METHOD FOR AUTHORIZING ACCESS TO PROTECTED CONTENT

US 20140068746A1
Filed: 10/24/2011
Published: 03/06/2014
Est. Priority Date: 11/24/2010
Status: Active Grant

First Claim

Patent Images

1. Method for authorizing access to a third party application, called client (2), to protected resources owned by a user (1) and hosted in a server (3), the method comprising:

the client being used by the user asking for a temporary token to the server;

in addition to responding to the client with said temporary token, the server sending a first SMS to the user, said first SMS providing means to authenticate the user;

authenticating the user by the means provided in previous two steps;

the user authorizing the client;

after the authentication of the user and authorization of the user to the client, the server sending a second SMS to the user providing some information needed to obtain an access token;

the client getting the information of the previous step from the user and the access token;

the client accessing protected resources using the access token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention refers to a method for authorizing access to a third party application, called client (2), to protected resources owned by a user (1) and hosted in a server (3). The method comprising: the client being used by the user asking for a temporary token to the server; the server sending a first SMS to the user, said first SMS providing means to authenticate the user; authenticating the user by the means provided in previous two steps; the user authorizing the client; the server sending a second SMS to the user providing some information needed to obtain an access token; the client getting the information of the previous step from the user and the access token; the client accessing protected resources using the access token.

86 Citations

View as Search Results

15 Claims

1. Method for authorizing access to a third party application, called client (2), to protected resources owned by a user (1) and hosted in a server (3), the method comprising:
- the client being used by the user asking for a temporary token to the server;
  
  in addition to responding to the client with said temporary token, the server sending a first SMS to the user, said first SMS providing means to authenticate the user;
  
  authenticating the user by the means provided in previous two steps;
  
  the user authorizing the client;
  
  after the authentication of the user and authorization of the user to the client, the server sending a second SMS to the user providing some information needed to obtain an access token;
  
  the client getting the information of the previous step from the user and the access token;
  
  the client accessing protected resources using the access token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1 further comprising defining or using a parameter in the client to indicate who the user is and where to send the first SMS.
  - 3. The method according to claims 1-2, wherein the means to authenticate the user, included in the first SMS, are an URL carrying a token not known for the client and an indication for the user to click on the URL.
  - 4. The method according to claims 1-2, wherein the means included in the first SMS to authenticate the user, are a token not known for the client and indications for the user to send a SMS with the token to a designated number.
  - 5. The method according to claim 1 further comprising defining or using a parameter in the client to indicate that an SMS or a binary-SMS has to be sent to the user after the user authentication and authorization.
  - 6. The method according to any one of claims 1, 2 and 5, wherein the information needed to obtain an access token is a verification code included in the second SMS, said verification code is given to the client by the user.
  - 7. The method according to any one of claims 1, 2 and 5, wherein the information needed to obtain an access token is a verification code included in the second SMS, being the second SMS a binary SMS sent to an indicated port of a handset of the user where the client obtains the verification code directly.
  - 8. The method according to any one of claims 1, 2 and 5, wherein the information sent in the second SMS is the access token, and said access token is given to the client by the user.
  - 9. The method according to any one of claims 1, 2 and 5, wherein the information sent in the second SMS is the access token, being the second SMS a binary SMS sent to an indicated port of a handset of the user where the client obtains the access token directly.
  - 10. Method according to claims 1, 2 and 5, wherein standard OAuth protocol is used for performing method steps.
  - 11. The method according to any one of claims 2 and 5, wherein the first parameter is defined by using an additional parameter non-defined in OAuth protocol.
  - 12. The method according to any one of claims 2 and 5, wherein the first parameter is defined by re-using a parameter defined in OAuth protocol.
  - 13. The method according to any one of claims 1, 2 and 5, further comprising defining a second parameter in the client for signalling.
  - 14. The method according to claim 13, wherein the second parameter is defined by using an additional parameter non-defined in OAuth protocol.
  - 15. The method according to claim 11, wherein the second parameter is the callbackURL parameter of the OAuth protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonica SA
Original Assignee
Diego Gonzalez Martinez, Enrique Velez Tarilonte, Jorge Guillen Navarro
Inventors
Gonzlez Martnez, Diego, Lozano Llanos, David, Munuera Andreo, Jorge, Vlez Tarilonte, Enrique, Guilln Navarro, Jorge

Granted Patent

US 9,118,648 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

G06F 21/31   User authentication

G06F 21/335   for accessing specific reso...

G06F 21/43   wireless channels

G06F 21/6218   to a system of files or obj...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/0846   using time-dependent-passwo...

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

H04L 63/18   using different networks or...

H04L 67/563   Data redirection of data ne...

H04L 9/32   including means for verifyi...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3228   One-time or temporary data,...

H04W 12/06 : Authentication

H04W 4/14 : Short messaging services, e...

View All

METHOD FOR AUTHORIZING ACCESS TO PROTECTED CONTENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

86 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR AUTHORIZING ACCESS TO PROTECTED CONTENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links