Aggregator technology without usernames and passwords

US 10,623,397 B2
Filed: 05/18/2018
Issued: 04/14/2020
Est. Priority Date: 02/24/2015
Status: Active Grant

First Claim

Patent Images

1. A method of providing access of web applications over a network to a remote user computer, the method comprising:

providing access to an aggregator application from the remote computer via a social login identity provider;

receiving a username associated with the social login identity provider at a lightweight directory access protocol (LDAP) server sent from a data source associated with the aggregator application over the Internet, the LDAP server comprising a microprocessor and a memory that stores the user'"'"'s informational data;

identifying the stored user'"'"'s informational data by comparing the received username to a private username and/or private password previously stored for said user but is inaccessible to said user;

generating a challenge question having an associated answer, request for biometric or social information from the user, or a request for other relevant stored data about the user, each of which indicates the identity of the user;

formatting the challenge or requests into data blocks according to a format associated with said social login identity provider; and

transmitting the formatted challenge or requests over a communication channel to the remote computer intended for the user to answer,wherein when the user provides a correct response to the challenge or requests, the LDAP server causing the aggregator application, on the remote computer, to activate, display, and provide access to all of the web applications on which the user has accounts;

wherein the LDAP server causes the aggregator application to activate and display on the remote computer also web applications on which the user does not have accounts and subsequently are not enabled and wherein the aggregator application is configured to display a visual indicator to indicate that the applications do not have an account for the user and subsequently are not enabled.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are described in which to access a user'"'"'s web applications, the user registers and signs on to an aggregator system using any supported login identity provider username and password. When the user registers for the first time, the system collects additional information to verify the user for a subsequent access to the system. The system also automatically creates a system secret username and secret, highly securely generated password, both of which are unknown and inaccessible to the user. The secret username and password are stored in a lightweight directory access protocol (LDAP) server or database or in a distributed cloud database system. The system also maps the login identity provider user name to the secret user name and password for subsequent usage.

Citations

7 Claims

1. A method of providing access of web applications over a network to a remote user computer, the method comprising:
- providing access to an aggregator application from the remote computer via a social login identity provider;
  
  receiving a username associated with the social login identity provider at a lightweight directory access protocol (LDAP) server sent from a data source associated with the aggregator application over the Internet, the LDAP server comprising a microprocessor and a memory that stores the user'"'"'s informational data;
  
  identifying the stored user'"'"'s informational data by comparing the received username to a private username and/or private password previously stored for said user but is inaccessible to said user;
  
  generating a challenge question having an associated answer, request for biometric or social information from the user, or a request for other relevant stored data about the user, each of which indicates the identity of the user;
  
  formatting the challenge or requests into data blocks according to a format associated with said social login identity provider; and
  
  transmitting the formatted challenge or requests over a communication channel to the remote computer intended for the user to answer,wherein when the user provides a correct response to the challenge or requests, the LDAP server causing the aggregator application, on the remote computer, to activate, display, and provide access to all of the web applications on which the user has accounts;
  
  wherein the LDAP server causes the aggregator application to activate and display on the remote computer also web applications on which the user does not have accounts and subsequently are not enabled and wherein the aggregator application is configured to display a visual indicator to indicate that the applications do not have an account for the user and subsequently are not enabled.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein if the user decides to login using a new unregistered login identity provider, and the user never enabled that login identity provider web application for the aggregator application, the aggregator application attempts to identify the user.
  - 3. The method of claim 1, wherein when a second user is delegating an aggregator enabled web application to a plurality of people or within the user'"'"'s organization to the user, the aggregator application causes the shared web application to automatically appear on the user'"'"'s interface.

4. A system, comprising:
- a processor; and
  
  non-transitory computer-readable storage medium coupled to the processor and having instructions stored thereon, which, when executed by the processor, cause the processor to perform operations comprising;
  
  providing access to an aggregator application from the remote computer via a social login identity provider;
  
  receiving a username associated with the social login identity provider at a lightweight directory access protocol (LDAP) server sent from a data source associated with the aggregator application over the Internet, the LDAP server comprising a microprocessor and a memory that stores the user'"'"'s informational data;
  
  identifying the stored user'"'"'s informational data by comparing the received username to a private username and/or private password previously stored for said user but is inaccessible to said user;
  
  generating a challenge question having an associated answer, request for biometric or social information from the user, or request other relevant stored data about the user, each of which indicates the identity of the user;
  
  formatting the challenge or requests into data blocks according to a format associated with said social login identity provider; and
  
  transmitting the formatted challenge or requests over a communication channel to the remote computer intended for the user to answer,wherein when the user provides a correct response to the challenge or requests, the LDAP server causing the aggregator application, on the remote computer, to activate, display, and provide access to all of the web applications on which the user has accounts;
  
  wherein the LDAP server causes the aggregator application to activate and display on the remote computer also web applications on which the user does not have accounts and subsequently are not enabled and wherein the aggregator application is configured to display a visual indicator to indicate that the applications do not have an account for the user and subsequently are not enabled.
- View Dependent Claims (5, 6)
- - 5. The system of claim 4, wherein if the user decides to login using a new unregistered login identity provider, and the user never enabled that login identity provider web application for the aggregator application, the aggregator application attempts to identify the user.
  - 6. The system of claim 5, wherein when a second user is delegating an aggregator enabled web application to a plurality of people or within the user'"'"'s organization to the user, the aggregator application causes the shared web application to automatically appear on the user'"'"'s interface.

7. A non-transitory computer-readable storage medium having stored thereon a computer program comprising a program code for performing, when running on a computer, a method comprising:
- providing access to an aggregator application from the remote computer via a social login identity provider;
  
  receiving a username associated with the social login identity provider at a lightweight directory access protocol (LDAP) server sent from a data source associated with the aggregator application over the Internet, the LDAP server comprising a microprocessor and a memory that stores the user'"'"'s informational data;
  
  identifying the stored user'"'"'s informational data by comparing the received username to a private username and/or private password previously stored for said user but is inaccessible to said user;
  
  generating a challenge question having an associated answer, request for biometric or social information from the user, or a request for other relevant stored data about the user, each of which indicates the identity of the user;
  
  formatting the challenge or requests into data blocks according to a format associated with said social login identity provider; and
  
  transmitting the formatted challenge or requests over a communication channel to the remote computer intended for the user to answer,wherein when the user provides a correct response to the challenge or requests, the LDAP server causing the aggregator application, on the remote computer, to activate, display, and provide access to all of the web applications on which the user has accounts,wherein the LDAP server causes the aggregator application to activate and display on the remote computer also web applications on which the user does not have accounts and subsequently are not enabled and wherein the aggregator application is configured to display a visual indicator to indicate that the applications do not have an account for the user and subsequently are not enabled.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avatier Corporation
Original Assignee
Avatier Corporation
Inventors
Cicchitto, Nelson A.
Primary Examiner(s)
Moorthy, Aravind K

Application Number

US15/984,193
Publication Number

US 20180270221A1
Time in Patent Office

697 Days
Field of Search

726 6, 726 5, 713168, 713182, 713183, 713186
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

Aggregator technology without usernames and passwords

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Aggregator technology without usernames and passwords

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links