FLEXIBLE SECURITY TOKEN FRAMEWORK

US 20120331518A1
Filed: 10/24/2011
Published: 12/27/2012
Est. Priority Date: 06/23/2011
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method executable by a server system to establish and manage security tokens for at least one application supported by the server system, the method comprising:

creating, at the server system, a token type to be used with an application supported by the server system, the token type having a token format and a set of token use policies associated therewith, wherein the token format and the set of token use policies are dictated by obtained values of a plurality of token configuration variables;

generating, at the server system, a security token of the created token type and having the token format; and

enforcing, at the server system, the token use policies for the security token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented server system includes or supports applications that use security tokens. The server system includes a security token module to create token types for use with the applications, to generate security tokens corresponding to created token types, and to enforce token use policies for generated security tokens. The server system also includes a database to store security tokens for the token module. The token module accommodates creation of different token types having different token formats and different token use policies, based on obtained values of a plurality of token configuration variables. The token module generates security tokens in accordance with the different token formats, and enforces the different token use policies when processing incoming security tokens.

Citations

20 Claims

1. A computer-implemented method executable by a server system to establish and manage security tokens for at least one application supported by the server system, the method comprising:
- creating, at the server system, a token type to be used with an application supported by the server system, the token type having a token format and a set of token use policies associated therewith, wherein the token format and the set of token use policies are dictated by obtained values of a plurality of token configuration variables;
  
  generating, at the server system, a security token of the created token type and having the token format; and
  
  enforcing, at the server system, the token use policies for the security token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - obtaining a received security token at the server system; and
      
      validating the received security token.
  - 3. The method of claim 1, further comprising:
    - obtaining a received security token at the server system; and
      
      determining whether usage of the received security token complies with the token use policies.
  - 4. The method of claim 1, further comprising:
    - receiving the obtained values of the plurality of token configuration variables from a client system supported by the server system.
  - 5. The method of claim 1, further comprising:
    - receiving an XML file that conveys the obtained values of the plurality of token configuration variables.
  - 6. The method of claim 1, further comprising:
    - receiving a configuration file that conveys the obtained values of the plurality of token configuration variables.
  - 7. The method of claim 1, wherein the plurality of token configuration variables comprises a token format variable selected from the group consisting of:
    - a token length variable, a case sensitivity variable, a numbers permitted variable, a letters permitted variable, a special characters permitted variable, a mandatory character string variable, a prohibited character string variable, and a minimum strength variable.
  - 8. The method of claim 1, wherein the plurality of token configuration variables comprises a token use policy variable selected from the group consisting of:
    - a maximum number of uses variable, a generation rate limit variable, a maximum number of failed attempts variable, and an expiration variable.

9. A computer-implemented method executable by a security token module of a server system to establish and manage security tokens for at least one application supported by the server system, the method comprising:
- receiving token configuration data at the security token module, the token configuration data specifying a plurality of token format settings and a plurality of token use policy settings;
  
  in response to receiving the token configuration data, the security token module creating a token type to be used with an application supported by the server system, the token type having a token format governed by the token format settings and the token type having a set of token use policies governed by the token use policy settings;
  
  generating, at the security token module, security tokens in accordance with the token format; and
  
  processing, at the security token module, incoming security tokens of the token type, wherein the processing is performed in accordance with the set of token use policies for the generated security tokens.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the processing comprises validating the incoming security tokens.
  - 11. The method of claim 9, wherein the token configuration data is received as user-entered data that originates from a client system supported by the server system.
  - 12. The method of claim 9, wherein the token configuration data is received as user-entered data that originates from the server system.
  - 13. The method of claim 9, wherein the token configuration data is received with an update of source code for the server system.
  - 14. The method of claim 9, wherein the plurality of token format settings comprises a token format setting selected from the group consisting of:
    - a token length setting, a case sensitivity setting, a numbers permitted setting, a letters permitted setting, a special characters permitted setting, a mandatory character string setting, a prohibited character string setting, and a minimum strength setting.
  - 15. The method of claim 9, wherein the plurality of token use policy settings comprises a token use policy setting selected from the group consisting of:
    - a maximum number of uses setting, a generation rate limit setting, a maximum number of failed attempts setting, and an expiration setting.

16. A computer-implemented server system comprising:
- at least one application that utilizes security tokens;
  
  a security token module configured to create token types for use with the at least one application, to generate security tokens corresponding to created token types, and to enforce token use policies for generated security tokens; and
  
  a database to store generated security tokens for the security token module;
  
  wherein the security token module is configured to accommodate creation of different token types having different token formats and different token use policies, based on obtained values of a plurality of token configuration variables;
  
  wherein the security token module is configured to generate security tokens in accordance with the different token formats; and
  
  wherein the security token module is configured to enforce the different token use policies when processing incoming security tokens of the different token types.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The server system of claim 16, wherein the obtained values of the plurality of token configuration variables originate from a client system supported by the server system.
  - 18. The server system of claim 16, wherein:
    - the server system is a multi-tenant server architecture that supports a plurality of different tenants;
      
      the database is a multi-tenant database for the multi-tenant server architecture; and
      
      the security token module is a centralized module that supports the plurality of different tenants.
  - 19. The server system of claim 18, wherein the security token module is configured to create at least one token type that is used across at least two of the plurality of different tenants.
  - 20. The server system of claim 16, wherein the plurality of token configuration variables comprises variables selected from the group consisting of:
    - a token length variable, a case sensitivity variable, a numbers permitted variable, a letters permitted variable, a special characters permitted variable, a mandatory character string variable, a prohibited character string variable, a minimum strength variable, a maximum number of uses variable, a generation rate limit variable, a maximum number of failed attempts variable, and an expiration variable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Lee, Jong

Application Number

US13/279,900
Publication Number

US 20120331518A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/33   using certificates

G06F 21/335   for accessing specific reso...

G06F 21/604   Tools and structures for ma...

H04L 63/0815   providing single-sign-on or...

FLEXIBLE SECURITY TOKEN FRAMEWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

FLEXIBLE SECURITY TOKEN FRAMEWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links