Rights based system
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving, with a first server, a first request for issuance of a new voucher, the first request corresponding to an issue voucher, the issue voucher being a possession-based rights object representing a right to issue the new voucher;
transmitting, with the first server, a second request to a second server for a voucher template specified by the issue voucher;
receiving, with the first server, the voucher template from the second server, the voucher template corresponding to a class of vouchers to which the new voucher belongs, the voucher template being configured to specify one or more parameters associated with the class of vouchers;
transmitting, with the first server, a third request for a first access token to a third server, the third request including the issue voucher;
receiving, with the first server, the first access token from the third server as a result of validation of the issue voucher by the third server, the first access token being configured to allow access to a first endpoint associated with the second server, the first endpoint being configured to generate the class of vouchers;
transmitting, with the first server, a fourth request for issuance of the new voucher to the first endpoint associated with the second server, the fourth request including the first access token and the voucher template; and
receiving, with the first server, the new voucher from the second server as a result of generation of the new voucher by the first endpoint using the voucher template, the new voucher representing a right to access a protected resource, the new voucher including a refresh value initialized by the second server, the refresh value being part of a mechanism that makes the new voucher a possession-based rights object.
3 Assignments
0 Petitions
Accused Products
Abstract
A rights-based system is described in which vouchers are employed for creating, managing, distributing, and redeeming rights in digital contexts. A voucher is a digital, possession-based rights representation. An authorization component of the system validates the vouchers and issues corresponding tokens. Access to digital resources is provided in response to presentation of the tokens which are validated by matching voucher refresh values to corresponding values maintained by the system. New refresh values are generated and inserted in the vouchers each time they are redeemed.
237 Citations
27 Claims
-
1. A computer-implemented method, comprising:
-
receiving, with a first server, a first request for issuance of a new voucher, the first request corresponding to an issue voucher, the issue voucher being a possession-based rights object representing a right to issue the new voucher; transmitting, with the first server, a second request to a second server for a voucher template specified by the issue voucher; receiving, with the first server, the voucher template from the second server, the voucher template corresponding to a class of vouchers to which the new voucher belongs, the voucher template being configured to specify one or more parameters associated with the class of vouchers; transmitting, with the first server, a third request for a first access token to a third server, the third request including the issue voucher; receiving, with the first server, the first access token from the third server as a result of validation of the issue voucher by the third server, the first access token being configured to allow access to a first endpoint associated with the second server, the first endpoint being configured to generate the class of vouchers; transmitting, with the first server, a fourth request for issuance of the new voucher to the first endpoint associated with the second server, the fourth request including the first access token and the voucher template; and receiving, with the first server, the new voucher from the second server as a result of generation of the new voucher by the first endpoint using the voucher template, the new voucher representing a right to access a protected resource, the new voucher including a refresh value initialized by the second server, the refresh value being part of a mechanism that makes the new voucher a possession-based rights object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system, comprising one or more hardware computing devices configured to:
-
receive a first request for issuance of a new voucher, the first request corresponding to an issue voucher, the issue voucher being a possession-based rights object representing a right to issue the new voucher; transmit a second request to a first server for a voucher template specified by the issue voucher; receive the voucher template from the first server, the voucher template corresponding to a class of vouchers to which the new voucher belongs, the voucher template being configured to specify one or more parameters associated with the class of vouchers; transmit a third request for a first access token to a second server, the third request including the issue voucher; receive the first access token from the second server as a result of validation of the issue voucher by the second server, the first access token being configured to allow access to a first endpoint associated with the first server, the first endpoint being configured to generate the class of vouchers; transmit a fourth request for issuance of the new voucher to the first endpoint associated with the first server, the fourth request including the first access token and the voucher template; and receive the new voucher from the first server as a result of generation of the new voucher by the first endpoint using the voucher template, the new voucher representing a right to access a protected resource, the new voucher including a refresh value initialized by the first server, the refresh value being part of a mechanism that makes the new voucher a possession-based rights object. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A computer program product, comprising one or more non-transitory computer-readable media having computer program instructions stored therein, the computer program instructions being configured such that, when executed by one or more computing devices, the computer program instructions cause the one or more computing devices to:
-
receive a first request for issuance of a new voucher, the first request corresponding to an issue voucher, the issue voucher being a possession-based rights object representing a right to issue the new voucher; transmit a second request to a first server for a voucher template specified by the issue voucher; receive the voucher template from the first server, the voucher template corresponding to a class of vouchers to which the new voucher belongs, the voucher template being configured to specify one or more parameters associated with the class of vouchers; transmit a third request for a first access token to a second server, the third request including the issue voucher; receive the first access token from the second server as a result of validation of the issue voucher by the second server, the first access token being configured to allow access to a first endpoint associated with the first server, the first endpoint being configured to generate the class of vouchers; transmit a fourth request for issuance of the new voucher to the first endpoint associated with the first server, the fourth request including the first access token and the voucher template; and receive the new voucher from the first server as a result of generation of the new voucher by the first endpoint using the voucher template, the new voucher representing a right to access a protected resource, the new voucher including a refresh value initialized by the first server, the refresh value being part of a mechanism that makes the new voucher a possession-based rights object.
-
Specification