Method and system for restricting access to user resources

Assignee

• At Home Bondholders'Liquidating Trust · US

Inventors

• Ralph W. Brown · Boulder, US
• Milo Steven Medin · Sunnyvale, US
• Robert Keller · Menlo Park, US
• David Temkin · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/329
• WIPO fieldAudio-visual technology
• WIPO sectorElectrical engineering

Abstract

A user's set top box (STB), or other client, executes a shell and has an application program interface (API) by which certain features of the client can be controlled. The client is in communication with a walled garden proxy server (WGPS), which controls access to a walled garden. The walled garden contains links to one or more servers providing network-based services. The client sends a request to the WGPS to access a service provided by a site in the garden. To provide the service, the site sends the client a message containing code calling a function in the API. The WGPS traps the message from the site and looks up the site in a table to determine the access control list (ACL) for the site. The ACL is a bit-map that specifies which functions of the client's API can be invoked by code from the site. The WGPS includes the ACL in the header of the hypertext transport protocol (HTTP) message to the client. The shell receives the message and extracts the ACL. The shell uses the ACL to determine whether the code has permission to execute any called functions in the API. If the code lacks permission, the shell stops execution and sends a message to the site indicating that the site la…