Methods and systems for providing secure access to a hosted service via a client application

US 20050198348A1
Filed: 12/23/2003
Published: 09/08/2005
Est. Priority Date: 12/23/2003
Status: Active Grant

First Claim

Patent Images

1. A method of providing secure user access to services offered by a service provider to a client application over a network, the method comprising:

receiving an application cookie from the client application;

populating a service cookie based on information in the application cookie; and

utilizing information in the service cookie as a basis for regulating a provision of services to the client application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses methods and systems for providing secure user access to services offered by a service provider to a client application over a network. One embodiment includes receiving an application cookie from the client application and populating a service cookie based on information in the application cookie. Information in the service cookie is utilized as a basis for regulating a provision of services to the client application.

Citations

30 Claims

1. A method of providing secure user access to services offered by a service provider to a client application over a network, the method comprising:
- receiving an application cookie from the client application;
  
  populating a service cookie based on information in the application cookie; and
  
  utilizing information in the service cookie as a basis for regulating a provision of services to the client application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein receiving an application cookie from the client application comprises detecting and reading the application cookie with an account module, the account module configured to cross-reference the information in the application cookie with information in an existing customer account database.
  - 3. The method of claim 1, wherein populating the service cookie comprises populating the service cookie with information in an existing customer account database based on information in the application cookie.
  - 4. The method of claim 1, wherein utilizing information comprises implementing an auth-filter to police access to an offered service based on information in the service cookie.
  - 5. The method of claim 1, wherein populating a service cookie based on information in the application cookie comprises populating the service cookie based on an entity identifier.
  - 6. The method of claim 1, wherein populating a service cookie based on information in the application cookie comprises populating the service cookie based on a service identifier.
  - 7. The method of claim 1, wherein populating a service cookie based on information in the application cookie comprises populating the service cookie based on user role information.
  - 8. The method of claim 1, wherein receiving an application cookie comprises receiving an encrypted application cookie.

9. A method for providing secure user access to services offered by a service provider to a client application over a network, the method comprising:
- receiving an application cookie from the client application; and
  
  utilizing information in the application cookie as a basis for regulating a provision of services to the client application.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 9, wherein receiving an application cookie comprises receiving an encrypted application cookie.
  - 17. The method of claim 9, wherein receiving the application cookie comprises receiving the application cookie as a part of a certificate-protected exchange.
  - 18. The method of claim 9, wherein providing user access comprises providing access to owners and employees of a retail establishment.
  - 19. The method of claim 9, wherein providing user access comprises providing access to customer of a retail establishment.

10. The method of claim 10, wherein utilizing information comprises implementing an auth-filter to read and verify information in the application cookie and police access rights accordingly.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, wherein implementing an auth-filter comprises configuring an existing auth-filter to support the application cookie.
  - 12. The method of claim 10, wherein implementing an auth-filter comprises adding an additional auth-filter configured to support the application cookie.
  - 13. The method of claim 10, wherein receiving an application cookie from a client application comprises receiving the application cookie populated with information based on an entity identifier.
  - 14. The method of claim 10, wherein receiving an application cookie from a client application comprises receiving the application cookie populated with information based on a service identifier.
  - 15. The method of claim 10, wherein receiving an application cookie from a client application comprises receiving the application cookie populated with information based on user role.

20. A computer-implemented method for populating a service cookie, the method comprising:
- receiving a service call over a network; and
  
  populating the service cookie with information based on the service call.
- View Dependent Claims (21, 22, 23, 24, 25, 26)
- - 21. The method of claim 20, wherein populating the service cookie with information based on the service call comprises populating the service cookie with an entity identifier.
  - 22. The method of claim 20, wherein populating the service cookie with information based on the service call comprises populating the service cookie with a service identifier.
  - 23. The method of claim 20, wherein populating the service cookie with information based on the service call comprises populating the service cookie with user role information.
  - 24. The method of claim 20, wherein receiving a service call over a network comprises invoking the service call over http (hyper text transfer protocols).
  - 25. The method of claim 20, wherein receiving a service call over a network comprises receiving a certificate-protected service call using digital certificates.
  - 26. The method of claim 20, wherein receiving a service call over a network comprises validating a service call using a pre-established encryption code.

27. A computer-implemented system for providing services over a network comprising:
- a client application having an application cookie populated with information based on services accessible by a user, the client application configured to transmit the application cookie over the network; and
  
  a service provider configured to receive the populated application cookie, and further configured to utilize information in the application cookie as a basis for regulating a provision of services to the client application.
- View Dependent Claims (28, 29, 30)
- - 28. The system of claim 27, wherein the service provider comprises a service cookie, and wherein the service provider is configured to populate the service cookie based on information populated in the application cookie.
  - 29. The system of claim 27, wherein the service provider further comprises an auth-filter configured to police access of offered services based on information in the application cookie.
  - 30. The system of claim 27, wherein the auth-filter is further configured to police access of offered services based on information in a service cookie that is a reflection of information in the application cookie.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Shrivastava, Sumeet Updesh, Arunachalam, Vaidyanathan, Dournov, Pavel A., Yeates, Anthony J., Whitlock, Donna L.

Granted Patent

US 8,099,503 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/232
CPC Class Codes

G06Q 20/206   comprising security or oper...

H04L 12/6418   Hybrid transport

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 67/01   Protocols

H04L 67/535   Tracking the activity of th...

Methods and systems for providing secure access to a hosted service via a client application

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for providing secure access to a hosted service via a client application

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links