Securing shipment information accessed based on data encoded in machine-readable data blocks
First Claim
1. A method for securing access to shipment information, the method comprising:
- restricting and redirecting access to the shipment information, the access based on data encoded in a bar code in a packing list, the data including a first access token, by;
receiving a request from a shipment preparation computing system and based on a network resource identifier determined by the shipment preparation computing system based on the data encoded in the bar code in the packing list, wherein the request based on the network resource identifier includes a second access token;
in response to the received request based on the network resource identifier, transmitting to the shipment preparation computing system a uniform resource identifier;
receiving from the shipment preparation computing system a request to access the shipment information, wherein the request to access the shipment information uses the uniform resource identifier and includes the first access token from the data encoded in the bar code in the packing list;
determining, by a computer system, based on the request to access the shipment information, whether to allow access to the shipment information;
allowing access to the shipment information only when it is determined to allow access to the shipment information; and
performing, based on the second access token, limited translations of the network resource identifier into the uniform resource identifier.
4 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments provide a Shipment Preparation System (“SPS”), which facilitates the preparation of shipments, such as by producing shipping labels. In one embodiment, the SPS is configured to receive shipment preparation information from a bar code or other machine-readable data block in a packing list. The shipment preparation information identifies a uniform resource identifier (“URI”) that identifies a code module that is remote from the SPS. The shipment preparation information and/or the URI further includes an access token. The SPS then uses the URI to communicate with the code module in order to access shipment information (e.g., to read a read a shipping address, to store an indication that a shipment is ready for pick up). The code module restricts access to the shipment information based on the access token, such as by only allowing a limited number or duration of access via the token.
141 Citations
24 Claims
-
1. A method for securing access to shipment information, the method comprising:
restricting and redirecting access to the shipment information, the access based on data encoded in a bar code in a packing list, the data including a first access token, by; receiving a request from a shipment preparation computing system and based on a network resource identifier determined by the shipment preparation computing system based on the data encoded in the bar code in the packing list, wherein the request based on the network resource identifier includes a second access token; in response to the received request based on the network resource identifier, transmitting to the shipment preparation computing system a uniform resource identifier; receiving from the shipment preparation computing system a request to access the shipment information, wherein the request to access the shipment information uses the uniform resource identifier and includes the first access token from the data encoded in the bar code in the packing list; determining, by a computer system, based on the request to access the shipment information, whether to allow access to the shipment information; allowing access to the shipment information only when it is determined to allow access to the shipment information; and performing, based on the second access token, limited translations of the network resource identifier into the uniform resource identifier.
-
2. The method of claim 1, wherein the shipment information is information related to preparation of a shipment of an order and wherein receiving a request to access the shipment information includes:
- receiving a request to provide the shipment information and/or a request to record the shipment information.
-
3. The method of claim 1, wherein receiving a request to access the shipment information includes receiving a request to provide the shipment information, and further comprising:
- in response to the received request to provide the shipment information, transmitting the requested information only when it is determined to allow access to the shipment information.
-
4. The method of claim 1, wherein receiving a request to access the shipment information includes receiving a request to record the shipment information, and further comprising:
- in response to the request to record the shipment information, persistently storing the information only when it is determined to allow access to the shipment information.
-
5. The method of claim 1, wherein the determining whether to allow access includes:
- determining whether the first access token has been used more than a threshold number of times.
-
6. The method of claim 1, wherein the determining whether to allow access includes:
- determining whether the first access token has expired.
-
7. The method of claim 6, wherein the determining whether the first access token has expired includes:
- determining whether the first access token is being used within an allowable time period.
-
8. The method of claim 7, wherein the allowable time period begins at an initial use of the first access token and runs for an amount of time that is specified by the first access token.
-
9. The method of claim 1, wherein the determining whether to allow access includes:
- determining whether the first access token has been used less than a threshold number of times and whether the first access token is being used within an allowable time period.
-
10. The method of claim 1, wherein the determining whether to allow access includes:
- determining whether the request to access the shipment information is received from an authorized computing device.
-
11. The method of claim 10, wherein the determining whether the request to access the shipment information is received from an authorized computing device includes:
- determining whether the computing device has a network address that matches a network address used during a previously received request to access the shipment information.
-
12. The method of claim 10, wherein the determining whether the request to access the shipment information is received from an authorized computing device includes:
- determining whether the computing device has a network address that is within a range of authorized network addresses.
-
13. The method of claim 1, wherein the first and the second access tokens are each single-use tokens.
-
14. The method of claim 1, further comprising:
- recording information about the access to the shipment information, the recorded information including indications of;
a network address of the shipment preparation computing system, a time associated with the access, an access type, and whether or not the access is authorized.
- recording information about the access to the shipment information, the recorded information including indications of;
-
15. The method of claim 1, wherein the uniform resource identifier is based on the second access token via a mapping between the second access token and the uniform resource identifier.
-
16. The method of claim 1, wherein the second access token is based on the first access token.
-
17. The method of claim 1, wherein the performing limited translations includes:
- performing, based on the second access token, a limited number of translations of the network resource identifier into the uniform resource identifier.
-
18. The method of claim 1, wherein the performing limited translations includes:
- performing, based on the second access token, translations of the network resource identifier into the uniform resource identifier for a limited time duration.
-
19. The method of claim 1, wherein the data encoded in the bar code includes the second access token.
-
20. A system for securing access to shipment information, the system comprising:
-
a processor; a memory, communicatively coupled to the processor; and a module that is stored in the memory and that is configured, when executed by the processor, to perform a method comprising; restricting and redirecting access to the shipment information, the access based on data encoded in a machine-readable data block in a packing list, the data including a first access token, by; receiving a request from a client computing system and based on a network resource identifier determined by the client computing system based on the data encoded in the machine-readable data block in the packing list, wherein the request based on the network resource identifier includes a second access token; in response to the received request based on the network resource identifier, transmitting to the client computing system a uniform resource identifier; receiving from the client computing system a request to access the shipment information, wherein the request to access the shipment information uses the uniform resource identifier and includes the first access token from the data encoded in the machine-readable data block in the packing list; determining, based on the first access token, whether to allow access to the shipment information; allowing access to the shipment information only when it is determined to allow access to the shipment information; and performing, based on the second access token, limited translations of the network resource identifier into the uniform resource identifier.
-
-
21. The system of claim 20, further comprising:
an indirection service that is configured to; receive from the client computing system the request based on the network resource identifier; and in response to the received request based on the network resource identifier, transmit to the client computing system the uniform resource identifier for making the request to access the shipment information, wherein the client computing system is configured to include in the request to access the shipment information the first access token from the data encoded in the machine-readable data block in the packing list.
-
22. The system of claim 21, wherein the method further comprises:
- transmitting multiple access tokens to the indirection service for inclusion in uniform resource identifiers provided by the indirection service.
-
23. A non-transitory computer-readable medium storing a computer program t, upon execution by a computing system, causes the computing system to perform a method for securing access to shipment information, the method comprising:
restricting and redirecting access to the shipment information, the access based on data encoded in a bar code in a packing list, the data including a first access token, by; receiving a request from a shipment preparation computing system and based on a network resource identifier determined by the shipment preparation computing system based on the data encoded in the bar code in the packing list, wherein the request based on the network resource identifier includes a second access token; in response to the received request based on the network resource identifier, transmitting to the shipment preparation computing system a uniform resource identifier; receiving from the shipment preparation computing system a request to access the shipment information, wherein the request to access the shipment information uses the uniform resource identifier and includes the first access token from the data encoded in the bar code in the packing list; determining, based on the request to access the shipment information, whether to allow access to the shipment information; allowing access to the shipment information only when it is determined to allow access to the shipment information; and performing, based on the second access token, limited translations of the network resource identifier into the uniform resource identifier.
-
24. The computer-readable medium of claim 23, wherein the determining whether to allow access includes:
- determining whether or not an access token included in the request to access the shipment information has expired and/or has been used more than a specified number of times.
Specification