Patent Application
20120167123
This disclosure relates generally to user validation and profile access based on the presence of a plurality of users.
In an Internet Protocol Television (IPTV) environment, as in many other similar fields), users can be provided with the ability to log in (in some implementations users are required to log in) to access the account. In addition to an account validation, each account can have a plurality of users associated with it, each user having an individual log in. By creating profiles for different users, the account administrator (who is in the context of this discussion one of the users that is responsible for setting up accounts) can create profiles associated with each of the users that can be used to restrict access to content.
Typically logging in to an IPTV environment involves interacting with either the IPTV Set Top Box (STB) or both the IPTV STB and network elements. This is commonly done by entering a pass phrase as will be discussed in more detail below. This is often difficult for some users, and cumbersome for most users. It also does not account for the presence of more than a single user at any time. Thus if two account holders, a parent and a child for example, are both present, one of the two accounts must be used. If the account with the most restrictions is used, the other account holder cannot typically override the content filtering without logging in to the system, which may then provide access to some content that would preferably not be shown. The only prior art remedy is to create a third account that would then be used for the two account holders when together. This is cumbersome and creates administrative problems that are preferably avoided.
In an unrelated art field, image processing has allowed for individuals in photographs to be identified based on facial characteristics. As illustrated in
In the field of computer security, it is known that a biometric reading, including a facial recognition scan, can be used as a login credential into some computing systems.
As discussed above, in a conventional IPTV environment, a user interacts with an STB 70 connected to a display 68. The STB 70 provides a login prompt 72 on display 68. The user makes use of remote control 74 to provide a pass phrase, or typically a Personal Identification Number (PIN). The PIN, as discussed above, is an account specific login credential that is then used to validate the user and provide access to an account. In some embodiments, the user is requested to select a login from a menu and is then prompted for the PIN.
At present logging in to an IPTV STB is done with a user specific credential, and requires that a controller with a form factor limited input mechanism is employed. This is far from ideal. Therefore, it would be desirable to provide a system and method that obviate or mitigate the above described problems
It is an object of the present invention to obviate or mitigate at least one disadvantage of the prior art.
In a first aspect of the present invention, there is provided a method of determining permissions to access content in an Internet Protocol Television (IPTV) node. The method comprises the steps of receiving an indication that a plurality of viewers is present; retrieving a plurality of profiles, each profile in the plurality associated with one of the plurality of viewers; and determining the permissions in accordance with the plurality of retrieved profiles.
In an embodiment of the first aspect of the present invention, the step of receiving is preceded by the steps of matching a plurality faces in a captured image to facial recognition patterns associated with user profiles; and forwarding an indication that a plurality of users, each associated with one of the user profiles is present. Optionally, the step of matching is preceded by the step of capturing the image.
In a further embodiment, the IPTV node is one of a set top box and a network infrastructure element. In some embodiments where the IPTV node is a set top box, the step of receiving is preceded by capturing an image at a set top box, and generating an indication identifying the plurality of users in accordance with the image captured at the set top box. In further embodiments, the step of retrieving is performed by a processor in conjunction with a database interface, and wherein the step of determining the permissions is performed by a processor accessing a memory storing a set of instruction.
In yet a further embodiment, the step of determining includes setting the permissions based on one of the most restrictive profile in the plurality of retrieved profiles and the least restrictive profile in the plurality of retrieved profiles. In another embodiment, the step of determining includes determining that the plurality of retrieved users profiles includes a profile having conditional permissions; and processing the conditional permissions to determine the permissions to access content based on the plurality of retrieved profiles.
In a second aspect of the present invention, there is provided a permission management system that comprises a profile processor. The profile processor has a communications interface and a database interface. The communications interface receives an indication identifying a plurality of users through a communications interface. The database interface retrieves profiles associated with each of the users in the identified plurality from a user profile database. The profile processor determines access permissions for the plurality of users in accordance with permissions associated with each of the plurality of identified users in the retrieved profiles.
In embodiments of the second aspect of the present invention, the permission management system further includes the user profile database, the user profile database for storing profiles associated with users. In another embodiment, the database interface is operatively connected to a communications network for remotely accessing the user profile database.
In a further embodiment, the permission management system includes a recognition engine that receives an image of a plurality of users from an image capture device, generates an indication identifying the plurality of users in accordance with facial recognition patterns stored in association with the stored profiles in the user profile database and the received image and forwards the generated indication to the profile processor. Optionally, the image capture device is connected to another device in communication with the recognition engine.
In a further embodiment, the communications interface is operatively connected to a communications network for communicating with a recognition engine remotely located from the permission management system.
Other aspects and features of the present invention will become apparent to those ordinarily skilled in the art upon review of the following description of specific embodiments of the invention in conjunction with the accompanying figures.
Embodiments of the present invention will now be described, by way of example only, with reference to the attached Figures, wherein:
The present invention is directed to a system and method for the generation of and log in using multi-user accounts.
Reference may be made below to specific elements, numbered in accordance with the attached figures. The discussion below should be taken to be exemplary in nature, and not as limiting of the scope of the present invention. The scope of the present invention is defined in the claims, and should not be considered as limited by the implementation details described below, which as one skilled in the art will appreciate, can be modified by replacing elements with equivalent functional elements.
As IPTV features are enhanced, many functions are being provided that are often not thought of as television related. One such feature is video-chatting or video-conferencing using the display attached to the IPTV STB. A camera is provided that interacts with the STB, and allow the user to capture images and video and to share them with other IPTV users. This is increasing the number of STB's and televisions that have access to an image capture device. Typically this image capture device is oriented so that a field of view similar to the preferred viewing angles of the television is provided to the camera (often by placing the camera in the bezel of the display). One side effect is that the people watching the television can then be seen by the camera.
In the present invention, the image capture device (typically referred to as a camera) is employed as a user login and validation interface. However, instead of encountering confusion when one or more users are present, the STB determines an access level that is appropriate for the users present. This can be achieved in one of a number of fashions, as will be discussed below. Additionally, when multiple viewers are identified, a registered user (in some embodiments only the administrator) can be prompted to create a profile for any users not known in the image. This facilitates a simpler user recognition system.
Image capture device 104 captures image 106 having two people 108a and 108b in the image. This image is passed to STB 102. In some embodiments the identification of the users is done in advance of other processing, and is performed either at the capture device 104, or at the STB 102. In other embodiments, the image can be sent to an IPTV network element, such as a Resource and Admission Control node, for processing. Transmitting the image to the network is preferably done only in embodiments where the user validation and login is performed in the network and not in the STB 102.
Upon determining the identities of the viewers 108a and 108b, STB can provide a level of access that is determined in accordance with the two users. In some embodiments, if the two users both have profiles, the more restrictive set of permissions is used, whereas in other embodiments the less restrictive set of permissions is used. In other embodiments, which will be discussed later, permissions and access can be based on conditions set in the user profiles to recognize conditions where one user is present with either a specific user or a class of users.
In
Step 114 of
In a further embodiment, the set of permissions associated with a user can be made conditional. This allows a child's profile to be very restrictive when the child is alone in front of the television, and more liberal in the presence of another user. Such a method is illustrated in
Conditional permissions can be set in any number of ways. A child's allowed content may be very restricted alone, less restricted in the presence of a profiled adult, and even less restrictive in the presence of a particular user (such as a parent). The presence of the parent can provide access to content either for the duration that the parent is present, or for a buffer period following. The buffer period can be a fixed duration of time (so that programming is not locked if the parent leaves the room briefly), or for the length of a program. Other variations can be permitted as well.
In
In the above discussion, focus has been paid to determining access rights based on detecting a plurality of registered users. Creating user profiles is often a time consuming and difficult process. Because users with no profile will not be recognized as users of the STB, the detection of a face that does not match to a known profile can be used during the profile creation process.
In step 152 a determination is made about the presence of an administrator or other user that can create profiles. If no such user is present, access based on the recognized users that are present, or access based on a “minimal” pre-defined set of criteria, is provided. If an administrator is present a new profile is created in step 158. This can optionally be preceded by a step of prompting the administrator to confirm the creation of the new profile. This prompt can be intrusive or be designed to blend into the background.
When a profile is created, it can be created as a generic profile that is then presented for modification, or the administrator can be offered a number of different options to effectively add the user to a particular class of user. The richer the information provided about each user and stored in the associated profile, the more variety can be added to the conditions in the conditional profiles discussed above.
One skilled in the art will appreciate that recognition engine 162 is not necessary for the function of the system, so long as permission processor receives a indication that a plurality of viewers are present. Preferably the indication includes identification of the users in the plurality, but this can be obtained separately if need be.
Embodiments of the invention may be represented as a software product stored in a machine-readable medium (also referred to as a computer-readable medium, a processor-readable medium, or a computer usable medium having a computer readable program code embodied therein). The machine-readable medium may be any suitable tangible medium including a magnetic, optical, or electrical storage medium including a diskette, compact disk read only memory (CD-ROM), digital versatile disc read only memory (DVD-ROM) memory device (volatile or non-volatile), or similar storage mechanism. The machine-readable medium may contain various sets of instructions, code sequences, configuration information, or other data, which, when executed, cause a processor to perform steps in a method according to an embodiment of the invention. Those of ordinary skill in the art will appreciate that other instructions and operations necessary to implement the described invention may also be stored on the machine-readable medium. Software running from the machine-readable medium may interface with circuitry to perform the described tasks.
The above-described embodiments of the present invention are intended to be examples only. Alterations, modifications and variations may be effected to the particular embodiments by those of skill in the art without departing from the scope of the invention, which is defined solely by the claims appended hereto.
