Search

US-12621157-B2 - Authentication of communication session participants using blockchain

US12621157B2US 12621157 B2US12621157 B2US 12621157B2US-12621157-B2

Abstract

Disclosed in some examples are methods, systems, devices, and machine-readable mediums which utilize authentication tokens recorded to a blockchain to identify and/or authenticate participants of a network-based communication session such as a network-based meeting. When joining the meeting, the participant may provide a token recorded on a blockchain to the communication service from the blockchain. The communication service may then identify and/or authenticate the user based upon the provided token. Various user-specific customizations and settings may then be applied and the user may be admitted to the meeting without having to enter a waiting room and be explicitly let in.

Inventors

  • Michal Aichinger

Assignees

  • MICROSOFT TECHNOLOGY LICENSING, LLC

Dates

Publication Date
20260505
Application Date
20240930

Claims (20)

  1. 1 . A method for authenticating to a network-based communication service to participate in a network-based communication session, the method comprising: at a computing device, performing operations comprising: receiving an invitation to a communication session, the invitation including an indication of an authentication token recorded on a public blockchain, the authentication token associated on the public blockchain with an identifier of a blockchain account of a participant; receiving an input to join the network-based communication session; responsive to receiving the input to join the network-based communication session: retrieving the authentication token using credentials of the blockchain account of the participant; sending a join request to the network-based communication service to join the network-based communication session, the join request providing the authentication token to authenticate with the network-based communication service; and responsive to the network-based communication service authenticating the authentication token, joining the network-based communication session.
  2. 2 . The method of claim 1 , wherein the authentication token includes a custom communication setting, and wherein joining the network-based communication session comprises applying the custom communication setting to the network-based communication session.
  3. 3 . The method of claim 1 , wherein the authentication token includes an indicator of whether a transfer is allowed.
  4. 4 . The method of claim 3 , further comprising: receiving a user input to transfer the authentication token; and determining that the indicator of whether the transfer is allowed indicates a transfer is not allowed, and in response, denying the transfer of the authentication token.
  5. 5 . The method of claim 1 , wherein the authentication token comprises two or more of: an identifier of the participant provided by a communication session organizer; identifier of the network-based communication session; or a random sequence.
  6. 6 . The method of claim 1 , wherein at least a portion of the authentication token is encrypted by a public key of the blockchain account and wherein the method comprises decrypting the at least a portion of the authentication token using a private key of the blockchain account.
  7. 7 . The method of claim 1 , further comprises: providing an identifier of the blockchain account of the participant to the network-based communication service.
  8. 8 . A machine-readable medium, storing instructions for authenticating to a network-based communication service to participate in a network-based communication session, the instructions, which when executed, cause a machine to perform operations comprising: receiving an invitation to a communication session, the invitation including an indication of an authentication token recorded on a public blockchain, the authentication token associated on the public blockchain with an identifier of a blockchain account of a participant; receiving an input to join the network-based communication session; responsive to receiving the input to join the network-based communication session: retrieving the authentication token using credentials of the blockchain account of the participant; sending a join request to the network-based communication service to join the network-based communication session, the join request providing the authentication token to authenticate with the network-based communication service; and responsive to the network-based communication service authenticating the authentication token, joining the network-based communication session.
  9. 9 . The machine-readable medium of claim 8 , wherein the authentication token includes a custom communication setting, and wherein joining the network-based communication session comprises applying the custom communication setting to the network-based communication session.
  10. 10 . The machine-readable medium of claim 8 , wherein the authentication token includes an indicator of whether a transfer is allowed.
  11. 11 . The machine-readable medium of claim 10 , wherein the operations further comprise: receiving a user input to transfer the authentication token; and determining that the indicator of whether the transfer is allowed indicates a transfer is not allowed, and in response, denying the transfer of the authentication token.
  12. 12 . The machine-readable medium of claim 8 , wherein the authentication token comprises two or more of: an identifier of the participant provided by a communication session organizer; identifier of the network-based communication session; or a random sequence.
  13. 13 . The machine-readable medium of claim 8 , wherein at least a portion of the authentication token is encrypted by a public key of the blockchain account and wherein the operations comprise decrypting the at least a portion of the authentication token using a private key of the blockchain account.
  14. 14 . The machine-readable medium of claim 8 , wherein the operations further comprise: providing an identifier of the blockchain account of the participant to the network-based communication service.
  15. 15 . A computing device for authenticating to a network-based communication service to participate in a network-based communication session, the computing device comprising: a hardware processor; a memory, the memory storing instructions, which when executed by the hardware processor cause the computing device to perform operations comprising: receiving an invitation to a communication session, the invitation including an indication of an authentication token recorded on a public blockchain, the authentication token associated on the public blockchain with an identifier of a blockchain account of a participant; receiving an input to join the network-based communication session; responsive to receiving the input to join the network-based communication session: retrieving the authentication token using credentials of the blockchain account of the participant; sending a join request to the network-based communication service to join the network-based communication session, the join request providing the authentication token to authenticate with the network-based communication service; and responsive to the network-based communication service authenticating the authentication token, joining the network-based communication session.
  16. 16 . The computing device of claim 15 , wherein the authentication token includes a custom communication setting, and wherein joining the network-based communication session comprises applying the custom communication setting to the network-based communication session.
  17. 17 . The computing device of claim 15 , wherein the authentication token includes an indicator of whether a transfer is allowed.
  18. 18 . The computing device of claim 17 , wherein the operations further comprise: receiving a user input to transfer the authentication token; and determining that the indicator of whether the transfer is allowed indicates a transfer is not allowed, and in response, denying the transfer of the authentication token.
  19. 19 . The computing device of claim 15 , wherein the authentication token comprises two or more of: an identifier of the participant provided by a communication session organizer; identifier of the network-based communication session; or a random sequence.
  20. 20 . The computing device of claim 15 , wherein at least a portion of the authentication token is encrypted by a public key of the blockchain account and wherein the operations comprise decrypting the at least a portion of the authentication token using a private key of the blockchain account.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application is a continuation of prior application Ser. No. 18/373,742, filed on Sep. 27, 2023, which application is a continuation of prior application Ser. No. 17/462,954, filed on Aug. 31, 2021, which applications are incorporated by reference herein in their entirety. TECHNICAL FIELD Embodiments pertain to network-based communication sessions. Some embodiments relate to authentication of users of network-based communication sessions. BACKGROUND Network-based communication sessions, such as VOIP phone calls, network-based meetings, and the like may allow users to share voice, video, documents, and other communications in a very natural way that accurately simulates person-to-person interactions despite the participants not being in physical proximity to each other. For example, network-based meetings may simulate an in-person meeting that enables participants to see, hear, and interact with one another and with one or more documents. BRIEF DESCRIPTION OF THE DRAWINGS In the drawings, which are not necessarily drawn to scale, like numerals may describe similar components in different views. Like numerals having different letter suffixes may represent different instances of similar components. The drawings illustrate generally, by way of example, but not by way of limitation, various embodiments discussed in the present document. FIG. 1 illustrates a system according to some examples of the present disclosure. FIG. 2 illustrates communication scheduling components of a communication service according to some examples of the present disclosure. FIG. 3 illustrates a diagram of a communications service processing a meeting join request from a computing device using a token, according to some examples of the present disclosure. FIG. 4 illustrates a blockchain authenticated device according to some examples of the present disclosure. FIG. 5 illustrates a flowchart of a method of using a blockchain token to authenticate users of a communication session according to some examples of the present disclosure. FIG. 6 illustrates a flowchart of a method of a computing device joining a meeting using a token on a blockchain according to some examples of the present disclosure. FIG. 7 is a block diagram illustrating an example of a machine upon which one or more embodiments may be implemented. DETAILED DESCRIPTION Network-based communication sessions, such as online meetings, are scheduled by a user at a scheduling computing device. Typically, to schedule the session, a user interacts with a Graphical User Interface (GUI) provided by a communication service that provides the network-based communication session or interacts with a GUI provided by another application such as a calendar or email application. As part of scheduling the network-based communication session, the scheduling user provides identifiers for one or more participants. Identifiers may include usernames, email addresses, or the like. For participants with identifiers that link to accounts in a local tenant or a federated tenant that is trusted by the communication system, the system may be able to verify the identity of those participants, both during the scheduling process and when signing in when those participants as these participants are authenticated with that tenant prior to joining the communication session. In some cases, a scheduling user may invite participants from outside the tenant or a federated tenant by providing an email address with a domain that is outside of the tenant or federated tenant(s). While the invitation sent to the provided email address may include join information that may be specific to that user (e.g., a meeting identifier and a password), there is no way to verify that a person joining with the join information provided to that email address is that individual rather than someone that the user forwarded the meeting join information to. As a result, in many cases security policies prevent the organizer from setting custom settings for the communication sessions for these attendees. In addition, these outside participants may have to join via a secured join path that first places these users in a meeting lobby until they are approved. This provides a sub-optimal experience and wastes time and computing resources as meeting participants need to manually configure their communication experience during the start of the meeting. This wastes computing and network resources, time, and contributes to frustration. Disclosed in some examples are methods, systems, devices, and machine-readable mediums which utilize authentication tokens recorded to a blockchain to identify and/or authenticate participants of a network-based communication session such as a network-based meeting. When creating a communication session, a token may be created for a participant. The token may be transferred to a blockchain account of the participant using a blockchain transaction. The blockchain account may