Controlled token distribution to protect against malicious data and resource access
First Claim
Patent Images
1. A system for communicating using tokens in lieu of access-enabling codes to enhance security, the system comprising:
- a communication engine that;
receives, at a first system, a first communication from a second system, the first communication corresponding to a credential for requesting tokens and having been transmitted by the second system;
transmits a second communication to the second system at a first time, the second communication including a token, the token corresponding to an access-enabling code stored at the first system, and access to a spatial area associated with a resource is granted using only the access-enabling code;
receives, at the first system, a third communication from a user device, the third communication including the token and being received at a second time that is after the first time; and
in response to receiving the token at the first system and from the user device, transmits a fourth communication to the user device, the fourth communication including the access-enabling code corresponding to an access right for the resource;
an authentication engine that authenticates the credential, the authentication indicating that an entity associated with the second system is authorized to receive secure tokens for facilitating resource access;
a resource-access allocation engine that;
determines that the access right is available, wherein the fourth communication is transmitted in response to receiving the token at the first system and that an access right for the resource is available; and
updates an access-code data store to change an availability status of the access right, wherein a token engine further updates an access-code data store to change an availability status of the access right; and
the token engine that;
in response to the authentication, generates the token, the token being generated based on or to correspond with each of the entity and the resource;
identifies that the resource corresponds to the token; and
determines that the token corresponds to the user device.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for controlling data and resource access. For example, methods and systems can facilitate controlled token distribution across systems and token processing in a manner so as to limit access to and to protect data that includes access codes.
-
Citations
20 Claims
-
1. A system for communicating using tokens in lieu of access-enabling codes to enhance security, the system comprising:
-
a communication engine that; receives, at a first system, a first communication from a second system, the first communication corresponding to a credential for requesting tokens and having been transmitted by the second system; transmits a second communication to the second system at a first time, the second communication including a token, the token corresponding to an access-enabling code stored at the first system, and access to a spatial area associated with a resource is granted using only the access-enabling code; receives, at the first system, a third communication from a user device, the third communication including the token and being received at a second time that is after the first time; and in response to receiving the token at the first system and from the user device, transmits a fourth communication to the user device, the fourth communication including the access-enabling code corresponding to an access right for the resource; an authentication engine that authenticates the credential, the authentication indicating that an entity associated with the second system is authorized to receive secure tokens for facilitating resource access; a resource-access allocation engine that; determines that the access right is available, wherein the fourth communication is transmitted in response to receiving the token at the first system and that an access right for the resource is available; and updates an access-code data store to change an availability status of the access right, wherein a token engine further updates an access-code data store to change an availability status of the access right; and the token engine that; in response to the authentication, generates the token, the token being generated based on or to correspond with each of the entity and the resource; identifies that the resource corresponds to the token; and determines that the token corresponds to the user device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method for communicating using tokens in lieu of access-enabling codes to enhance security, the method comprising:
-
receiving, at a first system, a first communication from a second system, the first communication corresponding to a credential for requesting tokens and having been transmitted by the second system; authenticating, at the first system, the credential, the authentication indicating that an entity associated with the second system is authorized to receive secure tokens for facilitating resource access; in response to the authentication, generating, at the first system, a token, the token being generated based on or to correspond with each of;
the entity and a resource;transmitting, from the first system, a second communication to the second system at a first time, the second communication including a token, the token corresponding to an access-enabling code stored at the first system, and access to a spatial area associated with a resource is granted using only the access-enabling code; receiving, at the first system, a third communication from a user device, the third communication including the token and being received at a second time that is after the first time; identifying, at the first system, that the resource corresponds to the token; determining that the token corresponds to the user device; in response to receiving the token at the first system and from the user device, transmits a fourth communication to the user device, the fourth communication including the access-enabling code corresponding to an access right for the resource; determining that the access right is available, wherein the fourth communication is transmitted in response to determining that the token corresponds to the second system and that the access right for the resource is available; updating a token data store to indicate that the token has been used; and updating an access-code data store to change an availability status of the access right. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-program product tangibly embodied in a non-transitory machine-readable storage medium, including instructions configured to cause one or more data processors to perform actions including:
-
receiving, at a first system, a first communication from a second system, the first communication corresponding to a credential for requesting tokens and having been transmitted by the second system; authenticating, at the first system, the credential, the authentication indicating that an entity associated with the second system is authorized to receive secure tokens for facilitating resource access; in response to the authentication, generating, at the first system, a token, the token being generated based on or to correspond with each of;
the entity and a resource;transmitting, from the first system, a second communication to the second system at a first time, the second communication including a token, the token corresponding to an access-enabling code stored at the first system, and access to a spatial area associated with a resource is granted using only the access-enabling code; receiving, at the first system, a third communication from a user device, the third communication including the token and being received at a second time that is after the first time; identifying, at the first system, that the resource corresponds to the token; determining that the token corresponds to the user device; in response to receiving the token at the first system and from the user device, transmits a fourth communication to the user device, the fourth communication including the access-enabling code corresponding to an access right for the resource; determining that the access right is available, wherein the fourth communication is transmitted in response to determining that the token corresponds to the second system and that the access right for the resource is available; updating a token data store to indicate that the token has been used; and updating an access-code data store to change an availability status of the access right. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification