Methods and systems for imaging device credential management
First Claim
Patent Images
1. A method for providing single-credential access to multiple, distinct, restricted imaging device services wherein a unique credential is required for each service, said method comprising:
- sending credential menu content to an application programming interface (API) on an imaging device (IDev), wherein said credential menu content comprises a prompt for user input of user sign-on credentials and wherein said credential menu content is in the form of a markup language message formatted to be translated by a user interface processor on said IDev;
receiving an authenticated user identification, wherein said authenticated user identification is received as user input in response to displaying said credential menu content on a display of said IDev and wherein said user input is authenticated at an accounting application (AcctApp) remote to said IDev;
maintaining a user credential data table relating a plurality of unique service credentials to said authenticated user identification;
generating a single-sign-on (SSO) token, in response to said receiving an authenticated user identification, wherein said SSO token relates, using said user credential data table, said authenticated user identification to said plurality of unique service credentials for a user identified in said authenticated user identification and wherein said SSO token can be exchanged by one of said unique services for a corresponding one of said unique user service credentials;
sending said SSO token to said IDev;
receiving said SSO token from one of said unique services; and
sending to said one of said unique services, in exchange for said SSO token, said corresponding one of said unique user service credentials for authentication of the sent unique service credentials at said one of said unique services.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.
349 Citations
11 Claims
-
1. A method for providing single-credential access to multiple, distinct, restricted imaging device services wherein a unique credential is required for each service, said method comprising:
-
sending credential menu content to an application programming interface (API) on an imaging device (IDev), wherein said credential menu content comprises a prompt for user input of user sign-on credentials and wherein said credential menu content is in the form of a markup language message formatted to be translated by a user interface processor on said IDev; receiving an authenticated user identification, wherein said authenticated user identification is received as user input in response to displaying said credential menu content on a display of said IDev and wherein said user input is authenticated at an accounting application (AcctApp) remote to said IDev; maintaining a user credential data table relating a plurality of unique service credentials to said authenticated user identification; generating a single-sign-on (SSO) token, in response to said receiving an authenticated user identification, wherein said SSO token relates, using said user credential data table, said authenticated user identification to said plurality of unique service credentials for a user identified in said authenticated user identification and wherein said SSO token can be exchanged by one of said unique services for a corresponding one of said unique user service credentials; sending said SSO token to said IDev; receiving said SSO token from one of said unique services; and sending to said one of said unique services, in exchange for said SSO token, said corresponding one of said unique user service credentials for authentication of the sent unique service credentials at said one of said unique services. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for providing single-credential access to multiple, distinct, restricted services wherein a unique credential is required for each service, said method comprising:
-
sending credential menu content to an application programming interface (API) on an imaging device (IDev), wherein said credential menu content comprises a prompt for user input of user sign-on credentials and wherein said credential menu content is in the form of a markup language message formatted to be translated by a user interface processor on said IDev; receiving an authenticated user identification, wherein said authenticated user identification is received as user input in response to displaying said credential menu content on a display of said IDev and wherein said user input is authenticated at an accounting application (AcctApp) remote to said IDev; maintaining a user credential data table relating a plurality of unique service credentials to said authenticated user identification; generating a single-sign-on (SSO) token, in response to said receiving an authenticated user identification, wherein said SSO token relates, using said user credential data table, said authenticated user identification to said plurality of unique service credentials for a user identified in said authenticated user identification and wherein said SSO token can be exchanged by one of said unique services for a corresponding one of said unique user service credentials; sending said SSO token to said IDev; receiving said SSO token from said one of said unique services; matching said SSO token to said corresponding one of said unique user service credentials; and sending said one of said unique user service credentials, in exchange for said SSO token, to said one of said unique services for authentication of the sent unique service credentials at said one of said unique services. - View Dependent Claims (7, 8, 9)
-
-
10. An apparatus for providing single-credential access to multiple, distinct, restricted services wherein a unique credential is required for each service, said apparatus comprising:
-
a menu content sender for sending credential menu content to an application programming interface (API) on an imaging device (IDev), wherein said sender comprises a formatter for formatting said credential menu content comprising a prompt for user input of user sign-on credentials and wherein said credential menu content is in the form of a markup language message formatted to be translated by a user interface processor on said IDev; a receiver for receiving an authenticated user identification from an accounting application (AcctApp) remote to said IDev and remote to said receiver, wherein said authenticated user identification is received as user input in response to displaying said credential menu content on a display of said IDev and wherein said user input is authenticated at said AcctApp; a user credential data table relating a plurality of unique service credentials to said authenticated user identification; an single sign-on (SSO) token generator for generating an SSO token, in response to said receiving an authenticated user identification, wherein said SSO token relates, using said user credential data table, said authenticated user identification to said plurality of unique service credentials for a user identified in said authenticated user identification and wherein said SSO token can be exchanged by one of said unique services for a corresponding one of said unique user service credentials; a token sender for sending said SSO token to said IDev; a token receiver for receiving said SSO token from one of said unique services; and a credential sender sending to said one of said unique services, in exchange for said SSO token, said corresponding one of said unique user service credentials for authentication of the sent unique service credentials at said one of said unique services. - View Dependent Claims (11)
-
Specification