AUTHORIZATION BASED ON ACCESS TOKEN

US 20160366592A1
Filed: 07/12/2016
Published: 12/15/2016
Est. Priority Date: 09/30/2014
Status: Active Grant

First Claim

Patent Images

1. A mobile device, comprising:

an authenticator to generate an authorization request with a secure token to access a server; and

a processor to access the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request,wherein the authenticator embeds the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device; and

wherein the plurality of parameters is chosen from the group consisting of;

a requesting mobile client device;

a third-party application; and

a scope of usage.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile device may include an authenticator and a processor. The authenticator may generate an authorization request with a secure token to access a server. The processor may access the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request. The authenticator may embed the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device.

15 Citations

21 Claims

1. A mobile device, comprising:
- an authenticator to generate an authorization request with a secure token to access a server; and
  
  a processor to access the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request,wherein the authenticator embeds the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device; and
  
  wherein the plurality of parameters is chosen from the group consisting of;
  
  a requesting mobile client device;
  
  a third-party application; and
  
  a scope of usage.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The mobile device of claim 1, wherein the secure token is embedded in the authorization request.
  - 3. The mobile device of claim 1, wherein the authorization token is based on a web session identification number.
  - 4. The mobile device of claim 1, wherein the authorization token is based on a time-stamp associated with the authorization request.
  - 5. The mobile device of claim 1, wherein the scope of usage is associated with at least one of data deletion, data modification, data read, data write, and data query.

6-10. -10. (canceled)

11. A method of a mobile device, comprising:
- generating, by an authenticator, an authorization request with a secure token to access a server; and
  
  accessing, by a processor, the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request,wherein the authenticator embeds the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device^.andwherein the plurality of parameters is chosen from the group consisting of;
  
  a requesting mobile client device;
  
  a third-party application; and
  
  a scope of usage.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, wherein the secure token is embedded in the authorization request.
  - 13. The method of claim 11, wherein the authorization token is based on a web session identification number.
  - 14. The method of claim 11, wherein the authorization token is based on a time-stamp associated with the authorization request.
  - 15. The method of claim 11, wherein the scope of usage is associated with at least one of data deletion, data modification, data read, data write, and data query.

16-20. -20. (canceled)

21. A method for implementation by one or more data processors forming part of at least one computing device, the method comprisinggenerating, by at least one data processor, an authorization request with a secure token to access a server;
- andaccessing, by at least one data processor processor, the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request,wherein the authorization request is embedded with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device; and
  
  wherein the plurality of parameters comprise;
  
  a requesting mobile client device;
  
  a third-party application, and a scope of usage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Mihaylov, Yanislav, Pavlov, Plamen

Granted Patent

US 9,736,694 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/10   for controlling access to d...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/08   Access security

AUTHORIZATION BASED ON ACCESS TOKEN

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

AUTHORIZATION BASED ON ACCESS TOKEN

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others