![United States Patent (10) Patent N0.: US 7,146,404 B2 Kay Et A]](http://data.docslib.org/img/7736c75d04d8c02a05dbb2e6bf620a87-1.webp)
US007146404B2
(12) United States Patent (10) Patent N0.: US 7,146,404 B2 Kay et a]. (45) Date of Patent: *Dec. 5, 2006
(54) METHOD FOR PERFORMING 5,978,799 A 11/1999 Hirsh AUTHENTICATED ACCESS TO A SERVICE 5,990,887 A 11/1999 Redpath et 31‘ ON BEHALF OF A USER 6,023,510 A 2/2000 Epstein (75) Inventors: Timothy Kay, Los Altos, CA (US); 6’l92’394 B1 2/2001 Gujfreund et al' Robert HOH-er, Allendale’ 6,259,9696,192,407 B1 7/20012/2001 TackettSIIllth 6t et a1. (73) Assignee: Colloquis, Inc., New York, NY (US) 6,260,041 B1 7/2001 Gonzalez et a1. 6,289,390 B1 9/2001 Kavner ( * ) Notice: Subject to any disclaimer, the term ofthis 6 301 609 B1 10/2001 Amvamudan et a1 patent is extended or adjusted under 35 ’ ’ ' U.S.C. 154(b) by 0 days.
patent is subject to a terminal dis- (Continued)
(21) A 1 N 10/227 595 FOREIGN PATENT DOCUMENTS pp . o.: , EP 0944004 9/1999 (22) Filed: Aug. 23, 2002 (65) Prior Publication Data Us 2003/0074410 A1 Apr. 17, 2003 OTHER PUBLICATIONS Related U_s_ Application Data Eggdrop History, eggdr0ps.net/eggdr0phist0ry.html, Dec. 1993. (63) Continuation-in-part of application No. 10/107,982, (Continued) ?led on Mar. 26, 2002, noW Pat. No. 6,993,555, P _ E _ Bh B Which is a continuation of application No. 09/643, rlmary xammeri am? amt 262 ?led On Aug. 22 2000 noW Pat. NO. 6 430 602. (74) Ammeyl Age”! 05 FWFDalY, Crowley’ Mo?qord & ’ ’ ’ ’ ’ Durkee, LLP (51) Int. Cl. G06F 15/16 (2006.01) (57) ABSTRACT (52) US. Cl...... 709/206; 709/202; 709/203; 709/205; 709/225; 709/229; 707/3; 707/10 . (58) Field of Classi?cation Search 709/201i207 A method for using the screen names of users are used to 709/225i229 7076*5 715/751i752’ appropriately tailor a service for the users. If the service is ’ ’ ’ 71 5/758 759’ a restricted service, then the screen name is used as the basis . . . T for decidin Whether access should be anted to ensure that See a l1cat1on ?le for com lete search h1sto g gr pp p ry' access is granted to a limited set of users. Alternatively, if the (56) References Cited service is comprised of several component sub-services, and some of those sub-services are restricted, then the screen U.S. PATENT DOCUMENTS name is used as the basis for deciding Whether access should 5,764,916 A 6/1998 Busey et a1. be granted to the relevant sub-service. 5,894,556 A 4/1999 Grimm et a1. 5,951,694 A 9/1999 Choquier et a1. 24 Claims, 16 Drawing Sheets
17
IM SERVICE 22
QUERY N ETWO RK RESPONSE SERVER
12”» MESSAGE PROCESSOR PROFILE DB
24 US 7,146,404 B2 Page 2
US. PATENT DOCUMENTS Hidden Page Setup, Gamma Burst, Inc., gamma-burst.com/tutorial/ gvset.html, pp. 1-2, Jan. 11, 2000. 6,314,410 B1 11/2001 Tackett et a1. Index of /afs/sipb.mit.edu/services/logging/src/Zephyr, (last modi 6,332,141 B1 12/2001 Gonzalez et al. ?ed Sep. 1, 1997), (“Index #1”), mit.edu/afs/sipb.mit.edu/service/ 6,346,952 B1 2/2002 Shtivelman loggingsrc/Zephyr. (2 pgs.). 6,363,301 B1 3/2002 Tackett et a1. Kyheroinen, P, Transactions, www.niksula.cs.hut.?/~patZe/ 6,430,602 B1 * 8/2002 Kay et a1...... 709/206 securisemhtml, pp. 1-16, Nov. 1996. 6,442,590 B1 8/2002 Inala et al. 6,446,112 B1 9/2002 Bunney et a1. LoZano, Fernando, Introduction to Relational Database Design, 6,549,937 B1 4/2003 Auerbach et a1. EDM/2, www.edm2.com/0612/msq17.html, pp. 1-14, Dec. 1998. 6,604,090 B1 8/2003 Tackett et a1. MIT Project Athena, “ZAWAY (1)”, (Jul. 1, 1988), (“ZAWAY (1)”), 6,629,087 B1 9/2003 Benson et al. fnal.gov/docs/products/Zephyr/Zawayhtml. (2 pgs.). 6,629,136 B1 9/2003 Naidoo MIT Project Athena, “ZEPHYR (1)”, (Jul. 1, 1988), (“ZEPHYR 6,668,169 B1 12/2003 Burgan et a1. (1)”), fnal.gov/docs/products/Zephyr/ZEPHYRhtml. (2 pgs.). 6,678,673 B1 1/2004 Eves et al. Netscape AOL Instant Messenger: Quick Tips for Getting Started, 6,678,720 B1 1/2004 Matsumoto et al. www.aim.com/netscape/quiktips.html, pp. 1-5, Jun. 1998. 6,691,162 B1 2/2004 Wick New and New Product Briefs (Feb. 15, 1998). [online]. Javaworld. 6,714,793 B1 * 3/2004 Carey et a1...... 455/466 [Retrieved on Aug. 10, 2004]. Retrieved from the Internet:
FIG. 1
18
20 17w M J 1M SERVICE I 22 14 [ QUERY <———--—> RESPONSE SERVER (11 i J
“ MESSAGE PROFILE PRQCESSOR DB
24 U.S. Patent Dec. 5, 2006 Sheet 2 0f 16 US 7,146,404 B2
FIG. 2
@18 2Q 1. \H; P/ 38
{If 17 14 "VI SERVICE
(\11 f 36 ‘L / WEB / 29
30 ‘\r MESSAGE J -24 SERVER PROFILE
32?4 l I 34 Z DB REMOTE DATA LOCAL DATA RESOURCES SERVER(S) U.S. Patent Dec. 5, 2006 Sheet 3 0f 16 US 7,146,404 B2
FIG. 3
30.1 If —-——> SERVER
(40 30.2 r f MESSAGE “Y1 H D-ISPATCHER <——-——-———> SERVER (16
O
42 L o MESSAGE DISPATCHER o
30.n ( ) L~~> SERVER U.S. Patent Dec. 5, 2006 Sheet 4 0f 16 US 7,146,404 B2
.QEv< MIEOWE mm wm @ \ mh om L mm mm Awmk >mmDOmZwOmm Mum:>>wZ @ U.S. Patent Dec. 5, 2006 Sheet 6 6f 16 US 7,146,404 B2 FIG. 5 RECEIVE f 500 MESSAGE 510 IS USER SEND SCREEN NAME MESSAGE AUTHORlZED \ Z 515 PARSE J“ 520 MESSAGE l FORMULATE /‘ 525 ANSWER SEND if 530 ANSWER U.S. Patent Dec. 5, 2006 Sheet 7 0f 16 US 7,146,404 B2 RECEIVE ,/ 609 MESSAGE 610 PARS E MESSAGE FIG. 6 620 CHOiCE BASED ON QUERY TYPE f. 640 MODULE f RESTRICTED SEND ? MESSAGE 650 SREEN NAME RESTRICTED ? FORMULATE 66° RESPONSE SEND v/\67O RESPONSE U.S. Patent Dec. 5,2006 Sheet 8 0f 16 US 7,146,404 B2 FIG. 7 RECEIVE -/‘700 MESSAGE i 710 PARSE -/ MESSAGE V FORMULATE ANSWER ./ 720 BASED ON PARSED MESSAGE AND ' SCREEN NAME SEND '“ MESSAGE U.S. Patent Dec. 5,2006 Sheet 9 0f 16 US 7,146 ,404 B2 FIG. 8 RECEIVE REQUEST Q r 800 FROM IM USER WITH SCREEN NAME SN i 810 REQUEST ACCOUNT NAME AND PASSWORD FROM USER l 820 RECEIVE ACCOUNT NAME I U AND PASSWORD P l ESTABLISH ACCESS TO I USER RECORDS R THAT CORRESPONDS TO U/P I r840 FORMULATE RESPONSE F (OR ) 860 /f RECEIVE NEW 850 REQUEST Q f / SEND RESPONSE T U.S. Patent Dec. 5, 2006 Sheet 10 0f 16 US 7,146,404 B2 FIG. 9 A RECEIVE REQUEST _/-~ 900 Q FROM IM USER ‘ WITH SCREEN NAME SN FORMULATE 4/‘ 910 RESPONSE F (Q,SN ) SEND RESPONSE \ L920 U.S. Patent Dec. 5, 2006 Sheet 11 0f 16 US 7,146,404 B2 FIG. 9 B T RECEIVE REQUEST _/ 900 Q FROM TM USER WITH SCREEN NAME SN I 910 FORMULATE F (Q, SN CALCULATE REQU EST IS ACCOU NT RECEIVE RESULT NAME AND ACCOUNT EMPTY PAS SWORD NAME U AND ‘P 1 FROM USER PASSWORD P NO ESTAS LTSH ACCESS TO USER RECORDS R THAT CORRESPONDS TO U1‘? I 1 SET SCREEN 1! NAME FTELDS IN R TO SN F0 RMAT RESPONSE ‘ |_____ l f 920 SEND RESPONSE U.S. Patent Dec. 5, 2006 Sheet 12 0f 16 US 7,146,404 B2 FIG. 10 RECEIVE REQUEST Q FROM IM USER WITH SCREEN NAME SN I 1020 1030 ARE I f THERE ANY E3355“; RECEIVE USER RECORDS NAME AND E ACCOUNT WITH SCREEN PASSWORD NAME u AND NAME SN FROM USER PASSWORD P 1010 YES I /\_, ESTABLISH 1040 ACCESS TO USER RECORDS R THAT CORRESPONDS TO U/P Y 1050 L/ SET SCREEN NAME FIELDS 1060 IN R TO SN v )( FORMULATE I RESPONSE ‘ HQ‘ SN) ‘ 1080 ) ( RECEIVE NEW REQUEST Q V 1090 A SEND RESPONSE U.S. Patent Dec. 5, 2006 Sheet 13 0f 16 US 7,146,404 B2 U.S. Patent Dec. 5, 2006 Sheet 15 0f 16 US 7,146,404 B2 I3 I0 FIG. I3 III 45:20 J I 'OENERATE A URL WITH STORE GENERATED URL’ LARGE RANOOM IN UP ASSOCIATED WITH NUMBER SCREEN NAME f I550 OUTPUT: "CLICK LINK TO EDIT PORTFOLIO" LINK EXAMPLE: http:l/www.activebuddycom/edi?secret=ajsoebo193xmcielq;c FIG. I5 I5 (540 PARSE URL TO RECOVER SECRET CODE LOOK UP CODE IN UP TO IDENTIFY USER ALLOW ACCESS VIA WEB PAGE U.S. Patent Dec. 5, 2006 Sheet 16 0f 16 US 7,146,404 B2 FIG. M CLICK HERE: ACTIVE BUDDY — 1- http://www.activebuddy.com/key=571xn32 TO ACCESS PROFILE IM HTTP W NETWORK IM URL: KEY WEB SERVER SERVER TABLE KEY'T KEYN URL URL URL 1 2 US 7,146,404 B2 1 2 METHOD FOR PERFORMING termed “buddies”). The user can then engage in typed AUTHENTICATED ACCESS TO A SERVICE conversations With other IM users connected to the system. ON BEHALF OF A USER Because IM is a text-based service, instant messaging communication is generally not burdened by the need to RELATED APPLICATIONS transfer large graphic, sound, or program ?les. As a result, instant messaging is a relatively quick and easy to use This patent application is a continuation-in-part of US. system. HoWever, While instant messaging is Widely avail patent application Ser. No. 10/107,982, ?led Mar. 26, 2002 able, its value as a means to access and retrieve data from a now US. Pat. No. 6,993,555, issued on Jan. 31, 2006, Which remotely located automated system has not been fully appre is a continuation of US. patent application Ser. No. 09/643, ciated. 262, ?led Aug. 22, 2000, now US. Pat. No. 6,430,602, Users of IM services often simultaneously use Internet issued on Aug. 6, 2002, both applications entitled broWsers to access Web pages. It is not uncommon for an IM “METHOD AND SYSTEM FOR INTERACTIVELY user to forWard a link to a Web page of interest via the IM RESPONDING TO INSTANT MESSAGING service to another user. HoWever, if the indicated Web page REQUESTS,” Which are hereby incorporated by reference contains sensitive information, a user subsequently folloW in their entirety. ing the link to access the Web page may be required to enter a usemame and passWord. Even though the user has already BACKGROUND OF THE INVENTION signed in to the IM service, and thus is already authenticated, the accessed Web site generally has no knoWledge of this 1. Field of the Invention 20 authentication. This invention is directed to a method and system for Instant messaging services Were originally designed to autonomously processing requests from remotely located facilitate person-to-person communication. Here, a user runs users. More particularly, this invention is directed to a IM client softWare on their terminal device, such as a method and system for tailoring services based on a screen computer at Work, a computer at home, a television set-top name of a requesting user. 25 box, a cell phone, an IM appliance, or the like. The IM client 2. Description of the Related Art softWare communicates over a netWork to an IM service. Internet users are Well versed in accessing the Internet HoWever, the user must ?rst login to the IM service by using Widely available Web broWsing software to search for providing both a unique identi?er, called a “screen name,” desired information. The Web broWser softWare permits and a secret passWord. users to access various automated search engines and, by 30 After validating the passWord, the IM service then pro entering appropriate queries, identify Web pages Which may vides certain information and services to the user. The contain the information of interest. While a Wide variety of information provided by the IM service includes (but is not information is available in this manner, most Web pages are limited to) a stored contact list, Which is a list of screen directed to speci?c types of information. As a result, users names With Whom the user commonly frequently commu Who are seeking information in various diverse topics Will 35 nicates. The IM service Will also provide information about often need to locate and access multiple, and perhaps preference settings selected by the user. The preference unrelated, Web pages. While users can ?nd a great deal of settings may be used to control the behavior of client in-depth information regarding particular topics, it can often softWare, such as Whether to play sounds When certain be very dif?cult to obtain ansWers to short and speci?c events occur. questions due to the overWhelming number of Web pages 40 The ability of the IM service to store information permits Which Will be identi?ed in conventional indexing and search a user to log in from different terminal devices and access engine-based systems. the same stored information. As a result, the user experience Various efforts have been made to aggregate diverse is consistent regardless of the point of access. The ability to information onto one or a feW Web pages. HoWever, these login from different terminal devices While obtaining the aggregated sites are often maintained by individual users as 45 same user experience is called “roaming.” “personal Web pages” and are thus of questionable reliabil The services provided by the IM service include “pres ity. Although some commercial Web sites have been imple ence detection” for the screen names in the contact list: the mented for the purpose of aggregating information, these service continuously updates the online status of each of the sites generally compete among each other for users and thus screen names mentioned in the contact list. By Way of visual include many graphical features and expanded functionality 50 presentation of the contact list, the IM service may inform to increase the site’s attractiveness. HoWever, this additional the user of the on-line status and the idle status of other functionality also makes these sites more cumbersome and contacts. sloW to access and use because of the additional data and The IM service also provides messaging services. A user processing overhead. Wishing to communicate With another user can click on the Another Widely used Internet application is instant mes 55 other user’s screen name in the contact list, or by some other saging (“IM”). IM services of one form or another are in use mechanism provided by the IM client softWare, to indicate by an estimated 70 million people or more. Unlike Internet the screen name of the other user. The IM service then broWsing softWare, Which is used to access various Web establishes a communications channel betWeen the tWo users pages, IM is primarily used by a subscriber to “chat” With and delivers short messages betWeen the user in real-time. one or more other IM users. To access an IM service, a user 60 It is possible to implement messaging services Wherein registers With a service provider and, after connecting to the the identities of the users are not authenticated, such as Internet (or other appropriate data netWork), enter their Internet electronic mail (e-mail) and Internet Relay Chat screen name and passWord to log in to the IM netWork. (IRC). User authentication Was a key innovation that made Popular IM applications include AOL’s Instant Messenger IM different from other Internet messaging services. User and Microsoft’s MSN Messenger services. Once a user has 65 authentication permits the IM service to keep track of logged in to the appropriate IM netWork, his presence on the individualiZed pro?le settings, thereby enabling roaming. system is made knoWn to all authoriZed partners (commonly During user authentication a unique key (e.g., the screen US 7,146,404 B2 3 4 name) is assigned to each user such that their personal SUMMARY OF THE INVENTION settings can be stored and retrieved in a secure and reliable manner. The invention is a method and system for providing User authentication enables presence detection. In this services via an instant messaging service. The system case, it is pointless to have a contact list unless the meaning includes a message server Which is connected to a data of each screen name is constant and unique. Unique screen netWork through an instant messaging port. The server is names permit consistent identi?cation of users to the other logged in to the IM netWork and assigned a designated users. screen-name, such as “ACTIVEBUDDY”. When the mes In addition, user authentication provides a user With the sage server receives an IM message from a user, the message con?dence of knowing that instant messages they receive is processed to determine the type of request made by the originated from people that are identi?ed as the senders of user and the appropriate actions necessary to service the the instant messages. Unlike a message that is received via request. In one embodiment, the request is an informational Internet e-mail or IRC, the identity of the sender of an instant query. In response to such a request, the message server message is very dif?cult to forge. directs the query to an appropriate query response server, Which server Will interpret the request and return a suitable Originally, the sole intent When IM services Were created ansWer. The query response server(s) can be local to the Was to facilitate person-to-person communication. An inter message processing server or remotely accessed, e.g., via the active agent is a softWare program that has its oWn screen Internet. The received ansWer is embedded in a message name and passWord, and makes itself knoWn to the IM Which is returned to the user, preferably over the IM system. 20 service, perhaps by logging into the IM service, perhaps by Alternatively, the message server can interpret the request logging into the IM service as though it Were a user. A user directly using various natural language processing tech interacts With the interactive agent in much the same Way niques knoWn to those skilled in the art. In one con?gura that the user Would talk to another person. The user can add tion, a table of query patterns is provided and the table is searched to identify the pattern Which most closely matches the screen name of the interactive agent to their contact list. 25 In addition, the user can initiate a conversation With the the received request. A designated local or remotely located interactive agent by either clicking on the appropriate screen resource is then accessed to determine an ansWer for the name in the contact list or by some other mechanism as query, Which ansWer is returned to the user. provided by the IM client softWare. The interactive agent It Will be appreciated that, in order to generate an accurate receives a message from a user, parses that message, for 30 ansWer to many types of queries, additional or secondary mulates an ansWer, and sends that ansWer back to the user. information may be required to ?ll in unstated assumptions In this Way, an interactive agent can provide a variety of in the query. To aid in providing this information, a user pro?le can be maintained by the system in Which commonly services to a user via the IM service. For example, (i) games, needed information is stored. The types of information such as Word games and card games; (ii) information, such 35 suitable for placement in the pro?le include static data such as stock quotes, Weather reports, movie listings, and neWs; as the user’s birth date, place of residence, fairly static (iii) conversations; (iv) control, such as setting up a tele information, such as stock portfolio data, and dynamic phone conference call or activating the laWn sprinklers of a information, such as information gleaned from the prior home; and (v) access, such as querying a database. most recent communications With the user. When the system Some services are “restricted services,” Where the service 40 determines that additional information is required, either by provider Wishes to control access to the service, so that only processing the request directly or in response to a message certain people may access certain parts of the service. The forWarded by a query response system indicating that more traditional mechanism for restricting access to a service is to data is needed to process the request, the information is issue an account and passWord. For example, a user Wishing retrieved from the pro?le. to access his bank balance using a Web broWser must ?rst go 45 If the needed additional information is not already present through a registration process, Whereby the bank creates a in the user’s pro?le and cannot be reasonably determined neW account and passWord for the user. Only after the user through other intermediate data searches, the user can be has obtained the neW account and passWord, can he then solicited to provide the additional information. Such solici access his banking information. tation can be through a query message sent to the user over 50 the IM netWork or by means of a message instructing the The user must repeat the registration process for each user to access and update their pro?le via a designated Web bank account, credit card, etc., that he Wishes to access. In site. After the additional data is received from the user, the this situation, the user must track a passWord for each original query is reprocessed With the additional data and the account. result is returned to the user. The additional data can be One advantage to combining instant messaging With 55 stored in the user’s pro?le for use in the future. In addition, interactive agents is that the interactive agent can provide information extracted from a prior request or provided in an instant access to restricted services Without the need to ansWer can also be stored in the user pro?le for at least a create an account and passWord for each user. Due to the predetermined period of time to permit the user to ask a very nature of instant messaging, the sender of an instant series of questions or make a series of request related to a message is authenticated a priori. By Way of instant mes 60 particular item Without having to specify the same item in saging, an interactive agent can provide a user With access every request. For example, a user can issue a query asking to restricted services by using the user’s screen name as the the local time in NeW York City. In a folloWing query, the account. Here, a passWord is not necessary; the fact that the user can simply ask “What is the Weather today?” The object message arrived via the IM service indicates that the user of the ?rst request (New York) is used to process the second Was previously authenticated and can be granted access 65 request. Processing and reusing data in this Way makes the safety Without requiring an additional level of authentica resulting text dialog appear more natural and simpli?es use tion. of the system.