interactive proof, the proof being solved by the user in response to a request from the at least one of the online services determining the user'"'"'s reputation score is not sufficient to grant the user'"'"'s request to perform the present transaction; and

adjusting, by the processor, the user'"'"'s reputation score based on the received feedback.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A reputation server associates feedback from previous network transactions with an account of a user in a network. A reputation score for the user is calculated based on the feedback to indicate the probability the user will abuse the network. When an online service receives a request to perform a transaction from the user, the online service performs the transaction based on the user'"'"'s reputation score. Additionally, a server generates a reputation packet including the reputation score for a user for use by an online service when the user requests the online service to perform a transaction. The online service may authenticate the reputation packet with the server and, if the reputation packet is authenticated, the online service performs the transaction based on the user'"'"'s reputation score.

87 Citations

View as Search Results

15 Claims

1. A computerized method of a processor of a computing device for authenticating a user based on a network-wide reputation for the user, said user having a user account associated therewith for accessing one or more online services of the network, said method comprising:
- associating, by the processor, reputation feedback with the user account, said reputation feedback being based on one or more past transactions between the user and at least one of the online services of the network, said reputation feedback indicating whether or not any of the past transactions constitutes a misuse of the network;
  
  calculating, by the processor, a reputation score for the user based on the reputation feedback associated with the user account for the past transactions, said reputation score indicating a likelihood of misuse of the network;
  
  generating, by the processor, a reputation packet including the user'"'"'s reputation score;
  
  authenticating, by the processor, the reputation packet in response to a request from the user to perform a present transaction with at least one of the online services of the network, said request to perform the present transaction and said authenticated reputation packet being sent to the at least one of the online services;
  
  receiving, by the processor, from the at least one of the online services, a reputation feedback based on a solved at least one of a computational proof and a human interactive proof, the proof being solved by the user in response to a request from the at least one of the online services determining the user'"'"'s reputation score is not sufficient to grant the user'"'"'s request to perform the present transaction; and
  
  adjusting, by the processor, the user'"'"'s reputation score based on the received feedback.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computerized method of claim 1, wherein the user'"'"'s reputation score is negatively impacted when the user does not provide the requested solved proofs.
  - 3. The computerized method of claim 1, wherein calculating the user'"'"'s reputation score comprises negatively impacting the reputation score when at least one of the past transactions includes one or more of the following:
    - SPAM, spyware, a virus, copyrighted material, a phishing attack, content prohibited by a user agreement, and pornography.
  - 4. The computerized method of claim 1, wherein the user'"'"'s reputation score is calculated based on one or more of the following reputation feedback metrics:
    - a number of times the user has completed a transaction with the one or more online services, a number of other network users who have interacted with content generated by the user;
      
      a number of transactions the user has performed involving other network users, a number of complaints the user has received from other network users of the one or more online services, a number of times the user'"'"'s content has been viewed by a network moderator or other highly trusted network user, a number of times the user had content removed because of an abuse report, a number of days since the user'"'"'s user account was created, a number of unique days the user has been active on the network, an amount of traffic over the past 24 hours divided by the amount of traffic generated by user in an average 24 hour period, an amount of money the user has spent in the network, an amount of proof the user has provided, and a safety status of a client machine the user uses to access the network.
  - 5. The computerized method of claim 1, wherein said processor is further configured for generating the reputation packet in response to the user'"'"'s request to perform the present transaction, wherein the request and the reputation packet are forwarded to the online service associated with the request, said online service granting the request of the user based on the reputation packet.
  - 6. The computerized method of claim 5, wherein said processor is further configured for making the reputation packet available to an external service in a request from the user to perform a transaction with the external service, said external service being an online service outside the network, said external service receiving and responsive to the reputation packet for granting or denying the request based at least in part on the user'"'"'s reputation score.
  - 7. The computerized method of claim 5, wherein the reputation packet includes one or more of the following:
    - an identity of the user, a timestamp indicating the lifetime of the reputation packet, a suggested proof needed to grant the request, and information needed for the online service to provide reputation feedback regarding the user'"'"'s present transaction.
  - 8. The computerized method of claim 1, wherein the request is granted access based on the reputation score of the user and the likelihood that the present transaction is not an abuse of the network.
  - 9. The computerized method of claim 1, wherein said processor is further configured for calculating the reputation score for the user based on reputation feedback received from a trusted service which does not belong to the network.
  - 10. The computerized method of claim 1, wherein the calculated reputation score that indicates the acceptable likelihood for granting the user'"'"'s request to perform the present transaction differs as a function of one or more of the following:
    - a type of transaction, a type of online service, a time of the request, and a number of past transactions.
  - 11. The computerized method of claim 1, wherein the online services include one or more of the following:
    - a social networking service, an email service, a chat service, a photo sharing service, a file storage and sharing service, a shopping service, a search service, a map viewing service, and an instant message service.
  - 12. The computerized method of claim 1, wherein the past and present transactions include one or more of the following:
    - sending an email, sending an instant message, sending message in a chat room, saving a file, accessing a file, purchasing a product or service from a shopping service, searching the Internet, searching a web space, searching for directions, searching for an address, posting a message to a blog, posting audio to a blog, posting video to a blog, and positing a comment on a blog.

13. A method for authenticating a user based on a network-wide reputation for the user, comprising:
- sending a login request to a reputation server of the network, said reputation server receiving reputation feedback regarding the user'"'"'s past interactions with the network, said reputation server generating a reputation packet in response to the received login request;
  
  receiving the reputation packet from the reputation server, said reputation packet including a reputation score of the user, said reputation score being based on the reputation feedback and said reputation score indicating a probability that the user will misuse the network;
  
  sending a request to an online service of the network to perform a transaction, said request including the reputation packet, said reputation packet being authenticated via the reputation server before the online service grants the request;
  
  receiving a request from the online service to solve a proof when the user'"'"'s reputation score is not sufficient to grant the request to perform the transaction; and
  
  sending the requested proof to the online service, the online service granting the request to perform the transaction based on the reputation score in the reputation packet and in response to the user providing the solved proof, the online service further providing reputation feedback to the reputation server based on the proof received from the user, and the reputation server adjusting the user'"'"'s reputation score based on the provided reputation feedback.

14. The method of 13, wherein the reputation packet includes one or more of the following:
- an identity of the user, a timestamp indicating the lifetime of the reputation packet, a suggested proof needed to grant the request, and information needed for the online service to provide feedback regarding the user'"'"'s requested transaction.

15. A system for calculating a reputation score of a user of a network, said network including one or more online services, said system having a memory area storing a plurality of computer-executable components, said components comprising:
- a feedback component for receiving reputation feedback regarding one or more transactions by the user with at least one of the online services, said feedback indicating whether any of the user'"'"'s transactions with the online services constitutes a misuse of the network;
  
  a reputation calculator for calculating the reputation score of the user based on the reputation feedback, said reputation score indicating a probability that a subsequent transaction by the user is a misuse of the network;
  
  a reputation interface for receiving requests from one or more of the online services for the reputation score of the user and for sending the reputation score of the user to the requesting online service; and
  
  a proof interface for requesting the user to perform a proof when the user'"'"'s reputation score is not sufficient to grant a request from the user and for receiving the requested proof from the user, the requested proof being sent to the online service, the online service granting the user'"'"'s request in response to the proof, the online service further providing reputation feedback to the feedback component based on the received proof, and the reputation calculator adjusting the user'"'"'s reputation score based on the provided reputation feedback.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Iverson, Kristofer Noel, Guo, Wei-Quiang Michael, Hulten, Geoffrey John
Primary Examiner(s)
POLTORAK, PIOTR

Application Number

US12/016,336
Publication Number

US 20090187988A1
Time in Patent Office

1,306 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

H04L 63/102   Entity profiles

H04L 63/1441   Countermeasures against mal...

H04L 67/306   User profiles

Cross-network reputation for online services

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Cross-network reputation for online services

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links