Management of third party access privileges to web services

摘要

A user clicks on a link on a third-party Web site from his computer in order to utilize a third-party application with a Web service with which the user has an account. The application contacts the Web service and requests permissions from the user's account. The Web service sends the request to the user's computer asking to grant these permissions to the application. A software module on the user's computer intercepts this request, retrieves a user profile for this Web service, and compares the permissions requested with the permissions allowed from the profile. If any requested permissions are not allowed then the module automatically denies granting permissions and the user is not presented with an option of granting the request. A warning screen may be displayed. If all requested permissions are allowed then the request is presented to the user. A profile may apply to more than one Web service.

主权项

1. A method of managing access to a user's user account at a Web service, said method comprising:
receiving a selection from said user on a computing device to access a third-party application on a remote Web site, said Web site not having access to said user account on said Web service; intercepting a request from said Web service at said computing device to grant authorization to said third-party application to access said user account, said request including permissions requested of said user account; retrieving, at said computing device, a user profile of said user that includes permissions of said user account that are risky if granted to said third-party application; comparing said requested permissions with permissions of said user profile that are risky; and displaying a warning message on said computing device when at least one of said risky permissions of said user profile matches with at least one of said requested permissions.