Federated services managed access to services and content

US 10,601,798 B2
Filed: 03/18/2014
Issued: 03/24/2020
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, via a computing platform comprising at least one processor functionally coupled to at least one memory device, an identifier associated with an access device, from the access device, wherein the identifier is included in the payload of an authentication token;

determining, via the computing platform, that the authentication token is valid;

transmitting, via the computing platform, a service authorization token and a session token to the access device in response to ascertaining that the authentication token is valid;

receiving, via the computing platform, a request to validate a service authorization for a service providing media assets for the access device, wherein the validation of the service authorization comprises validating the service authorization token associated with the service of the media assets, and the session token;

determining, via the computing platform, a relationship between a code indicative of the service and a service account based at least on the identifier, in response to determining that the identifier is valid;

determining, via the computing platform, that the request is granted based at least in part on the relationship;

configuring, via the computing platform, a content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account, wherein the content entitlement feature establishes a predetermined scope of consumption of the media assets at the access device in connection with the service;

transmitting, via the computing platform, an access token to the access device, based at least in part on the validation of the service authorization token, wherein the access token is associated with a content request for the media assets;

receiving, via the computing platform, the content request for the media assets, and the access token from the access device;

determining, via the computing platform, that the access token is valid;

transmitting, via the computing platform, the content request and a network access token to a content distribution platform hosting the requested media assets, in response to determining that the access token is valid, for the content request; and

transmitting, via the computing platform, instructions to the content distribution platform to transmit the requested content assets to the access device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the disclosure relates to managed access to content and/or services. In certain aspects, tokens or other artifacts can be utilized for authentication and authorization.

113 Citations

19 Claims

1. A method, comprising:
- receiving, via a computing platform comprising at least one processor functionally coupled to at least one memory device, an identifier associated with an access device, from the access device, wherein the identifier is included in the payload of an authentication token;
  
  determining, via the computing platform, that the authentication token is valid;
  
  transmitting, via the computing platform, a service authorization token and a session token to the access device in response to ascertaining that the authentication token is valid;
  
  receiving, via the computing platform, a request to validate a service authorization for a service providing media assets for the access device, wherein the validation of the service authorization comprises validating the service authorization token associated with the service of the media assets, and the session token;
  
  determining, via the computing platform, a relationship between a code indicative of the service and a service account based at least on the identifier, in response to determining that the identifier is valid;
  
  determining, via the computing platform, that the request is granted based at least in part on the relationship;
  
  configuring, via the computing platform, a content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account, wherein the content entitlement feature establishes a predetermined scope of consumption of the media assets at the access device in connection with the service;
  
  transmitting, via the computing platform, an access token to the access device, based at least in part on the validation of the service authorization token, wherein the access token is associated with a content request for the media assets;
  
  receiving, via the computing platform, the content request for the media assets, and the access token from the access device;
  
  determining, via the computing platform, that the access token is valid;
  
  transmitting, via the computing platform, the content request and a network access token to a content distribution platform hosting the requested media assets, in response to determining that the access token is valid, for the content request; and
  
  transmitting, via the computing platform, instructions to the content distribution platform to transmit the requested content assets to the access device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising receiving, via the computing platform, an indication that the service is authorized for the service account.
  - 3. The method of claim 1, wherein configuring, via the computing platform, the content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account comprises authorizing the feature.
  - 4. The method of claim 1, wherein receiving the identifier comprises receiving at least one of an Internet protocol (IP) address or a medium access control (MAC) address.
  - 5. The method of claim 1, wherein the service authorization token comprises session token information and the content entitlement information.
  - 6. The method of claim of claim 1, further comprising:
    - generating, via the computing platform, the network access token in response to determining that the access token is valid.
  - 7. The method of claim 1, wherein the session token corresponds to the authentication of the identifier associated with the access device.

8. A system, comprising:
- at least one memory device comprising computer-executable instructions encoded thereon; and
  
  at least one processor functionally coupled to the at least one memory and configured, by the computer-executable instructions, to;
  
  receive an identifier associated with an access device, from the access device, wherein the identifier is included in the payload of an authentication token;
  
  ascertain that the authentication token is valid;
  
  transmit a service authorization token and a session token, to the access device in response to ascertaining that the authentication token is valid;
  
  receive a request to validate a service authorization for a service providing media assets for the access device, wherein the validation of the service authorization comprises validating the service authorization token associated with the service of the media assets, and the session token;
  
  determine a relationship between a code indicative of the service and a service account based at least on the identifier, in response to determining that the identifier is valid;
  
  ascertain that the request is granted based at least in part on the relationship;
  
  configure a content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account, wherein the content entitlement feature establishes a predetermined scope of consumption of the media assets at the access device in connection with the service;
  
  transmit an access token, to the access device, based at least in part on the validation of the service authorization, wherein the issue token is associated with a content request for the media assets;
  
  receive the content request for the media assets, and the access token from the access device;
  
  determine, via the computing platform, that the access token is valid;
  
  transmit the content request and a network access token to a content distribution platform hosting the requested media assets, in response to determining that the access token is valid, for the content request andtransmit instructions to the content distribution platform to transmit the requested content assets to the access device.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, wherein the at least one processor functionally coupled to the at least one memory is further configured, by the computer-executable instructions, to receive an indication that the service is authorized for the service account.
  - 10. The system of claim 8, wherein the at least one processor functionally coupled to the at least one memory is further configured, by the computer-executable instructions, to configure the content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account comprises authorizing the content entitlement feature.
  - 11. The system of claim 8, wherein receiving the identifier comprises receiving at least one of an Internet protocol (IP) address or a medium access control (MAC) address.
  - 12. The system of claim 8, wherein the at least one processor is further configured to execute computer-executable instructions that cause the at least one processor to:
    - generate the network access token in response to determining that the access token is valid.
  - 13. The system of claim 8, wherein the session token corresponds to the authentication of the identifier associated with the access device.

14. At least one non-transitory storage medium having instructions for content delivery encoded thereon that, in response to execution, cause at least one computing platform having at least one processor to perform operations comprising:
- receiving an identifier associated with an access device, from the access device, wherein the identifier is included in the payload of an authentication token;
  
  ascertaining that the authentication token is valid;
  
  transmitting a service authorization token and a session token, to the access device in response to ascertaining that the authentication token is valid;
  
  receiving a request to validate a service authorization for a service providing media assets for the access device, wherein the validation of the service authorization comprises validating the service authorization token associated with the service of the media assets, and the session token;
  
  ascertaining that the identifier is valid;
  
  determining a relationship between a code indicative of the service and a service account based at least on the identifier, in response to determining that the identifier is valid;
  
  ascertaining that the request is granted based at least in part on the relationship;
  
  configuring a content entitlement feature of the service in response to receiving the indication that the code is assigned to the service account, wherein the content entitlement feature establishes a predetermined scope of consumption of the media assets at the access device in connection with the service;
  
  transmitting an access token, to the access device, based at least in part on the validation of the service authorization token, wherein the access token is associated with a content request for the media assets;
  
  receiving, via the computing platform, the content request for the media assets, and the access token from the access device;
  
  determining, via the computing platform, that the access token is valid;
  
  transmitting, via the computing platform, the content request and a network access token to a content distribution platform hosting the requested media assets, in response to determining that the access token is valid, for the content request; and
  
  transmitting, via the computing platform, instructions to the content distribution platform to transmit the requested content assets to the access device.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The at least one non-transitory storage medium of claim 14, the operations further comprising receiving an indication that the service is authorized for the service account.
  - 16. The at least one non-transitory storage medium of claim 15, the operations further comprising receiving an indication that the code is assigned to the service account.
  - 17. The at least one non-transitory storage medium of claim 14, wherein the content entitlement token comprises the content entitlement information.
  - 18. The at least one non-transitory storage medium of claim 14, wherein the instructions further cause the at least one computing platform to perform an operation comprising:
    - generating the network access token in response to determining that the access token is valid.
  - 19. The at least one non-transitory storage medium of claim 14, wherein the session token corresponds to the authentication of the identifier associated with the access device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cox Communications Incorporated (Cox Enterprises Incorporated)
Original Assignee
Cox Communications Incorporated (Cox Enterprises Incorporated)
Inventors
Rothschild, Keith Alan, Shrum, Edgar V., Raza, Jr., Muhammad Asif, Thomas, Richard M.
Primary Examiner(s)
Patel, Ashokkumar B
Assistant Examiner(s)
Jones, William B

Application Number

US14/218,946
Publication Number

US 20140282918A1
Time in Patent Office

2,198 Days
Field of Search

705 51, 725 58, 725109, 725115, 725145
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/10   for controlling access to d...

Federated services managed access to services and content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

113 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Federated services managed access to services and content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

113 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links