Proxied multi-factor authentication using credential and authentication management in scalable data networks

Description

FIELD

The present invention relates generally to computer science, data science, application architecture, and computer data security. More specifically, techniques for proxied multi-factor authentication using credential and authentication management in scalable data networks is described.

BACKGROUND

As various computer programs ranging from operating systems to client and server-side applications to online Internet platforms to distributed and cloud computing systems, and other types of software (hereafter “software” or “applications”) increase in complexity, design, and scale, there is also an increase in problems associated with managing large amounts of data and providing data security against unauthorized access to data across a large distributed platforms and data networks.

Accessing and using applications that need to scale to support millions of clients (e.g., computers, servers, desktops, laptops, smart phones, mobile phones, cellular communication devices, tablet computers, and the like) and user accounts are often hampered by various types of operations that need to be performed in order to provide an efficient and scalable computing environment, many of which are distributed globally across numerous servers or server facilities and services, including cloud-based computing systems. Systems such as social networks and social media typically rely upon conventional solutions to address difficult operations such as data security, account security, and data privacy, but which are often limited and restrictive to users, including organizational accounts that may have many users. However, many conventional solutions for providing data security, account security, and data privacy are also problematic because of an inability to scale and support multi-client or multi-threaded operations such as authentication or login operations or to work with third party technology providers to provide data security. As a conventional example, social networks and social media are configured to provide both individual and organizational users with single-client accounts. However, if an organization has multiple users that require access to a single account for a social network, this can be problematic using conventional authentication techniques because only a single client can access a given account at any time, which is not only efficient, but stifles organizational use of valuable social media and networks to deliver, for example, commercial content such as advertising, promotions, coupons, or contextually or thematically-related content that users may find useful or valuable. Organizations with social media marketing departments, which may have one to many users are unable to effectively use powerful communication media such as social media and social networks because of technical limitations of conventional authentication solutions that render these inefficient, unscalable, and lacking in terms of organizational support.

Thus, what is needed is a solution for authenticating access to online accounts without the limitations of conventional techniques.

BRIEF DESCRIPTION OF THE DRAWINGS

Various embodiments or examples (“examples”) of the invention are disclosed in the following detailed description and the accompanying drawings:

FIG. 1 illustrates an exemplary system for proxied multi-factor authentication using credential and authentication management in scalable data networks;

FIG. 2 illustrates an exemplary application architecture for a credential management module;

FIG. 3A illustrates an exemplary data flow for credential and authentication management in scalable data networks;

FIG. 3B illustrates an exemplary alternative data flow for credential and authentication management in scalable data networks;

FIG. 4A illustrates an exemplary data diagram for credential and authentication management in scalable data networks;

FIG. 4B illustrates an alternative exemplary data diagram for credential and authentication management in scalable data networks;

FIG. 4C illustrates an exemplary data diagram illustrating various GET and POST requests for credential and authentication management in scalable data networks;

FIG. 4D illustrates a further exemplary alternative data diagram for credential and authentication management in scalable data networks;

FIG. 5A illustrates an exemplary process for credential and authentication management in scalable data networks;

FIG. 5B illustrates an additional exemplary process for credential and authentication management in scalable data networks;

FIG. 5C illustrates an alternative exemplary process for credential and authentication management in scalable data networks;

FIG. 6A illustrates an exemplary process for native activity tracking using credential and authentication management techniques in scalable data networks;

FIG. 6B illustrates an additional exemplary process for native activity tracking using credential and authentication management techniques in scalable data networks;

FIG. 7A illustrates an exemplary process for multi-factor authentication using credential and authentication management techniques in scalable data networks;

FIG. 7B illustrates an additional exemplary process for multi-factor authentication using credential and authentication management techniques in scalable data networks; and

FIG. 8 illustrates an exemplary computing system suitable for proxied multi-factor authentication using credential and authentication management techniques in scalable data networks.

DETAILED DESCRIPTION

Various embodiments or examples may be implemented in numerous ways, including as a system, a process, an apparatus, a user interface, or a series of program code or instructions on a computer readable medium such as a storage medium or a computer network including program instructions that are sent over optical, electronic, electrical, chemical, wired, or wireless communication links. In general, individual operations or sub-operations of disclosed processes may be performed in an arbitrary order, unless otherwise provided in the claims.

A detailed description of one or more examples is provided below along with accompanying figures. This detailed description is provided in connection with such examples, but is not limited to any particular example. The scope is limited only by the claims and numerous alternatives, modifications, and equivalents. Numerous specific details are set forth in the following description in order to provide a thorough understanding. These details are provided for the purpose of illustrating various examples and the described techniques may be practiced according to the claims without some or all of these specific details. For clarity, technical material that is known in the technical fields and related to the examples has not been described in detail to avoid unnecessarily obscuring the description or providing unnecessary details that may be already known to those of ordinary skill in the art.

As used herein, “system” may refer to or include the description of a computer, network, or distributed computing system, topology, or architecture using various computing resources that are configured to provide computing features, functions, processes, elements, components, or parts, without any particular limitation as to the type, make, manufacturer, developer, provider, configuration, programming or formatting language, service, class, resource, specification, protocol, or other computing or network attributes. As used herein, “software” or “application” may also be used interchangeably or synonymously with, or refer to a computer program, software, program, firmware, or any other term that may be used to describe, reference, or refer to a logical set of instructions that, when executed, performs a function or set of functions within a computing system or machine, regardless of whether physical, logical, or virtual and without restriction or limitation to any particular implementation, design, configuration, instance, or state. Further, “platform” may refer to any type of computer hardware (hereafter “hardware”) and/or software using one or more local, remote, distributed, networked, or computing cloud (hereafter “cloud”)-based computing resources (e.g., computers, clients, servers, tablets, notebooks, smart phones, cell phones, mobile computing platforms or tablets, and the like) to provide an application, operating system, or other computing environment, such as those described herein, without restriction or limitation to any particular implementation, design, configuration, instance, or state. Distributed resources such as cloud computing networks (also referred to interchangeably as “computing clouds,” “storage clouds,” “cloud networks,” or, simply, “clouds,” without restriction or limitation to any particular implementation, design, configuration, instance, or state) may be used for processing and/or storage of varying quantities, types, structures, and formats of data, without restriction or limitation to any particular implementation, design, or configuration.

As used herein, data may be stored in various types of data structures including, but not limited to databases, data repositories, data warehouses, data stores, or other data structures configured to store data in various computer programming languages and formats in accordance with various types of structured and unstructured database schemas such as SQL, MySQL, NoSQL, DynamoDB™ or those developed by data facility and computing providers such as Amazon® Web Services, Inc. of Seattle, Wash., FMP, Oracle®, Salesforce.com, Inc., or others, without limitation or restriction to any particular instance or implementation. Further, references to databases, data structures, or any type of data storage facility may include any embodiment as a local, remote, distributed, networked, cloud-based, or combined implementation thereof. For example, social networks and social media (hereafter “social media”) using different types of devices may generate (i.e., in the form of posts (which is to be distinguished from a POST request or call over HTTP) on social networks and social media) data in different forms, formats, layouts, data transfer protocols, and data storage schema for presentation on different types of devices that use, modify, or store data for purposes such as electronic messaging, audio or video rendering, content sharing, or like purposes. Data may be generated in various formats such as text, audio, video (including three dimensional, augmented reality (“AR”), and virtual reality (“VR”), or others, without limitation, for use on social networks, social media, and social applications (hereafter “social media”) such as Twitter® of San Francisco, Calif., Snapchat® as developed by Snap® of Venice, Calif., Messenger as developed by Facebook®, WhatsApp®, or Instagram® of Menlo Park, Calif., VKontakte (“VK”) of St. Petersburg, Russia, Pinterest® of San Francisco, Calif., LinkedIn® of Mountain View, Calif., and others, without limitation or restriction. In some examples, data may be formatted and transmitted (i.e., transferred over one or more data communication protocols) between computing resources using various types of data communication and transfer protocols such as Hypertext Transfer Protocol (HTTP), Transmission Control Protocol (TCP)/Internet Protocol (IP), Internet Relay Chat (IRC), SMS, text messaging, instant messaging (IM), or others, without limitation. As described herein, disclosed processes implemented as software may be programmed using Java®, JavaScript®, Scala, Python™, XML, HTML, and other data formats and programs, without limitation. References to various layers of an application architecture (e.g., application layer or data layer) may refer to a stacked layer application architecture such as the Open Systems Interconnect (OSI) model or others.

FIG. 1 illustrates an exemplary system for proxied multi-factor authentication using credential and authentication management in scalable data networks. Here, system 100 includes platform 102, network computing cloud (hereafter “cloud”) 104, data bus 106, credential management module 108, session manager 112, virtual machine 114, activity tracking module 116, interface/communication module 118, logic module 120, clients 122-126, data networks 128-130, and databases 132-138 (i.e., cookie data 132, session data 134, class libraries 136, and credential data 138). For purposes of illustration, the elements shown in FIG. 1 may be varied in quantity, function, configuration, and layout and are not limited to the examples shown and described. In some examples, credential management module 108, session manager 112, virtual machine 114, activity tracking module 116, interface/communication module 118, and logic module 120 are in data communication with each other and may be configured to transfer data over data bus 106, which may be implemented as electrical conduit, electronic or logical data connections, or a network of computing and networking resources such as servers, clients, routers, switches, gateways, and the like, without limitation or restriction to any type of equipment or software. Data may be in analog or digital form and the descriptions provided herein are not limited or restricted to any particular form. As shown, platform 102 may be configured to manage credentials and authentication information, data, and processes in order to provide multiple clients (e.g., clients 122-126, which may be a desktop computer (122), mobile computing device (124) such as a smart phone or cell phone, or portable or mobile computing tablet (126) such as an iPad® from Apple Computer Corporation of Cupertino, Calif. or a Surface® tablet from Microsoft Corporation of Redmond, Wash., or the like) with the ability to access data networks 128-130 over cloud 104, the latter of which may be implemented as a singular or multiple networks or computing clouds. As shown and described, data networks 128-130 may refer to a social media-based data network that posts (i.e., publishes; to be distinguish from a POST request, the latter of which being a call used to send or receive data using hypertext transfer protocol (HTTP) data requests), organizes, and manages data provided for various types of social media purposes, without limitation or restriction. Although numerous examples of social media were provided above, social media is typically broad in scope and represented, here, by data networks 128-130, which may be implemented in a variety of settings and environments, including as an integrated set of features provided for various types of users such as users engaging in social communication, online buyers and sellers (e.g., ecommerce communities), information providers, reviews and ratings websites, blogs (e.g., websites logs or web logs, which are a type of social media that provides certain types of information that may be thematically organized), vlogs (e.g., “vlogs” refer to video logs, which are similar to blogs, but incorporating video-formatted content such as that found on data networks like YouTube® of San Bruno, Calif. (a subsidiary of Alphabet® of Mountain View, Calif., the parent company of another social media-provider, Google® also of Mountain View, Calif.)), and others. In other words, social media may be found in many online websites, mobile applications, and other data networked/connected properties and platform 102 and the techniques described herein are intended to be applicable to providing credential and authentication management features and functionality. Data networks 128-130 are intended to be representative and, like any element shown or described in this Detailed Description or the corresponding drawings, is not limited in either scope, configuration, function, design, layout, shape, or constructively-assigned definition. In some examples, data networks 128-130 are representative of social media for purposes of describing the techniques presented herein.

Here, platform 102 is configured to implement credential and authentication management features using credential management module 108, which works cooperatively with modules 112-120. For example, logic module 120 exchanges control signals and instructions with credential management module 108. Here, credential management module 108 may be implemented using programming languages such as Java® and Scala for platform 102, which may be configured to provide credential and authentication management as well as other features. As shown and described, credential management module 108 provides control and instruction signals related to providing authentication data between various clients (e.g., clients 122-126) and data networks 128-130, all of which may be varied in quantity, type, function, and implementation without limitation or restriction to the examples shown and described. Authentication data, in some examples, may be stored in one or more of cookie data 132, session data 134, or credential data 138, and may include login data (e.g., username, password, tokens, hashes), authentication codes (i.e., alphanumeric codes that are generated by data networks 128-130 and sent to clients 122-126 when the latter elements are requesting access to the former and which requires entry by clients 122-126 through World Wide Web browsers (not shown; hereafter “browsers”), or links to third party authentication services that are presented (i.e., rendered or displayed on a graphical user interface) when queried by data networks 128-130. In other examples, authentication data may include techniques for multiple step or multiple factor (“multi-factor”) authentication data or access security or any other forms or types of data security techniques, processes, or applications that may be used to authenticate access by a client (e.g., clients 122-126) to data networks 128-130 and data published, shown, organized, managed, or otherwise accessed once authorized. Credential management module 108 may also be used to direct queries between platform 102 and clients 122-126 to data networks 128-130 to send various requests to retrieve or send authentication data, as described above, using data transfer protocols such as HTTP, HTTPs (i.e., hypertext transfer protocol secure (an extension of HTTP), TCP/IP, SMTP, or others, wired or wireless, without limitation or restriction). In some examples, credentials (e.g., account access-related data that identifies a specific account or client associated with authorized access to data networks (e.g., data networks 128-130)) and authentication data may be directed by credential management module 108 to be stored in credential data 138. As used herein, the terms “credential,” “credentials,” “credential data,” and “authentication data” may be used interchangeably.

If access to data networks 128-130 over cloud 104, in some examples, is authorized (as used herein, “authorized,” “granted,” “permitted,” “provided” are used synonymously and interchangeably without limitation), then data networks 128-130, as described in greater detail below, may provide session data 134 (e.g., control data and instructions that are used to establish a “session” or period of access between one or more of clients 122-126 and data networks 128-130) and cookie data 132 (which refers to data associated with a “cookie,” a data file issued or generated by data networks 128-130 that includes data, information, parameters, or attributes such as an expiration date/time for access to data networks 128-130) that, once received and processed by a browser on one or more of clients 122-126, permit access to data on data networks 128-130. For example, if client 122 requests access to data network 128 (e.g., Twitter®, Instagram®, Tinder®, Amazon.com®, or the like), a GET request (i.e., over HTTP) may be posted by client 122 to data network 128, but may also be sent to platform 102 and processed by credential management module 108. The GET request or other type of query requesting access and sent over cloud 104 to platform 102 be controlled for purposes of processing the responsive data sent by data network 128. In other words, if data network 128 sends an authentication code to be entered into a “pop-up window” (i.e., a window or sub-browser that appears as a displayed overlay over a browser) or a field within an interface presented within a browser, the authentication code (not shown) may be directed to be stored by credential data 138 utilizing various calls and operations supported by virtual machine 114 and class libraries 136. In some examples, virtual machine 114 may be used to provide a state in which compiled program code for an application (e.g., credential management module 108) is executed to perform the features and functions described herein.

Referring back to credential management module 108, in other examples, a GET request is not posted by clients 122-126, but instead authentication data (e.g., username, password, passcode, authentication code, or the like) may be sent as encapsulated data from one or more of clients 122-126 to one or more of data networks 128-130. Once sent, the authentication data may by directed for storage in credential data 138 by credential management module 108. In still other examples, when access is requested, one or more of clients 122-126 may send authentication data to platform 102 and credential management module 108, which is then processed and stored by the latter in credential data 138 before it is transmitted (as used herein, “transmitted” and “transferred” may be used interchangeably without limitation and are intended to refer to data transfer between various elements shown and described, without limitation to the type of data transfer or control protocol used) to one or more of data networks 128-130. Once processed and stored, credential management module 108 may retrieve authentication data from storage within an addressable memory or storage facility such as credential data 138 and sent to one or more of data networks 128-130 to provide subsequent access to one or more of clients 122-126. In other words, using the same authentication data, credential management module 108 permits multiple clients (e.g., clients 122-126) to access an account on social media without requiring each client to have an individual account, which is neither scalable nor efficient for large organizations seeking to utilize a data network (e.g., data networks 128-130) to perform various functions ranging from remote technical support to social media marketing to financial reconciliation to accounting. By permitting a singular account registration, which subsequently yields authentication data that is used to gain approved access to a data network such as those described herein, multiple client organizations regardless of size, scale, distributed computing architecture, geographical login location (i.e., a location from which a client posts a GET request to one or more of data networks 128-130), or other attributes associated with authenticating account access, can efficiently and effectively use data networks more rapidly.

Referring back to FIG. 1, authentication data stored in credential data 138, along with other data, may be transferred between platform 102 (e.g., one or more of credential management module 108, session manager 112, activity tracking module 116, or logic module 120) over an application programming interface (API) using interface/communication module 118. In some examples, an API provided by either platform 102 or data networks 128-130 may be used to establish, over cloud 104 (or other computing or data networks such as the Internet or World Wide Web), data connectivity to not only exchange authentication data, but also session data.

In some examples, session data may refer to data transferred between one or more of clients 122-126 and data networks 128-130 after authentication data has been approved to permit access. Session data may include any type, form, or format of data including, in some examples, text, audio, video, multi-media, graphical, augmented reality (AR), virtual reality (VR), 3D (i.e., three dimensionally presented data), holograms, holographs, or others, without limitation. In some examples, activity tracking module 116 may be configured to track control data, signals, or instructions from logic module 120 to store some, part, all, or none of session data transferred between data networks 128-130 and clients 122-126. As used herein, “tracking” may be used interchangeably with “monitoring” and include various functions such as copying, sampling, testing, processing, hashing, tagging, or the like for purposes directed by logic module 120, which may be configured to receive user input or data over interface/communication module 118 to do so. In some examples, tracking may be performed natively (i.e., within the operating system or application environment of a browser) without requiring additional software other than an extension, as described herein, in data communication using one or more data communication protocols with platform 102. In other examples, activity tracking module 116 may be configured to track no data, in which case no session data is stored in session data 134. Here, session data for sessions between data networks 128-130 and clients 122-126 may be stored in session data 134, along with “cookies” (i.e., data files that are configured to include processed authentication data (i.e., data that is sent by data networks 128-130 to one or more of clients 122-126 for purposes of permitting access to data on data networks 128-130 for a finite or indefinite period of time (i.e., a session)) and other control data such as an expiration date and time that is used to manage access), which may be stored in a separate data repository, database, or data facility such as cookie data 132. As used herein, the terms “database,” “data repository,” “data farm,” “data facility” may be used interchangeably without limitation.

Referring back to FIG. 1, when a session is established between one or more of clients 122-126 and data networks 128-130, not only does credential management module 108 direct the storage of the authentication data in credential data 138, but it may also store session and cookie data in session data 134 and cookie data 132, respectively, for use in authorizing other clients to access one or more of data networks 128-130, but using a construct of a singular account (i.e., not requiring multiple users to create individual accounts to access data networks 128-130). In other examples, clients 122-126 that are identified as being attributable to multiple IP addresses, but logically grouped together as, for example, part of the same organization, department, company, division, or the like, can use the credential and authentication management techniques described herein without limitation. In still other examples, the elements of system 100 shown and described may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 2 illustrates an exemplary application architecture for a credential management module. Here, credential management module 108 (FIG. 1) is shown in greater detail, including credential module 202, display module 204, communication module 206, authentication manager 208, assessment module 210, browser extension manager 212, data management module 214, and session handler 216, all of which are in data communication with each other, regardless of form, format, or protocol, using data bus 218. In some examples, credential management module 108 (FIG. 1) includes sub-modules and computer processor-based elements 202-218, which are configured to perform various functions to authenticate access by one or more of clients 122-126 (FIG. 1) to one or more data networks (e.g., data networks 128-130 (FIG. 1)). Credential module 202, in some examples, may be configured to direct the storage and retrieval of data (using various types of database and data handling schema such as SQL, MySQL, R, RDF, SPARQL, or others) by pointing queries to storage locations addressed on memories, volatile or non-volatile, such as credential data 138 (FIG. 1) from which credential data and authentication data may be retrieved. In other examples, credential module 202 may also construct queries in various types of programming and data handling languages and formats to retrieve or store credential data or authentication data in, for example, credential data 138 (FIG. 1). Credential module 202 may also be configured to transfer data over data bus 218 to cooperatively process credential data and/or authentication data for various purposes such as generating and rendering a status bar in a browser window using display module 204, transferring data (e.g., credential data, authentication data, login data, and the like) to clients 122-126 (FIG. 1), data networks 128-130 (FIG. 1), platform 102, or other clients, endpoints, or destination addresses (e.g., other computers, servers, or clients), or generating assessments using assessment module 210, which may be configured to work cooperatively with credential data and/or authentication data.

In some examples, assessment module 210 may be configured to work with credential module 202, authentication manager 208, data management module 214, and session handler 216 to generate assessments that are constructed based on evaluating, using user-specific rules, artificial intelligence, machine learning, or deep learning techniques, data that is being transferred between clients 122-126 (FIG. 1) and data networks 128-130 (FIG. 1) after receiving access upon approval of credentials and/or authentication data by data networks 128-130. Assessments may be constructed for various purposes, including evaluating the number of views, unique impressions, click-through rates, conversion rates, latency, data transfer rates, error rates, or any other type of attribute associated with transferring data between a browser (having an installed browser extension managed by browser extension module 212) and platform 202. As an example, the described techniques may be used by a marketing organization that is generating and providing advertising-related content to a social network using platform 202, but due to the techniques and processes provided by credential management module 108, assessments can be generated that provide users with data as to the efficacy, efficiency, and overall data performance of the content placed, published, curated, served, or otherwise operated on using the techniques described herein. Further, once a session has been established between one or more clients using a singular account and the credential management and authentication techniques described herein, the data transferred between a data network (e.g., data networks 128-130 and clients 122-126) may be monitored, sampled, tracked, cached, copied, or modified for purposes determined based on the receipt of control data and signals received by communication module 206 using interface/communication module 118. In some examples, control data and signals may be generated from some clients that have enhanced or greater permissioning or authenticated access than other clients, permitting these clients to perform more or different functions than others. Conversely, authentication manager 208 and credential module 202 may also be configured to restrict access based on the type of credentials or authentication stored by credential management module 108 (FIG. 1) in credential data 138 (FIG. 1).

As discussed above, credential module 202 may be configured to manage authentication data being transferred between a data network (e.g., data networks 128-130 (FIG. 1)) and a client (e.g., clients 122-126) in some examples. Once authentication is approved and access to a given data network is permitted, credential module 202 may be configured to manage access to subsequent clients that transmit GET requests to a data network in order to obtain access to data managed, stored, or otherwise controlled by said data network. As an example, a client associated with a social marketing organization may be attempting to access, substantially simultaneously (i.e., in near-real time) a social network such as Instagram® in order to manage data or data attributes associated with content that it has tagged or identified that trigger content from the organization to be served in contextual relevance to other content that is being generated by another client that is not logically or technically grouped with the same organization. By using the techniques described herein, another user from the same group can also gain authenticated access (i.e., access granted by a data network (e.g., data networks 128-130 (FIG. 1)) to the same data network, but use only a single set of credentials, credential data, authentication data, or login data associated with a given account. In other examples, using the techniques described herein, multiple users associated with an organization can access the data network by having credential management module 108 (FIG. 1) handle the transfer of credential and authentication data to a data network, provide multi-factor authentication (e.g., receiving a code in response to a request to authenticate credentials or authentication data and then inputting said code in response to a further query from the data network) without requiring external user input.

Further, data management module 214 may be configured to work cooperatively with browser extension manager 212 to transfer data between data networks 128-130 (FIG. 1), clients 122-126 (FIG. 1), platform 102 (FIG. 1), and credential management module 108 (FIG. 1) for various purposes, some of which were previously discussed. Tracking and monitoring data flow between endpoints (e.g., data networks 128-130 (FIG. 1), clients 122-126 (FIG. 1), platform 102 (FIG. 1), and credential management module 108 (FIG. 1)) may be performed by data management module 214, including credential data, authentication data, login data, and data transferred in response to queries, requests, posts, or calls. Still further, data management module 214 may be configured to transfer to browser extension manager 212 to provide additional data that may be useful to a given client such as a timeout or status indicator rendered graphically on a browser that displays, for example, time elapsed in a session, session expiration, number of other users participating in the session, but on other clients, and other functions. In still other examples, browser extension manager 212 may be configured to manage a browser extension (“extension”) that is downloaded and installed in a browser application or operating system using a browser (i.e., an application configured to retrieve, send, display data and information from data networks and applications such as those described herein. In some examples, extensions installed on browsers are managed by platform 102 (FIG. 1) using credential management module 108 (FIG. 1) and browser extension manager 212. All of the computing elements shown and described above in connection with platform 102 (FIG. 1), credential management module 108 (FIG. 1), and those shown here in FIG. 2 may be programmed using object oriented programming languages such as Java, Scala, JavaScript, and others, without limitation. Other programming languages that generate program code directly in binaries, objects, or other types of data structures may be used and are not limited to the examples shown and/or described. In still other examples, credential management module 108 (FIG. 1) and as shown in environment 200 and elements 202-218 may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 3A illustrates an exemplary data flow for credential and authentication management in scalable data networks. Here, system 300 includes credential management platform 302, browser extension 304, data network 306, browser 308, cookie data 310, and data flow paths 312-318. As shown, browser extension 304 may be installed on browser 308. In some examples, browser extension 304 may be an application, applet, program, or other type of software code that is downloaded and installed on a client (e.g., clients 122-126 (FIG. 1)) and configured for data transfer with credential management platform 302. In some examples, credential management platform 302 may be implemented similarly to platform 102 (FIG. 1) and is not limited to any particular implementation, configuration, design, layout, or function.

Here, credential data and authentication data (collectively “authentication data) can be transferred over data flow paths 312-318 between credential management platform 302 and browser 308 and data network 306. In some examples, data flow paths 312-318 may be implemented as logical or actual networking paths or routes that consist of various types of routing equipment, conduits, and networking equipment used to implement wired or wireless data communications. Here, credential management platform 302 may be implemented and configured to transfer authentication data received from data network 306 to browser 308 and browser extension 304. In some examples, authentication data may be stored, once received at browser 308, in cookie data 310. In other words, authentication data may include a cookie (e.g., session cookie) from data network 306 that, once input at browser 308, may be approved (i.e., grant) access to data network 306. As shown, system 300 is an exemplary embodiment of a data flow diagram for transmitting authentication data to and from browser 308 and browser extension 304 to data network 306. Further, monitoring, tracking, sampling, caching, copying, or modifying session data transferred between data network 306 and browser 308 can be performed by credential management platform 302.

In some examples, a GET request (not shown) may be transmitted by browser 308 and browser extension 304 (the latter of which is in data communication with credential management platform 302) to data network 306 over data path 312. Upon receiving a request (e.g., GET request or call) over data path 312, credential management platform 302 (e.g., platform 102 (FIG. 1)) may be configured to transmit authentication data over data path 314 to data network 306. As shown, credential management platform 302 is configured to provide authentication data to data network 306 by retrieving the requested authentication data from a location to which credential module 202 is pointed. If authentication data transmitted over data path 314 by credential management platform 302 is accepted (i.e., approved), data network 306 may be configured to generate and transmit over data path 316 session data. Session data may be tracked (as described above) by credential management module 302 once received over data path 316, but prior to transmitting the session data over data path 318 to browser 308 (the requesting endpoint for the session data). As shown, system 300 and credential management platform 302 are configured to provide authentication data to data network 306 to provide access to browser 308, but without exposing or revealing authentication data to browser 308. Further, data network 306 upon processing authentication data from credential management platform 302 registers a session and issues a cookie (which may have a session expiration date/time) to browser 308 without registering credential management platform 302. In other examples, system 300 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 3B illustrates an exemplary alternative data flow for credential and authentication management in scalable data networks. Here, system 330 includes credential management platform 302, browser extension 304, data network 306, browser 308, cookie data 310, and data flow paths 312-320. As described above in connection with FIG. 3A, system 330 and elements 302-318 are substantially similar in function, design, layout, and configuration. In this example, data path 320 is also shown, which enables browser 308 and data network 306 to transfer data directly over a data communication protocol. Although shown as a direct route, data path 320 may include one or more networking components (e.g., routers, switches, gateways, central offices, computers, servers, telecommunication equipment (wired or wireless), and the like) disposed between browser 308, browser extension 304, and data network 306. As an alternative embodiment, system 300 illustrates an alternative data flow diagram for credential and authentication management.

For example, authentication data may be provided by credential management platform 302 to data network 306 over data flow path 314 when browser extension 304 sends a control signal to credential management platform 302 indicating that a request to access data network 306 and establish a session has been initiated by browser 308. In other examples, a copy of a request sent by browser 308 and/or browser extension 304 may be sent over data path 312 to credential management platform 302, which then sends authentication data over data path 314 using a data communication protocol. In still other examples, when a session is established session data may be transferred by data network 306 to browser 308 and/or browser extension 304 over data path 320. If a change to credentials or authentication data occurs, data network 306 can transfer that data over data path 316 to credential management platform 302, which can subsequently pass a copy of said authentication data to browser 308 via browser extension 304. In still further alternative embodiments, if authentication data is changed by data network 306, when sent to browser 308 and browser extension 304 over data path 320, a copy of the authentication data may be sent to credential management platform 302 over data path 312. In yet another alternative embodiment, authentication data sent over data path 320 by data network 306 can be received by browser extension 304, but before being cached at browser 308, the authentication data can be forwarded to credential management platform 302 and used, in other examples, to enable access to data network 306 using the techniques described herein. In other examples, system 330 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 4A illustrates an exemplary data diagram for credential and authentication management in scalable data networks. Here, data flow diagram 400 includes credential management platform 402, browser extension 404, data network 406, data paths 408-414 and 424, and data files 416-422. As described above in connection with FIG. 3B, credential management platform 402 (which may be implemented similarly to platform 302 (FIG. 3) or platform 102 (FIG. 1)) may be configured to transmit authentication data 418 (e.g., credentials) to data network 406 over data path 410 in response to request 416 sent from browser extension 404. Upon approval of authentication data 418, data network 406 transmits cookie data and cookie configuration data 420 over data path 412 to browser extension 404, which is intercepted by credential management platform 402. In some examples, credential management platform 402 may be configured to modify cookie data and cookie configuration data 420 before forwarding over data path 414. Here, credential management platform-modified cookie data and cookie configuration data 422 may be sent to browser extension 404 over data path 414. In some examples, credential management platform 402 may configure cookie data and cookie configuration data to establish and/or control a session established between browser extension 404 and data network 406. While control signals and data may be transferred over data paths 408-414, session data may be transferred between browser extension 404 and data network 406 over data path 424. In other examples, data flow diagram 400 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 4B illustrates an alternative exemplary data diagram for credential and authentication management in scalable data networks. Here, an alternative data flow diagram 419 is shown, including credential management platform 402, browser extension 404, data network 406, data paths 408-414, and data files 416-422. As described above, credential management platform 402 (which may be implemented similarly to platform 302 (FIG. 3) or platform 102 (FIG. 1)) and the elements shown that are numbered similarly to those elements shown and described above in connection with FIG. 4A may be similarly in function, design, operation, and configuration. For example, credential management platform 402 may be configured to transmit authentication data 418 (e.g., credentials) to data network 406 over data path 410. In this example, data path 424 (FIG. 4A) is removed and all data transferred between data network 406 and browser extension 404 is configured to be transferred using data paths 408-414 and passing through credential management platform 402. In so doing, credential management platform 402 may be configured to intercept, track, monitor, and perform other functions on authentication data 418, cookie data, cookie configuration data, session data, and modified versions thereof, entirely or partially. Here, as in FIG. 4A, browser extension 404 may be configured to post a GET request (e.g., authentication data 418) to data network 406 over data paths 408-410. If authentication data 418 is accepted by data network 406, cookie data and cookie configuration data 420 and session data 416 may be transferred to browser extension 404 using one or more of data paths 408-414. In other examples, different data paths may be used and the examples shown and described are provided as illustrative examples only. In other examples, data flow diagram 419 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 4C illustrates an exemplary data diagram illustrating various GET and POST requests for credential and authentication management in scalable data networks. Here (as in FIG. 4A), data flow diagram 430 includes credential management platform 402, browser extension 404, data network 406, data paths 408-414 and 424, and data files 432-438. As described above, credential management platform 402 (which may be implemented similarly to platform 302 (FIG. 3) or platform 102 (FIG. 1)) and the elements shown that are numbered similarly to those elements shown and described above in connection with FIG. 4A may be similarly in function, design, operation, and configuration. In this example, post calls and responses are shown as illustrative examples of authentication data and session data that may be exchanged between data network 406 and browser extension 404 (which may be installed on a browser (not shown)). As an example, data file 432 may be a post call made by browser extension 404 to request access to data network 406 (and data controlled or gated by it) similar to request 416 (FIG. 4A, 4B). Upon receiving the post call from browser extension 404, credential management platform 402 pass the post call request to data network 406, which (if the authentication data is accepted), generates response 436, including a session ID (e.g., “Session=xsdf2399dfjdsfklojcds”), cookie, expiration date (e.g., January 2018), and a domain name at which data network 406 may be accessed by a browser (not shown) on which browser extension 404 is installed. Data file 436 is then received and stored by credential management platform 402 before forwarding the session and cookie data (e.g., data file 438) to browser extension 404. Data files 432-438 may be stored by credential management platform 402 in various types of databases, data structures, or data facilities (hereafter “data facilities”) that are directly, indirectly, locally, or remotely coupled (i.e., in data communication with) to credential management platform. Examples of these types of data facilities may include cookie data 132, session data 134, or credential data 138 (FIG. 1). In other examples, data flow diagram 430 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 4D illustrates a further exemplary alternative data diagram for credential and authentication management in scalable data networks. Here, data flow diagram 400 includes credential management platform 402, browser extensions 404 and 452-454, data network 406, data paths 408-414 and 424, and data files 416-422. As described above, credential management platform 402 (which may be implemented similarly to platform 302 (FIG. 3) or platform 102 (FIG. 1)) and the elements shown that are numbered similarly to those elements shown and described above in connection with FIG. 4A may be similarly in function, design, operation, and configuration. In this example, credential management platform 402 may be configured to transfer authentication data and session data (e.g., data files 416-422) to browser extensions 404 and 452-454. In some examples, a system (e.g., system 100 (FIG. 1), system 200 (FIG. 2)) may be scaled to implement one or more browser extensions that are installed on separate browsers and computing systems (e.g., desktops, laptops, mobile computing devices, smart phones, tablet computers, and the like) without limitation. The techniques shown and described herein may be used to enable credential management platform 402 to scale and support any number of users while employing a single account (i.e., the authentication data for a single account). In some examples, browser extensions 452-454 are in data communication with credential management platform 402, similarly to browser extension 404. Browser extensions 452-454, in some examples, are configured to be installed on browsers associated with clients (not shown) similar to those described above in connection with FIG. 1. The techniques described herein, in some examples, permit session data and authentication data to be transferred between browser extensions 404 and 452-454 and data network 406 over various data paths (e.g., data paths 408-414 and 424) and may be varied. For example, in some examples, session data and authentication data may be transferred to browser extensions 404 and 452-454 over data paths 408-414, passing data through credential management platform 402. In other examples, data may be transferred over data path 424 in addition to data paths 408-422. In still other examples, data may be transferred over a combination of data paths 408-422 and 424. For example, authentication data may be passed from credential management platform 402 to data network 406 over data path 410 while session data is sent to one or more of browser extensions 404 and 452-454 over data path 424 and/or over data paths 412-414 through credential management platform 402. In other examples, data flow diagram 450 and the accompanying elements may be varied in design, configuration, and function without limitation to those shown and described.

FIG. 5A illustrates an exemplary process for credential and authentication management in scalable data networks. Here, process 500 starts when a request is detected from an extension (e.g., browser extension 304 (FIGS. 3A, 3B)) to access data on a data network (e.g., data networks 128-130 (FIG. 1)) (502). In some examples, a request may be initiated by a browser on which an extension is installed, as described above. Included with the initial request to access a data network may also be a request for authentication data to a credential management module, which may be a call or request initiated by an extension directly without requiring user input (504). In some examples, a request from a credential management platform to a data network may include authentication data included in, for example, a POST call or request. Upon receipt of authentication data by a credential management platform from the data network, authentication data is transferred to a browser via an extension including an instruction to initiate a session with a given data network (506). Using the authentication data, an extension may initiate a further request (e.g., GET call or request) to a data network for access (508). If the authentication data is accepted and a session is established between the data network and the extension (and the browser on which the extension is installed), a display element may be presented on a graphical user interface to provide information associated with the session such as a login status, time to expiration of the session, or interactive features such as a button to renew the session (or initiate a request to renew the current session) or request access to other data not previously authorized for access based on the current set of credentials, authentication data, login data, or the like (510). Upon establishing a session, a credential management platform (e.g., platform 102 (FIG. 1)) may be configured to monitor data traffic flowing (i.e., transferred) between one or more browsers (i.e., browser extensions) and one or more data networks (e.g., data networks 128-130 (FIG. 1)) (512). In other examples, process 500 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other aspects as shown and described.

FIG. 5B illustrates an additional exemplary process for credential and authentication management in scalable data networks. Here, process 520 is a further process or sub-process of process 500 (FIG. 5A) and may be implemented as a continuation thereof or as a further set of processes executed by configurable computing resources such as a server, computer, client, or the like. In some examples, a determination is made as to whether cookie data transferred from a data network indicates whether a given session has expired (522). If the session has expired, the session is terminated and access is revoked to a given browser (528). If a session has not expired, a further determination is made as to whether data or control signals have been received from a data network to terminate (i.e., stop) a session (524). In some examples, a session may not be assigned an expiration date/time by a data network, but instead terminated by a data network on a given schedule or at will. If data or control signals are received indicating the session between a browser and a data network should be terminated, then the session is terminated (528). However, if no data or control signals are received to terminate a session, the session continues (i.e., access by browser to a given data network is authorized to permit data transfer over one or more data communication protocols such as those described herein) (526). In other examples, process 520 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 5C illustrates an alternative exemplary process for credential and authentication management in scalable data networks. Here, process 530 begins when a credential management platform (e.g., platform 102 (FIG. 1)) receives a request from a browser to access a data network (532). Next, a login request is generated at a server (e.g., credential management platform) (534). Once generated, a login request is transferred from a server (e.g., credential management platform (e.g., platform 102 (FIG. 1)) to a data network (536). As described herein, when platform 102 (i.e., credential management platform) transfers a login request from a browser to a server, the login request is transmitted and configured to emulate the browser. In other words, a login request transmitted from platform 102 may be configured to emulate a browser based on, for example, an address or other attribute. A determination is made as to whether a login request has been accepted (538). In some examples, a login request may also be configured to include login data, authentication data, or other data that may be approved for access to a data network.

Referring back to FIG. 5C, if the login data is not accepted, then a check is performed to determine whether an error in data retrieval, storage or processing has occurred (540). In some examples, a check may be performed by platform 102 using various types of error checking techniques, including processes for applying hashing algorithms to determine if login data retrieved from, for example, credential data 138 (FIG. 1) is corrupted or erroneous.

Alternatively, if the login data is accepted, then the intended data network generates and sends a cookie, which is received by credential management platform (e.g., platform 102 (FIG. 1)) (542). Upon receipt of a cookie to establish a session, platform 102 may be configured to further process (e.g., copy, cache, modify, or the like) the cookie before transferring it using a data communication protocol to a browser extension, such as those described above (544). Once a session has been established, a credential management platform may be configured to monitor data traffic flowing between a data network and a browser and browser extension (546). In other examples, process 530 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 6A illustrates an exemplary process for native activity tracking using credential and authentication management techniques in scalable data networks. Here, process 600 begins by detecting a request from an extension (e.g., browser extension 304 (FIGS. 3A-3B)) to a data network (602). In some examples, a request to access a data network may be initiated by a user directing a browser to a given address on the World Wide Web (“web”), Internet, application, or other destination. Next, another request is generated from the extension, although without requiring manual or user input, to request login data or authentication data from a credential management platform (e.g., platform 102 (FIG. 1)) (604). If platform 102 has access to stored authentication data, it is retrieved and transferred to the extension (606). Upon receipt of the authentication data, the browser transmits a login request to the data network with the authentication data (608). Once the authentication data is received and approved and a session is established between a browser and a data network, data transferred may be stored by credential management platform 302 (FIGS. 3A-3B) (610). In some examples, stored session data (e.g., data stored in session data 134) may be used by credential management platform 302 for various purposes including evaluation and assessment, as described in further detail below in connection with FIG. 6B. In other examples, process 600 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 6B illustrates an additional exemplary process for native activity tracking using credential and authentication management techniques in scalable data networks. Here, process 620 begins by storing data at a location specified by a server (e.g., a computing resource providing an operating environment for credential management platform 302 (FIGS. 3A-3B) or 402 (FIGS. 4A-4D)) (622). A determination is made as to whether a query has been received to evaluate data from a session, which may include session data, authentication data, login data, or other data transferred between a data network and one or more browsers (624). If a query is received to perform an evaluation, then a determination is made to the requested evaluation type and any attributes or attribute types associated with the evaluation requested (626). Next, an evaluation algorithm or set of algorithms is selected to perform the requested evaluation (628).

Alternatively, if a query (i.e., request) is not received to perform an evaluation, then a further determination is made as to whether an instruction is received to modify data stored or accessed by a credential management module (630). If said instruction is not received, then process 620 ends. If an instruction to modify stored data is received by credential management platform 302 or 402, then modification(s) requested are performed (632) and process 620 ends. Examples of modifications that may be requested by an extension include extending a session, terminating a session, requesting access to a session already in progress with another client, or multiple client authorization requests. In other examples, process 620 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 7A illustrates an exemplary process for multi-factor authentication using credential and authentication management techniques in scalable data networks. Here, process 700 begins by an extension initiating a request to authenticate access through a browser to a data network (702). A first message from a data network sent in response to the initiated request is received at a proxy browser (704). As used herein, a “proxy browser” refers to another browser other than a browser requesting access to a data network, but which is associated with a given account. For example, when an authorized account is created on a given data network, a proxy browser may one associated with the account, but which is not requesting access as described above in connection with 702. Here, a proxy browser may receive authentication data such as an authentication code that, when access is requested, a data network sends a responsive request that is rendered graphically in a browser requesting input of the previously sent authentication data or authentication code.

Referring back to FIG. 7A, after a proxy browser receives authentication data from a data network, said authentication data (e.g., authentication code) is forwarded to a credential management platform (e.g., 302 (FIGS. 3A-3B), 402 (FIGS. 4A-4D)) (706). Subsequently, the authentication data is forwarded to an extension installed on the browser that initially requested access (708). Once received by the extension, the authentication data is transferred using a data communication protocol from the extension (and the browser on which the extension is installed) to the data network (710). In other examples, process 700 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 7B illustrates an additional exemplary process for multi-factor authentication using credential and authentication management techniques in scalable data networks. Here, process 720 begins when a request is initiated by an extension to authenticate access to a data network by a browser (722). In some examples, the request is sent substantially simultaneously by the extension to a credential management platform and a data network to which the extension is requesting access. Once transmitted from the extension over a data path using a data communication protocol such as HTTP, TCP/IP, or others, the request is received at a server (e.g., credential management platform 302 (FIGS. 3A-3B) or 402 (FIGS. 4A-4D) (724). Upon receipt of the request, credential management platform 302 or 402 sends a further request to another browser requesting authentication data sent from a data network in response to the request from the extension (726). As described above, another browser may be configured as a proxy browser and receive authentication data in response to a request from another browser.

Referring back to FIG. 7B, in response to the request from the credential management platform, authentication data is received by a server hosting the credential management platform (728). Upon receipt and further processing, if any, the authentication data may be stored, cached, copied, manipulated, or modified and forwarded to the extension (730). In some examples, the above-described process may be referred to as a “multi-factor authentication” process in which individual requests transfer separate authentication data that, when submitted in response to subsequent queries, provide authenticated access to a data network. In other words, multi-factor authentication can be performed using processes 700 or 720 by requesting different elements of authorization data from different browsers. In other examples, process 720 may be implemented differently and is not limited to the order, operations, steps, sub-processes, steps, or other elements as shown and described.

FIG. 8 illustrates an exemplary computing system suitable for proxied multi-factor authentication using credential and authentication management techniques in scalable data networks. In some examples, computer system 800 may be used to implement computer programs, applications, methods, processes, or other software to perform the above-described techniques. Computing system 800 includes a bus 802 or other communication mechanism for communicating information, which interconnects subsystems and devices, such as processor 804, system memory 806 (e.g., RAM), storage device 808 (e.g., ROM), disk drive 810 (e.g., magnetic or optical), communication interface 812 (e.g., modem or Ethernet card), display 814 (e.g., CRT or LCD), input device 816 (e.g., keyboard), cursor control 818 (e.g., mouse or trackball), communication link 820, and network 822.

According to some examples, computing system 800 performs specific operations by processor 804 executing one or more sequences of one or more instructions stored in system memory 806. Such instructions may be read into system memory 806 from another computer readable medium, such as static storage device 808 or disk drive 810. In some examples, hard-wired circuitry may be used in place of or in combination with software instructions for implementation.

The term “computer readable medium” refers to any tangible medium that participates in providing instructions to processor 804 for execution. Such a medium may take many forms, including but not limited to, non-volatile media and volatile media. Non-volatile media includes, for example, optical or magnetic disks, such as disk drive 810. Volatile media includes dynamic memory, such as system memory 806.

Common forms of computer readable media includes, for example, floppy disk, flexible disk, hard disk, magnetic tape, any other magnetic medium, CD-ROM, any other optical medium, punch cards, paper tape, any other physical medium with patterns of holes, RAM, PROM, EPROM, FLASH-EPROM, any other memory chip or cartridge, or any other medium from which a computer can read.

Instructions may further be transmitted or received using a transmission medium. The term “transmission medium” may include any tangible or intangible medium that is capable of storing, encoding or carrying instructions for execution by the machine, and includes digital or analog communications signals or other intangible medium to facilitate communication of such instructions. Transmission media includes coaxial cables, copper wire, and fiber optics, including wires that comprise bus 802 for transmitting a computer data signal.

In some examples, execution of the sequences of instructions may be performed by a single computer system 800. According to some examples, two or more computing system 800 coupled by communication link 820 (e.g., LAN, PSTN, or wireless network) may perform the sequence of instructions in coordination with one another. Computing system 800 may transmit and receive messages, data, and instructions, including program, i.e., application code, through communication link 820 and communication interface 812. Received program code may be executed by processor 804 as it is received, and/or stored in disk drive 810, or other non-volatile storage for later execution. In other examples, the above-described techniques may be implemented differently in design, function, and/or structure and are not intended to be limited to the examples described and/or shown in the drawings.

Although the foregoing examples have been described in some detail for purposes of clarity of understanding, the above-described inventive techniques are not limited to the details provided. There are many alternative ways of implementing the above-described invention techniques. The disclosed examples are illustrative and not restrictive.

Claims

1. A method, comprising: initiating a request to authenticate a browser to access a data network using a data communication protocol, the request being sent by an extension installed on the browser, the extension being implemented in association of a first client computing device in a subset of computing devices each including at least one browser and a corresponding extension;receiving the request at a server substantially simultaneously with receipt of the request at the data network, the server configured to facilitate access to a single account at the data network via a single set of authentication data;generating a first message at the server to send to another browser associated with another extension, the first message comprising another request from the server to receive authentication data sent from the data network to the another browser in response to the request, the single set of authentication data being configured to facilitate access to the single account in the data network by any computing device in the subset of computing devices;receiving at the server the authentication data from the another browser; andtransferring the authentication data from the server to the browser, the browser transmitting the authentication data to the data network in a GET request to access data via the single account stored on the data network,wherein multiple computing devices in the subset of computing devices implement the same data constituting the single set of authentication data to access the single account.
2. The method of claim 1, wherein the data communication protocol is hypertext transfer protocol.
3. The method of claim 1, wherein the authentication data comprises login data.
4. The method of claim 3, wherein the login data comprises a username and password.
5. The method of claim 1, further comprising establishing a session between the data network and the browser if data is accepted by the data network, the session being configured to enable data transfer between the extension and the data network.
6. The method of claim 5, wherein the session is configured to expire by the data network, the session being managed by a cookie tracked by the server and the data network.

US Referenced Citations (271)

Number	Name	Date	Kind
6041311	Chislenko et al.	Mar 2000	A
6146026	Ushiku	Nov 2000	A
6385611	Cardona	May 2002	B1
6684239	Flepp et al.	Jan 2004	B1
6742032	Castellani et al.	May 2004	B1
6871232	Curie et al.	Mar 2005	B2
7032030	Codignotto	Apr 2006	B1
7222156	Gupta et al.	May 2007	B2
7409710	Uchil et al.	Aug 2008	B1
7606865	Kumar et al.	Oct 2009	B2
7644057	Nelken et al.	Jan 2010	B2
7702541	Black et al.	Apr 2010	B2
7725492	Sittig et al.	May 2010	B2
7751620	Cosoi	Jul 2010	B1
7756926	Tseng et al.	Jul 2010	B2
7818758	Bonet et al.	Oct 2010	B2
7979369	Grenier et al.	Jul 2011	B2
8006187	Bailey et al.	Aug 2011	B1
8027931	Kalaboukis	Sep 2011	B2
8082308	Filev	Dec 2011	B1
8131745	Hoffman et al.	Mar 2012	B1
8171128	Zuckerberg et al.	May 2012	B2
8200527	Thompson et al.	Jun 2012	B1
8225376	Zuckerberg et al.	Jul 2012	B2
8286154	Kaakani et al.	Oct 2012	B2
8321300	Bockius et al.	Nov 2012	B1
8412657	Grenier et al.	Apr 2013	B2
8505069	Solodovnikov et al.	Aug 2013	B1
8606792	Jackson et al.	Dec 2013	B1
8615442	Kapur et al.	Dec 2013	B1
8752041	Akiyoshi et al.	Jun 2014	B2
8769417	Robinson et al.	Jul 2014	B1
8825515	Hanson	Sep 2014	B1
8886580	Grenier et al.	Nov 2014	B2
8892524	Lee et al.	Nov 2014	B1
8972428	Dicker et al.	Mar 2015	B2
9021361	Pettinati et al.	Apr 2015	B1
9105044	Wu	Aug 2015	B2
9141997	Gaedcke et al.	Sep 2015	B2
9143478	Ramaswamy	Sep 2015	B2
9229702	Kapulkin et al.	Jan 2016	B1
9282098	Hitchcock	Mar 2016	B1
9311683	Saylor et al.	Apr 2016	B1
9338186	Wollenstein et al.	May 2016	B2
9378295	Marra et al.	Jun 2016	B1
9483802	Gaedcke et al.	Nov 2016	B2
9501746	Prakash	Nov 2016	B2
9509742	Gordon	Nov 2016	B2
9519723	Lorenz et al.	Dec 2016	B2
9596206	Bueno et al.	Mar 2017	B2
9619531	Wu	Apr 2017	B2
9756098	Kazerani et al.	Sep 2017	B2
9800639	Gordon	Oct 2017	B2
9953063	Spasojevic et al.	Apr 2018	B2
10084838	Gordon et al.	Sep 2018	B2
10142386	Gordon	Nov 2018	B2
10264042	Gordon	Apr 2019	B2
20010025253	Heintz et al.	Sep 2001	A1
20010042087	Kephart et al.	Nov 2001	A1
20010047290	Petras et al.	Nov 2001	A1
20020010746	Jilk et al.	Jan 2002	A1
20020049793	Okumura et al.	Apr 2002	A1
20020070953	Barg et al.	Jun 2002	A1
20020105545	Carter et al.	Aug 2002	A1
20030028525	Santos et al.	Feb 2003	A1
20030078959	Yeung et al.	Apr 2003	A1
20030128203	Marshall et al.	Jul 2003	A1
20030135565	Estrada	Jul 2003	A1
20030225850	Teague	Dec 2003	A1
20040174397	Cereghini et al.	Sep 2004	A1
20050060643	Glass et al.	Mar 2005	A1
20050132348	Meulemans et al.	Jun 2005	A1
20050206644	Kincaid	Sep 2005	A1
20050283614	Hardt	Dec 2005	A1
20060010215	Clegg et al.	Jan 2006	A1
20060036685	Canning et al.	Feb 2006	A1
20060129602	Witriol et al.	Jun 2006	A1
20060143307	Codignotto	Jun 2006	A1
20060155581	Eisenberger et al.	Jul 2006	A1
20060206578	Heidloff et al.	Sep 2006	A1
20070083536	Darnell et al.	Apr 2007	A1
20070136354	Chen	Jun 2007	A1
20070171716	Wright et al.	Jul 2007	A1
20070226177	Barsness et al.	Sep 2007	A1
20070282800	England et al.	Dec 2007	A1
20070286528	Podilchuk	Dec 2007	A1
20080005284	Ungar et al.	Jan 2008	A1
20080033776	Marchese	Feb 2008	A1
20080034058	Korman et al.	Feb 2008	A1
20080040673	Zuckerberg et al.	Feb 2008	A1
20080103906	Singh	May 2008	A1
20080109245	Gupta	May 2008	A1
20080109491	Gupta	May 2008	A1
20080120379	Malik	May 2008	A1
20080126476	Nicholas et al.	May 2008	A1
20080133488	Bandaru et al.	Jun 2008	A1
20080178125	Elsbree et al.	Jul 2008	A1
20080189406	Shen	Aug 2008	A1
20080215591	Howard et al.	Sep 2008	A1
20080221870	Attardi et al.	Sep 2008	A1
20080263603	Murray et al.	Oct 2008	A1
20080294680	Powell et al.	Nov 2008	A1
20080306830	Lasa et al.	Dec 2008	A1
20090013043	Tan	Jan 2009	A1
20090043852	Weir et al.	Feb 2009	A1
20090089657	Davis	Apr 2009	A1
20090106080	Carrier et al.	Apr 2009	A1
20090132311	Klinger et al.	May 2009	A1
20090138472	MacLean	May 2009	A1
20090144723	Hartin et al.	Jun 2009	A1
20090157667	Brougher et al.	Jun 2009	A1
20090157708	Bandini et al.	Jun 2009	A1
20090157899	Gagliardi et al.	Jun 2009	A1
20090158265	Davis et al.	Jun 2009	A1
20090177670	Grenier et al.	Jul 2009	A1
20090181649	Bull et al.	Jul 2009	A1
20090210282	Elenbaas et al.	Aug 2009	A1
20090249451	Su et al.	Oct 2009	A1
20090292722	Ayloo	Nov 2009	A1
20090300036	Nagasaki	Dec 2009	A1
20100071052	Mao	Mar 2010	A1
20100082503	Kantak et al.	Apr 2010	A1
20100106730	Aminian et al.	Apr 2010	A1
20100119053	Goeldi	May 2010	A1
20100121707	Goeldi	May 2010	A1
20100121843	Goeldi	May 2010	A1
20100169148	Oberhofer et al.	Jul 2010	A1
20100205663	Ward et al.	Aug 2010	A1
20100223341	Manolescu et al.	Sep 2010	A1
20100246797	Chavez et al.	Sep 2010	A1
20100250683	Hoyne et al.	Sep 2010	A1
20100274732	Grinchenko et al.	Oct 2010	A1
20100281258	Andress	Nov 2010	A1
20100287512	Gan et al.	Nov 2010	A1
20100306122	Shaffer	Dec 2010	A1
20100312769	Bailey et al.	Dec 2010	A1
20110004922	Bono et al.	Jan 2011	A1
20110055217	Kamel et al.	Mar 2011	A1
20110055264	Sundelin et al.	Mar 2011	A1
20110077988	Cates et al.	Mar 2011	A1
20110113041	Hawthorne et al.	May 2011	A1
20110119593	Jacobson et al.	May 2011	A1
20110125826	Erhart et al.	May 2011	A1
20110144801	Selker et al.	Jun 2011	A1
20110153603	Adiba et al.	Jun 2011	A1
20110197146	Goto et al.	Aug 2011	A1
20110212430	Smithmier et al.	Sep 2011	A1
20110219087	Jorasch et al.	Sep 2011	A1
20110246513	Covannon et al.	Oct 2011	A1
20110289574	Hull et al.	Nov 2011	A1
20120036080	Singer et al.	Feb 2012	A1
20120054135	Salaka et al.	Mar 2012	A1
20120076367	Tseng	Mar 2012	A1
20120077158	Jastrzembski et al.	Mar 2012	A1
20120095861	Feng et al.	Apr 2012	A1
20120102021	Hill et al.	Apr 2012	A1
20120117059	Bailey et al.	May 2012	A1
20120158632	Grenier et al.	Jun 2012	A1
20120195422	Famous	Aug 2012	A1
20120208568	Cooley	Aug 2012	A1
20120232953	Custer	Sep 2012	A1
20120254321	Lindsay et al.	Oct 2012	A1
20120265806	Blanchflower et al.	Oct 2012	A1
20120271729	Vincelette et al.	Oct 2012	A1
20120284155	Holten et al.	Nov 2012	A1
20120290605	Ickman et al.	Nov 2012	A1
20120303659	Erhart et al.	Nov 2012	A1
20120317198	Patton et al.	Dec 2012	A1
20130007121	Fontenot et al.	Jan 2013	A1
20130018957	Parnaby et al.	Jan 2013	A1
20130024522	Pierre et al.	Jan 2013	A1
20130050747	Cok et al.	Feb 2013	A1
20130066876	Raskino et al.	Mar 2013	A1
20130110946	Bradshaw	May 2013	A1
20130116044	Schwartz	May 2013	A1
20130138428	Chandramouli et al.	May 2013	A1
20130159472	Newton et al.	Jun 2013	A1
20130212349	Maruyama	Aug 2013	A1
20130218801	Rago	Aug 2013	A1
20130218865	Angulo et al.	Aug 2013	A1
20130282417	Gaedcke et al.	Oct 2013	A1
20130282594	Gaedcke et al.	Oct 2013	A1
20130282603	Gaedcke et al.	Oct 2013	A1
20130282722	Grenier et al.	Oct 2013	A1
20130291058	Wollenstein et al.	Oct 2013	A1
20130298038	Spivack et al.	Nov 2013	A1
20130304726	Sandulescu et al.	Nov 2013	A1
20130304758	Gruber et al.	Nov 2013	A1
20130318156	Friedman et al.	Nov 2013	A1
20140006524	Singh et al.	Jan 2014	A1
20140032306	Sukornyk et al.	Jan 2014	A1
20140040275	Dang et al.	Feb 2014	A1
20140040377	Friedman et al.	Feb 2014	A1
20140047429	Gaither et al.	Feb 2014	A1
20140067520	Campanile	Mar 2014	A1
20140074844	Subramanian et al.	Mar 2014	A1
20140082072	Kass et al.	Mar 2014	A1
20140108675	Wu	Apr 2014	A1
20140164352	Denninghoff	Jun 2014	A1
20140173444	Wu	Jun 2014	A1
20140173501	Wu	Jun 2014	A1
20140173509	Wu	Jun 2014	A1
20140181087	Wu	Jun 2014	A1
20140181194	Sullivan	Jun 2014	A1
20140181728	Wu	Jun 2014	A1
20140184841	Woo et al.	Jul 2014	A1
20140200989	Kassko et al.	Jul 2014	A1
20140222834	Parikh et al.	Aug 2014	A1
20140244621	Lindsay	Aug 2014	A1
20140278785	Gaedcke et al.	Sep 2014	A1
20140280113	Hohwald	Sep 2014	A1
20140289034	Wu	Sep 2014	A1
20140298199	Johnson, Jr. et al.	Oct 2014	A1
20140304249	Ayzenshtat et al.	Oct 2014	A1
20140324902	Morris et al.	Oct 2014	A1
20140358911	McCarthy et al.	Dec 2014	A1
20150032492	Ting et al.	Jan 2015	A1
20150032751	Ting et al.	Jan 2015	A1
20150039705	Kursun	Feb 2015	A1
20150100537	Grieves et al.	Apr 2015	A1
20150112918	Zheng et al.	Apr 2015	A1
20150120713	Kim et al.	Apr 2015	A1
20150127453	Tew et al.	May 2015	A1
20150134457	Cheung et al.	May 2015	A1
20150134579	Zaman et al.	May 2015	A1
20150161211	Patel et al.	Jun 2015	A1
20150170294	Goyal et al.	Jun 2015	A1
20150193504	Naidu et al.	Jul 2015	A1
20150281227	Fox Ivey	Oct 2015	A1
20150286643	Kumar et al.	Oct 2015	A1
20150288522	McCoy	Oct 2015	A1
20150295869	Li et al.	Oct 2015	A1
20150310018	Fan et al.	Oct 2015	A1
20150312200	Bray et al.	Oct 2015	A1
20150381552	Vijay et al.	Dec 2015	A1
20160034551	Huang et al.	Feb 2016	A1
20160042053	Webber	Feb 2016	A1
20160057576	Kessler et al.	Feb 2016	A1
20160073166	Hu et al.	Mar 2016	A1
20160080445	Kazerani et al.	Mar 2016	A1
20160110688	Knox et al.	Apr 2016	A1
20160125157	Wu	May 2016	A1
20160132904	Mondal et al.	May 2016	A1
20160132973	Wu	May 2016	A1
20160134580	Castera et al.	May 2016	A1
20160147760	N et al.	May 2016	A1
20160151704	Wu	Jun 2016	A1
20160203221	Rao et al.	Jul 2016	A1
20160203523	Spasojevic et al.	Jul 2016	A1
20160210555	Murphy et al.	Jul 2016	A1
20160320926	Ganin et al.	Nov 2016	A1
20160321261	Spasojevic et al.	Nov 2016	A1
20160321562	Zeng	Nov 2016	A1
20160321694	Vorozhtsov	Nov 2016	A1
20160335572	Bennett et al.	Nov 2016	A1
20160352667	Pickett et al.	Dec 2016	A1
20170180294	Milligan et al.	Jun 2017	A1
20180053114	Adjaoute	Feb 2018	A1
20180091468	Yong et al.	Mar 2018	A1
20180144389	Fredrich et al.	May 2018	A1
20180152471	Jakobsson	May 2018	A1
20180219830	O'Brien et al.	Aug 2018	A1
20180329565	Yeung et al.	Nov 2018	A1
20180367484	Rodriguez et al.	Dec 2018	A1
20190114356	Senftleber et al.	Apr 2019	A1
20190116137	Senftleber et al.	Apr 2019	A1
20190116148	Senftleber et al.	Apr 2019	A1
20190158610	Holzband et al.	May 2019	A1
20190159166	Aggarwal et al.	May 2019	A1
20190228093	Falcao et al.	Jul 2019	A1
20190230151	Falcao et al.	Jul 2019	A1

Foreign Referenced Citations (8)

Number	Date	Country
102054033	May 2011	CN
2009047674	Apr 2009	WO
2013158839	Oct 2013	WO
2014089460	Jun 2014	WO
2014153463	Jan 2015	WO
2015013436	Jan 2015	WO
2019075284	Apr 2019	WO
2019144159	Jul 2019	WO

Non-Patent Literature Citations (93)

Entry
Bista, Sanat Kumar et al., “Using Gamification in an Online Community,” CSIRO ITC Centre, Conference Paper, 2012.
Frunzi, Victoria E., Non-Final Office Action dated Oct. 16, 2018 for U.S. Appl. No. 15/018,787.
Kolosowski-Gager, Katherine, Final Office Action dated Feb. 11, 2019 for U.S. Appl. No. 14/627,151.
Lithium Technologies. “Community Health Index for Online Communities.” 2009, https://www.lithium.com/pdfs/whitepapers/Lithium-Community-Health-Index_v1AY2ULb.pdf. Retrieved from the Internet Wayback Machine, dated Feb. 19, 2011.
Netzloff, Eric R., Non-Final Office Action dated Nov. 6, 2018 for U.S. Appl. No. 14/824,021.
Ofori-Awuah, Maame, Non-Final Office Action dated Apr. 5, 2019 for U.S. Appl. No. 14/929,209.
Vo, Huyen X., Non-Final Office Action dated Mar. 15, 2019 for U.S. Appl. No. 15/782,642.
Young, Lee W., Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration, dated Apr. 1, 2019 for International Application No. PCT/US2018/05545.
Rashid, Ishrat, Non-Final Office Action dated Jun. 11, 2019 for U.S. Appl. No. 15/782,653.
Young, Lee W.; Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration dated Jun. 24, 2019 for International Application No. PCT/US2019/014637.
“Craigslist Online Community.” Craigslist.org. Jul. 6, 2010.
Ahmed, Saba, Final Office Action dated Jun. 29, 2016 for U.S. Appl. No. 14/098,492.
Ahmed, Saba, Non-Final Office Action dated Nov. 19, 2015 for U.S. Appl. No. 14/098,492.
Arentz et al., Classifying offensive sites based on image content [online], Computer Vision and Image Understanding 94, 295-310, 2004, Retrieved from the Internet.
Blaufeld, Justin R., Final Office Action dated Mar. 24, 2016 for U.S. Appl. No. 14/098,501.
Blaufeld, Justin R., Non-Final Office Action dated Sep. 24, 2015 for U.S. Appl. No. 14/098,501.
Bostock, Mike, Sankey Diagram, available at http://bost.ocks.org/mike/sankey, published May 21, 2012, 1 pg.
Brown Jr., Nathan H., Final Office Action dated Mar. 29, 2011 for U.S. Appl. No. 11/971,856.
Brown Jr., Nathan H., Non-Final Office Action dated Jun. 6, 2012 for U.S. Appl. No. 13/167,482.
Brown Jr., Nathan H., Non-Final Office Action dated Mar. 24, 2014 for U.S. Appl. No. 13/780,487.
Brown Jr., Nathan H., Non-Final Office Action dated Nov. 26, 2010 for U.S. Appl. No. 11/971,856.
Bui, Hanh Thi Minh, Non-Final Office Action dated Mar. 13, 2015 for U.S. Appl. No. 14/012,978.
Cannell, Larry, “Windows 7 Federated Search and SharePoint 2010” online article dated Jun. 2010 <http://blogs.gartner.com/larry-cannell/2010/09/09/windows-7-federated-search-and-sharepoint-2010/[May 15, 2016 12:36 M].
Chung, Mong-Shune, Non-Final Office Action dated Jan. 29, 2016 for U.S. Appl. No. 14/098,505.
Constine, Josh, “Facebook tests notification unsubscribe button for feed posts,” Aug. 9, 2010. http://www.adweek.com/socialtime/unsubscribe-button-posts/244868.
Dwyer, Cameron, “Five out-of-the-box ways to get Email into SharePoint” Jan. 2012, <https://camerondwyer.wordpress.com/2012/09/04/five-out-of-the-box-ways-to-get-email-into-sharepoint/[May 13, 2016 10:48:43 AM].
Emojipedia, (https://web.archive.org/web/20150915110235/https://emojipedia.org/fisted-hand-sign/), Date: Sep. 15, 2015; (https://web.archive.org/web/20150823012626/https://emojipedia.org/clapping-hands-sign/), Date: Aug. 23, 2015; (https://web.archive.org/web/20150829090848/https://emojipedia.org/smiling-face-with-sunglasses/), Date: Aug. 29, 2015.
Falcao et al., U.S. Appl. No. 15/877,379, filed Jan. 22, 2018 and entitled, “Temporal Optimization of Data Operations Using Distributed Search and Server Management.”
Falcao et al., U.S. Appl. No. 15/877,381, filed Jan. 22, 2018 and entitled, “Temporal Optimization of Data Operations Using Distributed Search and Server Management.”
Filipczyk, Marcin R., Final Office Action dated Oct. 5, 2015 for U.S. Appl. No. 13/950,268.
Filipczyk, Marcin R., Non-Final Office Action dated Mar. 10, 2016 for U.S. Appl. No. 13/950,268.
Filipczyk, Marcin R., Non-Final Office action dated May 22, 2015 for U.S. Appl. No. 13/950,268.
Friedman et al., U.S. Appl. No. 61/650,849, filed May 23, 2012 and entitled, “Dynamic Information Streams in a Social Network Platform.”
Gaedckle et al., U.S. Appl. No. 61/636,132, filed Apr. 20, 2012 and entitled, “System and Method for Providing a Social Customer Care System.”
Georgandellis, Andrew C., Final Office Action dated Mar. 30, 2016 for U.S. Appl. No. 13/900,878.
Georgandellis, Andrew C., Final Office Action dated Oct. 26, 2017 for U.S. Appl. No. 13/900,878.
Georgandellis, Andrew C., Final Office Action dated Sep. 21, 2016 for U.S. Appl. No. 14/035,166.
Georgandellis, Andrew C., Non-Final Office Action dated Jan. 26, 2017 for U.S. Appl. No. 13/900,878.
Georgandellis, Andrew C., Non-Final Office Action dated Jul. 11, 2016 for U.S. Appl. No. 14/035,166.
Georgandellis, Andrew C., Non-Final Office Action dated May 23, 2017 for U.S. Appl. No. 14/035,166.
Georgandellis, Andrew C., Non-Final Office Action dated Nov. 3, 2015 for U.S. Appl. No. 13/900,878.
Giphy, (https://web.archive.org/web/20140813065113/http://giphy.com/search/happy), Date: Aug. 13, 2014; https://web.archive.org/web20141231135329/https://giphy.com/upload, Date: Dec. 31, 2014; https://web.archive.org/web/20150919214012/http://giphy.com/create/upload, Date: Sep. 19, 2015.
Goldberg, Ivan R., Final Office Action dated Jan. 12, 2015 for U.S. Appl. No. 13/835,502.
Goldberg, Ivan R., Final Office Action dated Jan. 13, 2015 for U.S. Appl. No. 13/835,250.
Goldberg, Ivan R., Final Office Action dated Jan. 15, 2015 for U.S. Appl. No. 13/865,429.
Goldberg, Ivan R., Non-Final Office Action dated Apr. 13, 2016 for U.S. Appl. No. 13/865,429.
Goldberg, Ivan R., Non-Final Office Action dated Jun. 18, 2014 for U.S. Appl. No. 13/835,250.
Goldberg, Ivan R., Non-Final Office Action dated Jun. 18, 2014 for U.S. Appl. No. 13/835,502.
Goldberg, Ivan R., Non-Final Office Action dated Jun. 20, 2014 for U.S. Appl. No. 13/865,411.
Goldberg, Ivan R., Non-Final Office Action dated Jun. 23, 2014 for U.S. Appl. No. 13/865,429.
Hashemi, Mazdak, “The Infrastructure Behind Twitter: Scale”, Jan. 19, 2017, Twitter, Inc. Blog Post, https://blog.twitter.com/engineering/en_us/topics/infrastructure/2017/the-infrastructure-behind-twitter-scale.html
Hatcher, Deirdre D., Non-Final Office Action dated Jan. 14, 2016 for U.S. Appl. No. 13/950,258.
Holzband et al., U.S. Appl. No. 15/821,543, filed Nov. 22, 2017 and entitled, “Responsive Action Prediction Based on Electronic Messages Among a System of Networked Computing Devices.”
Jang, Gijeong, Written Opinion of the International Searching Authority and International Search Report dated Jul. 28, 2015 for International Patent Application No. PCT/US2014/047866.
Jou et al., “Predicting Viewer Perceived Emotions in Animated GIFs”, Nov. 3-7, 2014 (4 pages).
Kolosowski-Gager, Katherine, Non-Final Office Action dated Jun. 29, 2018 for U.S. Appl. No. 14/627,151.
Lithium Website, http://www.lithium.com, Dec. 11, 2010, retrieved from Internet Archive, pp. 1-9.
M2 PressWire, “Alterian: Social media monitoring and analytics comes of age with Alterian's acquisition of market leader Techrigy,” Jul. 15, 2009, Anonymous, Norman Media Ltd, London.
Mosley, Kyle T., Non-Final Office Action dated Dec. 28, 2017 for U.S. Appl. No. 14/852,965.
Mosley, Kyle T., Non-Final Office Action dated Oct. 4, 2017 for U.S. Appl. No. 14/627,151.
Netzloff, Eric R., Non-Final Office Action dated Nov. 25, 2014 for U.S. Appl. No. 13/848,706.
Oh, Eung Gie, Written Opinion of the International Searching Authority and International Search Report dated Nov. 18, 2014 for International Patent Application No. PCT/US2014/031345.
Olshannikov, Alex, Final Office Action dated Apr. 15, 2016 for U.S. Appl. No. 14/098,480.
Olshannikov, Alex, Final Office Action dated Feb. 17, 2016 for U.S. Appl. No. 14/098,509.
Olshannikov, Alex, Non-Final Office Action dated Nov. 5, 2015 for U.S. Appl. No. 14/098,480.
Olshannikov, Alex, Non-Final Office Action dated Oct. 22, 2015 for U.S. Appl. No. 14/098,509.
Raju, “5 Ways to Tweet More Than 140 Characters,” Dec. 28, 2008, Technically Personal, http://www.techpp.com/2008/12/28/5-ways-to-tweet-more-than-140-characters/, retrieved from Internet Archive version from Mar. 3, 2011.
Rao et al., U.S. Appl. No. 62/049,642, filed Sep. 12, 2014 and entitled, “System and Apparatus for an Application Agnostic User Search Engine.”
Senftleber et al., International (PCT) Patent Application No. PCT/US2018/055545, filed Oct. 12, 2018 and entitled, “Predicting Performance of Content and Electronic Messages Among a System of Networked Computing Devices.”
Senftleber et al., U.S. Appl. No. 15/782,635, filed Oct. 12, 2017 and entitled, “Computerized Tools to Enhance Speed and Propagation of Content in Electronic Messages Among a System of Networked Computing Devices.”
Senftleber et al., U.S. Appl. No. 15/782,642, filed Oct. 12, 2017 and entitled, “Predicting Performance of Content and Electronic Messages Among a System of Networked Computing Devices.”
Senftleber et al., U.S. Appl. No. 15/782,653, filed Oct. 12, 2017 and entitled, “Optimizing Effectiveness of Content in Electronic Messages Among a System of Networked Computing Device.”
Senftleber et al., U.S. Appl. No. 16/158,167, filed Oct. 11, 2018 and entitled, “Credential and Authentication Management in Scalable Data Networks.”
Senftleber et al., U.S. Appl. No. 16/158,169, filed Oct. 11, 2018 and entitled, “Native Activity Tracking Using Credential and Authentication Management in Scalable Data Networks.”
Senftleber et al., U.S. Appl. No. 16/194,126, filed Nov. 16, 2018 and entitled, “Multiplexed Data Exchange Portal Interface in Scalable Data Networks.”
Spasojevic et al., U.S. Appl. No. 61/943,047, filed Feb. 21, 2014 and entitled, “Domain Generic Large Scale Topic Expertise & Interest Mining Across Multiple Online Social Networks.”
Tabor, Amare F., Final Office Action dated Apr. 8, 2015 for U.S. Appl. No. 13/871,076.
Tabor, Amare F., Non-Final Office Action dated Aug. 15, 2014 for U.S. Appl. No. 13/871,076.
Thomas, Shane, Written Opinion of the International Searching Authority and International Search Report dated Aug. 16, 2013 for International Patent Application No. PCT/US2013/037107.
Walsh, John B., Non-Final Office Action dated Mar. 24, 2017 for U.S. Appl. No. 14/702,696.
Wollenstein et al., U.S. Appl. No. 61/639,509, filed Apr. 27, 2012 and entitled, “Systems and Methods for Implementing Custom Privacy Settings.”
Wu, Michael, U.S. Appl. No. 61/734,927, filed Dec. 7, 2012 and entitled, “Systems and Methods for Presenting Analytic Data.”
Wu, Michael, U.S. Appl. No. 62/072,929, filed Oct. 30, 2014 and entitled, “Systems and Methods to Monitor Health of Online Social Communities.”
Young, Lee W., Written Opinion of the International Searching Authority and International Search Report dated May 28, 2014 for International Patent Application No. PCT/US2013/073625.
Fiorillo, James N., Non-Final Office Action for U.S. Appl. No. 15/821,543 dated Aug. 16, 2019.
Dinh, Khanh Q., Notice of Allowance and Fee(s) Due dated Oct. 29, 2019 for U.S. Appl. No. 15/877,379.
Fiorillo, James N., Notice of Allowance and Fee(s) Due dated Nov. 14, 2019 for U.S. Appl. No. 15/821,543.
Matthews, Tara, et al. “Community Insights: Helping Community Leaders Enhance the Value of Enterprise Online Communities.” Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, Apr. 27-May 2, 2013, Paris, France. ACM (2013). pp. 513-522.
Meng, Jau Shya, Non-Final Office Action dated Jan. 3, 2020 for U.S. Appl. No. 15/877,381.
Mesa, Joel, Non-Final Office Action for U.S. Appl. No. 15/782,635 dated Oct. 4, 2019.
Ofori-Awuah, Maame, Final Office Action dated Sep. 6, 2019 for U.S. Appl. No. 14/929,209.
Rashid, lshrat, Final Office Action for U.S. Appl. No. 15/782,653 dated Sep. 19, 2019.
Wang, Xiaoqing, and Shannon Lantzy. “A Systematic Examination of Member Turnover and Online Community Health.” Thirty Second International Conference on Information Systems, Shanghai (2011), pp. 1-11.

Related Publications (1)

	Number	Date	Country
	20200120096 A1	Apr 2020	US

Proxied multi-factor authentication using credential and authentication management in scalable data networks

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications