Single Sign-On Solution Using Blockchain

US 20190163896A1
Filed: 11/28/2017
Published: 05/30/2019
Est. Priority Date: 11/28/2017
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by an API in electronic communication with a blockchain node, a registration request comprising a registration credential;

determining, by the blockchain node and using a smart contract, whether the registration credential exists in a blockchain on the blockchain node;

writing, by the blockchain node and via the smart contract, the registration credential to the blockchain in response to determining that the registration credential did not exist in the blockchain; and

propagating, by the blockchain node in electronic communication with a peer-to-peer network, the registration credential to at least a second blockchain node in the peer-to-peer network for writing to the blockchain.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A single sign-on system using blockchain is disclosed. The single sign-on system may interconnect various organization systems over a peer-to-peer network, with each organization system having a blockchain node and an application programming interface (API). The blockchain node invokes and uses a smart contract to write registration credentials to the blockchain during a registration process. During a login process, the blockchain node invokes the smart contract to determine whether login credentials match stored login credentials in the blockchain. In response to matching login credentials, the API may generate a single sign-on token that can be used by a user device to access one or more organization systems connected over the network.

125 Citations

20 Claims

1. A method comprising:
- receiving, by an API in electronic communication with a blockchain node, a registration request comprising a registration credential;
  
  determining, by the blockchain node and using a smart contract, whether the registration credential exists in a blockchain on the blockchain node;
  
  writing, by the blockchain node and via the smart contract, the registration credential to the blockchain in response to determining that the registration credential did not exist in the blockchain; and
  
  propagating, by the blockchain node in electronic communication with a peer-to-peer network, the registration credential to at least a second blockchain node in the peer-to-peer network for writing to the blockchain.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising generating, by the API, a hash password based on the registration credential, wherein the smart contract determines whether the registration credential exists in the blockchain by searching the blockchain based on the hash password and the registration credential.
  - 3. The method of claim 1, further comprising:
    - receiving, by the API, a login credential; and
      
      determining, by the blockchain node and using the smart contract, whether the login credential matches a stored login credential in the blockchain on the blockchain node.
  - 4. The method of claim 3, further comprising generating, by the API, a hash login password based on the login credential, wherein the smart contract determines whether the login credential matches the stored login credential in the blockchain by comparing the hash login password to a stored hash login password.
  - 5. The method of claim 3, further comprising generating, by the API, a single sign-on token based on the login credential in response to the login credential matching the stored login credential.
  - 6. The method of claim 5, further comprising transmitting, by the API, the single sign-on token to a user device, wherein in response to receiving the single sign-on token the user device is granted access to systems in the peer-to-peer network.
  - 7. The method of claim 3, further comprising:
    - receiving, by the API, an access request from the user device, wherein the access request comprises the single sign-on token; and
      
      verifying, by the API, the single sign-on token to authorize the access request from the user device.

8. A computer-based system for balancing and control of message transfers, comprising:
- a processor;
  
  a tangible, non-transitory memory configured to communicate with the processor, the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause a single sign-on system to perform operations comprising;
  
  receiving, by the single sign-on system, a registration request comprising a registration credential;
  
  determining, by the single sign-on system in electronic communication with a blockchain node and using a smart contract, whether the registration credential exists in a blockchain on the blockchain node;
  
  writing, by the single sign-on system and via the blockchain node, the registration credential to the blockchain in response to determining that the registration credential did not exist in the blockchain; and
  
  propagating, by the single sign-on system in electronic communication with a peer-to-peer network, the registration credential to at least a second blockchain node in the peer-to-peer network for writing to the blockchain.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-based system of claim 8, further comprising generating, by the single sign-on system, a hash password based on the registration credential, wherein the smart contract determines whether the registration credential exists in the blockchain by searching the blockchain based on the hash password and the registration credential.
  - 10. The computer-based system of claim 8, further comprising:
    - receiving, by the single sign-on system, a login credential; and
      
      determining, by the single sign-on system and via the blockchain node and using the smart contract, whether the login credential matches a stored login credential in the blockchain on the blockchain node.
  - 11. The computer-based system of claim 10, further comprising generating, by the single sign-on system, a hash login password based on the login credential, wherein the smart contract determines whether the login credential matches the stored login credential in the blockchain by comparing the hash login password to a stored hash login password.
  - 12. The computer-based system of claim 10, further comprising generating, by the single sign-on system, a single sign-on token based on the login credential in response to the login credential matching the stored login credential.
  - 13. The computer-based system of claim 12, further comprising transmitting, by the single sign-on system, the single sign-on token to a user device, wherein in response to receiving the single sign-on token the user device is granted access to systems in the peer-to-peer network.
  - 14. The computer-based system of claim 13, further comprising:
    - receiving, by the single sign-on system, an access request from the user device, wherein the access request comprises the single sign-on token; and
      
      verifying, by the single sign-on system, the single sign-on token to authorize the access request from the user device.

15. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a single sign-on system, cause the single sign-on system to perform operations comprising:
- receiving, by the single sign-on system, a registration request comprising a registration credential;
  
  determining, by the single sign-on system in electronic communication with a blockchain node and using a smart contract, whether the registration credential exists in a blockchain on the blockchain node;
  
  writing, by the single sign-on system and via the blockchain node, the registration credential to the blockchain in response to determining that the registration credential did not exist in the blockchain; and
  
  propagating, by the single sign-on system in electronic communication with a peer-to-peer network, the registration credential to at least a second blockchain node in the peer-to-peer network for writing to the blockchain.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The article of manufacture of claim 15, further comprising generating, by the single sign-on system, a hash password based on the registration credential, wherein the smart contract determines whether the registration credential exists in the blockchain by searching the blockchain based on the hash password and the registration credential.
  - 17. The article of manufacture of claim 15, further comprising:
    - receiving, by the single sign-on system, a login credential; and
      
      determining, by the single sign-on system and via the blockchain node and using the smart contract, whether the login credential matches a stored login credential in the blockchain on the blockchain node.
  - 18. The article of manufacture of claim 17, further comprising generating, by the single sign-on system, a hash login password based on the login credential, wherein the smart contract determines whether the login credential matches the stored login credential in the blockchain by comparing the hash login password to a stored hash login password.
  - 19. The article of manufacture of claim 17, further comprising generating, by the single sign-on system, a single sign-on token based on the login credential in response to the login credential matching the stored login credential.
  - 20. The article of manufacture of claim 15, transmitting, by the API, the single sign-on token to a user device, wherein in response to receiving the single sign-on token the user device is granted access to systems in the peer-to-peer network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Balaraman, Balaji, Ferenczi, Andras L., Gale, Dallas L., Jadhav, Nilesh Yashavant, Naik, Harish R.

Granted Patent

US 10,642,967 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/27   Replication, distribution o...

G06F 16/958   Organisation or management ...

G06F 21/41   where a single sign-on prov...

G06F 21/64   Protecting data integrity, ...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0815   providing single-sign-on or...

H04L 63/12   Applying verification of th...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3226   using a predetermined code,...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/50   using hash chains, e.g. blo...

Single Sign-On Solution Using Blockchain

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

125 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Single Sign-On Solution Using Blockchain

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

125 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links