E-mail based user authentication
First Claim
Patent Images
1. A method comprising:
- receiving at least one e-mail address from a given user in connection with a request submitted by the given user to access resources of a service provider, the e-mail address corresponding to one of a plurality of email addresses, each email address corresponding to a different third-party e-mail server to which the given user has access, wherein each e-mail address is associated with a different level of trust relative to the other e-mail addresses;
sending at least one authentication ticket to a third-party e-mail server corresponding to the at least one e-mail address, the third-party e-mail server being chosen based upon the at least one e-mail address received from the given user, wherein sending the at least one authentication ticket includes;
sending a key, a pass code, and an associated predefined time interval with the at least one authentication ticket, wherein the key uniquely identifies the at least one authentication ticket, and wherein the at least one authentication ticket is sent as header-level information to the third-party e-mail server and the third party e-mail server processes authentication tickets sent as header-level information with a high priority as compared to e-mail messages that enable the authentication ticket to be acted upon prior to an end of the associated predefined time interval; and
referencing a first field for the identification of the given user and a second field for the identification of the service provider;
receiving at least one of an additional key and an additional pass code, from a user device, after sending the at least one authentication ticket to the third-party e-mail server corresponding to the at least one e-mail address;
dispositioning the authentication ticket; and
dispositioning the request submitted by the user device based upon the disposition of the authentication ticket, wherein dispositioning the authentication request includes approving the authentication ticket when the at least one of the additional key and pass code matches one of the key and the pass code of the at least one authentication ticket sent to the third-party e-mail server.
2 Assignments
0 Petitions
Accused Products
Abstract
E-mail based user authentication is described herein. A user can access resources of a service provider by submitting only an e-mail address to which the user has access. The service provider generates an authentication ticket corresponding to the user'"'"'s login request, and transmits the authentication ticket to the e-mail service provider indicated by the submitted e-mail address. The e-mail service provider processes the authentication ticket, and enables either approval or denial of the authentication ticket, whether by explicit user action or by automated processing.
-
Citations
10 Claims
-
1. A method comprising:
-
receiving at least one e-mail address from a given user in connection with a request submitted by the given user to access resources of a service provider, the e-mail address corresponding to one of a plurality of email addresses, each email address corresponding to a different third-party e-mail server to which the given user has access, wherein each e-mail address is associated with a different level of trust relative to the other e-mail addresses; sending at least one authentication ticket to a third-party e-mail server corresponding to the at least one e-mail address, the third-party e-mail server being chosen based upon the at least one e-mail address received from the given user, wherein sending the at least one authentication ticket includes; sending a key, a pass code, and an associated predefined time interval with the at least one authentication ticket, wherein the key uniquely identifies the at least one authentication ticket, and wherein the at least one authentication ticket is sent as header-level information to the third-party e-mail server and the third party e-mail server processes authentication tickets sent as header-level information with a high priority as compared to e-mail messages that enable the authentication ticket to be acted upon prior to an end of the associated predefined time interval; and referencing a first field for the identification of the given user and a second field for the identification of the service provider; receiving at least one of an additional key and an additional pass code, from a user device, after sending the at least one authentication ticket to the third-party e-mail server corresponding to the at least one e-mail address; dispositioning the authentication ticket; and dispositioning the request submitted by the user device based upon the disposition of the authentication ticket, wherein dispositioning the authentication request includes approving the authentication ticket when the at least one of the additional key and pass code matches one of the key and the pass code of the at least one authentication ticket sent to the third-party e-mail server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 10)
-
-
8. A method comprising:
-
presenting an interface on a computing device to a given user; receiving, through the interface, a request for access to a resource of a service provider; obtaining, through the interface, an e-mail address from a plurality of e-mail addresses associated with the given user, and wherein each e-mail address corresponds to a different third-party e-mail server and is associated with a different level of trust relative to the other email addresses; authenticating, by the computing device, with an e-mail server associated with the e-mail address; sending the request for access and the e-mail address to the service provider; receiving, by the computing device, an authentication ticket from the e-mail server, the receiving comprising polling the email server about every second for about 5 seconds by querying the email server for the authentication ticket, the authentication ticket comprising; a key, a pass code, an associated expiration period, and a first field referencing the identification of the given user and a second field referencing the identification of the service provider; sending, by the interface, at least a portion of the authentication ticket to the service provider, wherein the at least a portion of the authentication ticket is sent as header-level information to the service provider and the service provider processes the at least a portion of the authentication ticket sent as header-level information with a high priority as compared to an e-mail message, enabling the authentication ticket to be acted upon prior to an end of the associated expiration period; receiving, by the interface, an indication of a disposition of the request for access, wherein the disposition is based on the at least a portion of the authentication ticket; and receiving, by the computing device, access to the resource of the service provider. - View Dependent Claims (9)
-
Specification