METHOD OF CONTROLLING ACCESS TO PERSONAL RESOURCES
This non-provisional application is based on the provisional patent application Serial No.60/194,254, entitled Consumer XML Message Processing Platform, filed on April 3, 2000. Cross reference is made to a related invention disclosed in U.S. patent application entitled Individual XML Message Processing Platform, filed concurrently, the subject matter of which is owned by the present applicants and the teachings of which are incorporated herein by reference.
Cross reference is also made to a related invention disclosed in U.S. patent application entitled Method and System for Content Driven Electronic Messaging, filed concurrently, the subject matter of which is owned by the present applicants and the teachings of which are incorporated herein by reference.
Background Of The Invention
The present invention pertains to a method of semi-private security. More particularly, the present invention pertains to a method for restricting general access to an individual (or that individual's endpoints) or restricting general access to a web site, while allowing access to certain individuals having particular knowledge about the individual or the web site. The present invention can be applied to any method or system of communication whereby all unsolicited communications are screened from the person.
Whether it is in a work environment or for personal use, users of the Internet wish to share their resources such as personal web pages, contact information, and configuration information with third parties also using the Internet. These third parties include friends, family, and business colleagues. However, for obvious reasons, users do not want to share this information with the many other users that are accessing the
Internet. Moreover, most Internet users that receive electronic mail or e-mail do not want to receive unsolicited electronic messages, otherwise known as spam. Likewise, web site owners are willing to share documents or files associated with their web site,
- 1 -
T U 01/10715
and to share this information on a limited basis, while having some sort of security mechanism that will prevent the general public from accessing the same information.
Currently, the prior art provides only a few widely known techniques for facilitating a shared-file or shared-document environment. One of them is a type of multi-user software sold by Xerox as their Global View software product, which provides a concept of shared file drawers. Access to the drawers is either limited to a read-only basis or is limited to those users who have been given an icon to enter the drawer. A systems administrator is in charge ofthe icon distribution. A similar system, offered by Novell, provides a concept of a shared network drive where access is available to every file in the drive. The systems administrator controls access to the drive. A system that is applicable to web site applications, shares files or documents through hypertext or other links to a home page. These applications provide the necessary security, or access to some or all ofthe documents or files pertaining to that web site, by utilizing a password, which may be controlled by a web master. Another method of controlling access to a particular resource involves cryptographic authentication algorithms that rely on public and private keys to authenticate access to the resource. One of downsides of he cryptographic authentication algorithm approach is that the keys need to be generated and then distributed to the individuals that need access to the information. For example, if a web site is protected in such a manner, the user would have to distribute the keys to potentially hundreds of friends, family members and business associates to whom the user would like to invite access. Likewise, if all of these friends, family members and business associates had their own web sites that were also protected, they too would have to distribute similar keys to allow access to their information. Obviously, this type of distribution can be inefficient and problematic. As a result, most web sites are not protected from access by using security measures.
It can be appreciated that there exists a need for a shared data environment, which overcomes the above-mentioned drawbacks.
Summary Of The Invention
The present invention allows for protection of all types of user communication resources but eliminates the need for knowledge of a particular password or key that typically allows limited access or full entry to the resources. It is therefore primary aspect ofthe present invention to provide a method of controlling access to at least one personal resource of a provider, which is being requested.
The provider establishes an identifier or password and certain attributes or questions that relate to that identifier, which are commonly known only by a select group of requesters. The provider then stores the identifier and the attributes to which the identifier is to be applied. Upon receiving a request to access the provider's personal resource, the requester is asked to provide the identifier based on the attributes related to that identifier. If the correct identifier is transmitted, the requester can gain entry to the personal resource.
It is another aspect ofthe invention that if an incorrect identifier is transmitted, a second attribute or question is displayed. The second attribute may include a suggestion or clue related to the identifier, along with a second demand for the password. If the requester transmits the correct identifier after the second attribute is displayed, the requester can gain access to the provider's personal resources but at a different access level. Another aspect of the invention is to generate a third attribute if the second demand for the password is responded to incorrectly. A correct response to the third attribute allows even further restricted access. Many levels can be created as long as there are further attributes or clues generated.
Another aspect ofthe invention is to generate an allowance message that indicates to the requester that the identifier has been successfully matched and that access to the provider devices will be provided.
Another aspect ofthe invention to provide a security system for use in a personal resource that is one of devices selected from the group consisting of a wired telephone, pager, wireless telephone, facsimile machine, personal digital assistant, personal web portal, email address, individual data file, and an Internet resource.
Detailed Description Of The Drawings
Figure 1 is a block diagram representing the relationship among objects within the shared environment ofthe present invention;
Figures 2 through 4 represent a flow chart ofthe method of operation ofthe present invention;
Figure 5 is an example of a first input demand dialogue box through which a requester may enter the resources ofthe provider; and
Figure 6 is an example of a second input demand dialogue box through which a requester is provided a suggestive clue to assist entering the resources ofthe provider.
Detailed Description Of A Preferred Embodiment
Turning now to the drawing figures, the security system ofthe present invention will be explained in greater detail. In order to understand the scope ofthe present invention, attention is first directed to Figure 1, which shows a block diagram representing the present invention. The provider, or the individual, corporation or party attempting to create and use a semi-private security system, may have a plurality of different personal resources or endpoints 10, for which protection is needed from others (requesters) attempting to contact the provider. These requesters can be family members, friends, business associates or unknown individuals. These personal resources or endpoints 10 may include, among others, facsimile machines, pagers, wired telephones, wireless telephones, personal digital assistants, personal web portals, email addresses, individual data files, or Internet resources.
It can be appreciated that with the present invention, a requester who might happen to be a telephone solicitor, maybe prevented from gaining automatic access to the provider through the home telephone ofthe provider. Similarly, it should be understood that a requester may be attempting to communicate with the provider through one ofthe same type of devices or endpoints 12 that the provider is trying to protect from access, as described above. The specific type of device 12 with which the requester is attempting to reach the provider, will control the mechanism that is used for either denying or allowing access to the provider.
Figures 2 through 4 show a flow chart for either denying or allowing the requester to access the provider. To protect his personal resources, the provider begins the process by first creating an identifier or password 40. This is done by selecting key value(s) that are generally known to a desired requester, but not known by the general public. For example, the provider may use the name of his dog as the identifier. The identifier becomes associated with each endpoint 10, and requires a prompt to be correctly entered prior to access being given to the requester to access the provider's personal resources.
The identifier 40 is stored 44 in a data storage device 14, which is linked to a processor 16. The processor ϊ 6 can be of several platforms, like a web server, a personal computer that is connected to a modem and phone line, or to a platform such as that available through an XML Messaging platform of which Centerpost is an example, and which is described in patent applications entitled Individual XML Message Processing Platform and Method And System For Content Driven Electronic Messaging, both applications filed concurrently herewith, and are incorporated herein by reference. When a requester is using a device like his email address to reach the - provider, he would send an email message to the provider. The email message is received by the processor 16 as an input request signal 50. With any input request signal 50, the processor will generate a first response signal or attribute 60 which is transmitted back to the requester at the particular device he is using to try to gain access to the provider. In this case, his email address.
The first response signal 60 may comprise two parts, the first part 62 being an input demand that requires the requester to enter the provider's identifier 40 that has been stored in the data storage device 14. The second part 64 ofthe first response signal may be a message signal that indicates whether the identifier entered by the requester matched the identifier in storage 44.
Although there are many different ways in which to effect the request aspect of the present invention, Figure 5 illustrates one ofthe methods. The first response signal 60 has a message signal 64 which appears on the screen ofthe device 12 ofthe requester (in this case the computer screen displaying his email account) requesting him
- 5 -
to input an identifier. The response signal may, among other things, contain three keys to which the requester can enter a response.
The first key 63 is the Quit key and depression of this key will automatically disconnect the requester from the connection to the processor and end the request to access. The second key 65 is the Clear key and it is provided to allow a requester to clear an identifier input if he misspells it or if he feels he mistakenly entered the wrong identifier. Use of key 65 does not break the connection with the processor. The last key is the Enter key 67 that is used after the requester enters his identifier choice into the input area 69. Once key 67 is depressed, the input demand ofthe first response signal is transmitted to the device 12 ofthe requester. If the requester transmits the proper key value (identifier), which matches the identifier 40, then authentication is established and access is granted.
A message 71 is generated and transmitted to the requester, indicating that the identifier has been successfully matched. At that point, the processor establishes access 90 to the provider device 10 and then communication can take place between the requester and the provider.
If the requester enters an incorrect identifier 40, then a message 68 is generated and transmitted to the requester, indicating that a match was not maid and that access will be denied. A second input request signal 70 can then be generated and transmitted to the requester through device 12. The second response signal 70 would also comprise two parts, the first part 72 being a second input demand requiring the requester to again enter an identifier 40 in an attempt to match the provider's identifier. The second response signal 70 is shown in Figure 6. The second response signal also is provided with the same keys 63, 65 and 67 as the keys ofthe first response signal, although there are many different ways this can be accomplished.
The second part 74 ofthe second input request signal 70 is a message signal that provides the requester with a suggestive clue relating to the identifier 40. The input demand might be a response to a simple question that has to be correctly answered. For example, the second input demand or attribute might be related to something personal pertaining to the provider. For instance the question might be "What is my dog's
name?" and the key value would be "Spot", the name ofthe provider's dog. Thus, the key value is the identifier. If the proper identifier 40 is entered in response to the second input demand or attribute, then authentication is established and access is granted. The message 76 is then generated and transmitted to the requester, indicating that the identifier has been successfully matched. At that point, the processor 16 establishes access 90 to the provider device 10 and then communication can take place between the requester and the provider.
If the identifier that was entered upon the second input demand does not match the identifier 40, then an additional message 78 is generated and transmitted to the requester, indicating that a match was not maid and that access will be denied. Of course, it is possible to add an additional level or levels of suggestive clues related to the same identifier to help a requester correctly match the indicator.
Further, different levels of access to the personal resource can be set up and then accessible depending on how many attributes must be shown to the requester before the correct identifier is transmitted. For example, if a requester enters a correct identifier on the first try, then the requester may obtain access to a certain level ofthe provider's personal resource 10, i.e., a particular web page or a telephone call that rings through to the provider. If a correct identifier is entered only after two attributes or questions are transmitted, the requester may only obtain access to a lower level of the resource 10, i.e., a lower-level web page (with no access to the higher level pages), or the provider's voice-mail (instead of actually reaching the provider).
The present invention obviates the need for a key to be distributed since the identifier is not a randomly generated and shared password. Rather, the identifier can relate to a personal fact or an event that certain knowledgeable individuals would know and thus be allowed access to the personal resource.
In another example, the security platform ofthe present invention enables a requester to send a message to one ofthe provider's endpoints 10 using the security method described above. However, the message would not go directly to the subscriber's intended endpoint, but instead, if the requester knew the identifier, based
- 7 -
on the attribute, the message would be delivered to the provider at the endpoint that the provider selected.
In this embodiment, the provider may want anyone who knows the identifier based on the attribute to be able to reach the provider at his home telephone. Thus if a requester called the provider at work, and received an attribute or question that he could answer, the requester would be transferred to the provider's home phone, whereas a requester that could not provide the correct identifier would have to leave a message on the provider's work voice-mail.
In this example, instead ofthe input screens shown in Figures 5 and 6, the requester would input the identifier through the alphanumerical key pad on the telephone, as is common practice with many messaging systems known today. The use ofthe pound sign could be used as the step necessary to initiate the transmission ofthe identifier.
While the invention has been described with reference to a particular embodiment, those of skill in the art will recognize modifications to structure and methods that still fall within the scope ofthe invention and which is described in the following claims.