HTTP HEADER-BASED ADAPTABLE AUTHENTICATION MECHANISM

US 20160173466A1
Filed: 12/15/2014
Published: 06/16/2016
Est. Priority Date: 12/15/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:

receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device;

sending, to the second device, a first response message having a first authentication query within header portions of the first response message;

receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message;

sending, to the second device, a second response message having a second authentication query within header portions of the second response message;

receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message; and

transmitting, to the second device, the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure is generally directed to systems and methods for HTTP header-based authentication. For example, the systems and methods include receiving, at a mobile platform server, a first request message from a client device, the first request message requesting to download an application from the mobile platform server, sending, to the client device, a first response message having a first authentication query within header portions of the first response message, receiving, at the mobile platform server, a second request message having first authentication credentials within header portions of the second request message, sending, to the client device, a second response message having a second authentication query within header portions of the second response message, receiving, at the mobile platform server first device, a third request message having second authentication credentials within header portions of the third request message, and sending, to the client device, the application.

19 Citations

View as Search Results

20 Claims

1. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
- receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device;
  
  sending, to the second device, a first response message having a first authentication query within header portions of the first response message;
  
  receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message;
  
  sending, to the second device, a second response message having a second authentication query within header portions of the second response message;
  
  receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message; and
  
  transmitting, to the second device, the application.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method according to claim 1, wherein each of the first and second authentication credentials rely upon different security mechanisms.
  - 3. The method according to claim 1, wherein the data transfer protocol standard is a hypertext transfer protocol (HTTP).
  - 4. The method according to claim 1, wherein the second authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms.
  - 5. The method according to claim 4, wherein a subsequent third authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms, and differs from the second authentication credential.

6. A non-transitory computer readable storage medium storing one or more programs configured to be executed by a processor, the one or more programs for exchanging data using a data transfer protocol between a first device and a second device, and comprising instructions for:
- receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device;
  
  sending, to the second device, a first response message having a first authentication query within header portions of the first response message;
  
  receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message;
  
  sending, to the second device, a second response message having a second authentication query within header portions of the second response message;
  
  receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message; and
  
  transmitting, to the second device, the application.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The computer readable storage medium according to claim 6, wherein each of the first and second authentication credentials rely upon different security mechanisms.
  - 8. The computer readable storage medium according to claim 6, wherein the data transfer protocol standard is a hypertext transfer protocol (HTTP).
  - 9. The computer readable storage medium according to claim 6, wherein the second authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms.
  - 10. The computer readable storage medium according to claim 7, wherein a subsequent third authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms, and differs from the second authentication credential.

11. A communication apparatus comprising:
- one or more processors; and
  
  a memory storing one or more programs for exchanging data using a data transfer protocol between a first device and a second device, and comprising instructions for execution by the one or more processors, the one or more programs including instructions for;
  
  receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device;
  
  sending, to the second device, a first response message having a first authentication query within header portions of the first response message;
  
  receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message;
  
  sending, to the second device, a second response message having a second authentication query within header portions of the second response portion;
  
  receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message; and
  
  transmitting, to the second device, the application.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The communication apparatus according to claim 11, wherein each of the first and second authentication credentials rely upon different security mechanisms.
  - 13. The communication apparatus according to claim 11, wherein the data transfer protocol standard is a hypertext transfer protocol (HTTP).
  - 14. The communication apparatus according to claim 11, wherein the second authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms.
  - 15. The communication apparatus according to claim 14, wherein a subsequent third authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, and security assertion markup language (SAML) mechanisms, and differs from the second authentication credential.

16. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
- sending, at the first device, a first request message to a second device, the first request message requesting to download an application from the second device;
  
  receiving, from the second device, a first response message having a first authentication query within header portions of the first response message;
  
  generating, at the first device, a first user interface to prompt an end user for first authentication credentials;
  
  sending, at the first device, a second request message having the first authentication credentials within header portions of the second request message;
  
  receiving, from the second device, a second response message having a second authentication query within header portions of the second response portion;
  
  generating, at the first device, a second user interface to prompt an end user for second authentication credentials;
  
  sending, at the first device, a third request message having the second authentication credentials within header portions of the third request message; and
  
  receiving, from the second device, the application.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method according to claim 16, wherein each of the first and second authentication credentials rely upon different security mechanisms.
  - 18. The method according to claim 16, wherein the data transfer protocol standard is a hypertext transfer protocol (HTTP).
  - 19. The method according to claim 16, wherein the second authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms.
  - 20. The method according to claim 16, wherein a third subsequent authentication credential is selected from secure sockets layer certificates, authorization tokens, basic authentication, Kerberos authentication, remote authentication dial in user service (RADIUS), and security assertion markup language (SAML) mechanisms, and differs from the second authentication credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Stevens, Karl, Hall, John, Wang, Steven, Natarajan, Senthil, Hoos, Jason, Xue, Yunjiao

Granted Patent

US 9,641,504 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04W 12/069   using certificates or pre-s...

H04W 4/60   Subscription-based services...

HTTP HEADER-BASED ADAPTABLE AUTHENTICATION MECHANISM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

HTTP HEADER-BASED ADAPTABLE AUTHENTICATION MECHANISM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others