Delegated resource authorization for replicated applications
First Claim
1. A method, comprising:
- assigning a single application identifier (ID) and a single application secret value (SV) to a customer application, wherein multiple replicated instances of the customer application include a first instance of the customer application assigned the single application ID and the single application SV and installed in a first machine of a machine cluster of customer premises equipment (CPE), and a second instance of the customer application assigned the single application ID and the single application SV and installed in a second machine of the machine cluster of the CPE;
receiving, at an authenticating device, a first resource authorization request from the first instance of the customer application via a wireless network connection to the first machine;
receiving, at the authenticating device, a second resource authorization request from the second instance of the customer application via a wireline network connection to the second machine;
generating, responsive to the first resource authorization request, a first token using a first network address associated with the first machine, the single application ID and the single application SV;
returning, from the authenticating device to the first instance of the customer application, the generated first token for use in requesting access to a resource server;
generating, responsive to the second resource authorization request, a second token using a second network address associated with the second machine, the single application ID and the single application SV; and
returning, from the authenticating device to the second instance of the customer application, the generated second token for use in requesting access to the resource server.
1 Assignment
0 Petitions
Accused Products
Abstract
An authenticating device assigns an application identifier and an application secret value to a customer application, receives a first resource authorization request from a first instance of multiple replicated instances of a customer application, where the first instance is installed in a first machine, and receives a second resource authorization request from a second instance of the multiple replicated instances of the customer application, where the second instance is installed in a second machine. The authenticating device generates, responsive to the first resource authorization request, a first token using a first network address associated with the first machine, the application identifier and the application secret value, and returns, to the first instance of the customer application, the generated first token for use in requesting access to a resource server.
-
Citations
20 Claims
-
1. A method, comprising:
-
assigning a single application identifier (ID) and a single application secret value (SV) to a customer application, wherein multiple replicated instances of the customer application include a first instance of the customer application assigned the single application ID and the single application SV and installed in a first machine of a machine cluster of customer premises equipment (CPE), and a second instance of the customer application assigned the single application ID and the single application SV and installed in a second machine of the machine cluster of the CPE; receiving, at an authenticating device, a first resource authorization request from the first instance of the customer application via a wireless network connection to the first machine; receiving, at the authenticating device, a second resource authorization request from the second instance of the customer application via a wireline network connection to the second machine; generating, responsive to the first resource authorization request, a first token using a first network address associated with the first machine, the single application ID and the single application SV; returning, from the authenticating device to the first instance of the customer application, the generated first token for use in requesting access to a resource server; generating, responsive to the second resource authorization request, a second token using a second network address associated with the second machine, the single application ID and the single application SV; and returning, from the authenticating device to the second instance of the customer application, the generated second token for use in requesting access to the resource server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A network device, comprising:
-
a processing unit configured to; assign a single application identifier (ID) and a single application secret value (SV) to a customer application, wherein multiple replicated instances of the customer application include a first instance of the customer application assigned the single application ID and the single application SV and installed in a first machine of a machine cluster of customer premises equipment (CPE), and a second instance of the customer application assigned the single application ID and the single application SV and installed in a second machine of the machine cluster of the CPE; and a communication interface connected to a network and configured to; receive a first resource authorization request from the first instance of the customer application via a wireline network connection to the first machine, and receive a second resource authorization request from the second instance of the customer application via a wireless network connection to the second machine; wherein the processing unit is further configured to; generate, responsive to the first resource authorization request, a first token using a first network address associated with the first machine, the single application ID and the single application SV, return, via the communication interface to the first instance of the customer application, the generated first token for use in requesting access to a resource server, generate, responsive to the second resource authorization request, a second token using a second network address associated with the second machine, the single application ID and the single application SV, and return, via the communication interface to the second instance of the customer application, the generated second token for use in requesting access to the resource server. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory storage medium storing instructions executable by a computational device, wherein the instructions comprise instructions to cause the computational device to:
-
assign a single application identifier (ID) and a single application secret value (SV) to a customer application, wherein multiple replicated instances of the customer application include a first instance of the customer application assigned the single application ID and the single application SV and installed in a first machine of a machine cluster of customer premises equipment (CPE), and a second instance of the customer application assigned the single application ID and the single application SV and installed in a second machine of the machine cluster of the CPE; receive a first resource authorization request from the first instance of the customer application via a wireless or a wireline network connection to the first machine; receive a second resource authorization request from the second instance of the customer application via a wireless or a wireline network connection to the second machine; generate, responsive to the first resource authorization request, a first token using a first network address associated with the first machine, the single application ID and the single application SV; return, to the first instance of the customer application, the generated first token for use in requesting access to a resource server; generate, responsive to the second resource authorization request, a second token using a second network address associated with the second machine, the single application ID and the single application SV; and return, to the second instance of the customer application, the generated second token for use in requesting access to the resource server. - View Dependent Claims (20)
-
Specification