Authentication of handheld devices for access to applications

US 7,404,085 B2
Filed: 09/03/2004
Issued: 07/22/2008
Est. Priority Date: 09/03/2004
Status: Active Grant

First Claim

Patent Images

1. A system for authenticating access comprising:

a processor;

a memory coupled to said processor; and

an authentication environment residing in said first memory and executed by said first processor, said authentication environment comprising;

an application, responsive to an electronic communication from a mobile device, to retrieve addressing information therefrom identifying an origin address of the communication;

a user management engine adapted to;

retrieve a certification from storage using said origin address,determine from said certification whether a user of the mobile device is authorized access, andgenerate a ticket that will allow a user to remain logged on for a period of time set by an administrator; and

a user store to process a query received from said user management engine and retrieve data stored that can be used to identify authorized users.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method and system for communicating via a handheld device to Internet applications such as customer relationship management applications. Automatically generated user information, such as an electronic mail (e-mail) address, containing a certification key is used to authenticate a mobile user'"'"'s access to Internet applications. Access from mobile devices, such as personal data assistants, is possible because no password is required to log in. Other security measures may be used in conjunction with providing user information to ensure access only to authorized users.

Citations

20 Claims

1. A system for authenticating access comprising:
- a processor;
  
  a memory coupled to said processor; and
  
  an authentication environment residing in said first memory and executed by said first processor, said authentication environment comprising;
  
  an application, responsive to an electronic communication from a mobile device, to retrieve addressing information therefrom identifying an origin address of the communication;
  
  a user management engine adapted to;
  
  retrieve a certification from storage using said origin address,determine from said certification whether a user of the mobile device is authorized access, andgenerate a ticket that will allow a user to remain logged on for a period of time set by an administrator; and
  
  a user store to process a query received from said user management engine and retrieve data stored that can be used to identify authorized users.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 15)
- - 2. The system of claim 1, further comprising a wireless network that is coupled to said processor and to one or more mobile devices.
  - 3. The system of claim 1, further comprising a mobile data server coupled to said processor via a secured connection to convert signals to and from an information network communications protocol.
  - 4. The system of claim 3, further comprising:
    - a wireless network coupled to said mobile data server to transmit signals to and from said mobile data server; and
      
      one or more mobile devices coupled to said wireless network to attempt to access said processor.
  - 5. The system of claim 4, further comprising:
    - a firewall connected to said wireless network and to said mobile data server to protect said processor from electronic attacks.
  - 6. The system of claim 1, further comprising an application database storing a customer relationship management application.
  - 7. The system of claim 1, wherein the communication is an electronic mail message and said origin address is a user electronic mail address.
  - 8. The system of claim 7, wherein said communication further includes a personal identification number associated with said mobile device, which is compared against a corresponding personal identification number stored by said authentication environment.
  - 9. The system of claim 7, wherein said communication further includes a telephone number associated with said mobile device, which is compared against a corresponding telephone number stored by said authentication environment.
  - 15. The system of claim 1, wherein the authentication environment operates without a password challenge posed directly to a user of the mobile device.

10. A method for authenticating access, comprising:
- parsing an electronic communication received from a handheld device and retrieving addressing data therefrom identifying an address of origin of the communication;
  
  retrieving a certificate from storage based on the address of origin to determine whether a user of the handheld device is authorized access;
  
  processing a query received from and retrieving data stored that identifies authorized users;
  
  authenticating access if said user is authorized; and
  
  generating a ticket that will allow a user to remain logged on for a period of time set by an administrator.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein said electronic communication comprises a user electronic mail address.
  - 12. The method of claim 10, wherein said electronic communication comprises a user electronic mail address and a personal identification number associated with said handheld device.
  - 13. The method of claim 10, wherein said electronic communication comprises a personal identification number or a telephone number.
  - 14. The method of claim 10, further comprising logging said user onto an Internet application.

16. A computer readable medium storing thereon program instructions that, when executed, cause an executing device to:
- parse an electronic communication received from a handheld device and retrieving addressing data therefrom identifying an address of origin of the communication;
  
  retrieve a certificate from storage based on the address of origin said addressing data to determine whether a user of the handheld device is authorized access;
  
  process a query received from and retrieving data stored about authorized users; and
  
  generate a ticket that will allow a user to remain logged on for a period of time set by an administrator.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer readable medium according to claim 16 further comprising instructions that cause the executing device to log said user onto an Internet application.
  - 18. The computer readable medium according to claim 16 wherein said electronic communication comprises a user electronic mail address.
  - 19. The computer readable medium according to claim 16 wherein said electronic communication comprises a user electronic mail address and a personal identification number associated with said handheld device.
  - 20. The computer readable medium according to claim 16 wherein said electronic communication comprises a personal identification number or a telephone number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Lacasse, Martin, Leblay, Jean-Francois
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US10/934,685
Publication Number

US 20060053480A1
Time in Patent Office

1,418 Days
Field of Search

382/115, 382/116, 705/18, 705/67, 713/186, 713/159, 713/185, 235/382, 726/4, 726/9
US Class Current

713/185
CPC Class Codes

G06F 21/35 communicating wirelessly

G06Q 20/3674 involving authentication

Authentication of handheld devices for access to applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of handheld devices for access to applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links