Service provider invocation

US 8,010,783 B1
Filed: 03/14/2005
Issued: 08/30/2011
Est. Priority Date: 04/15/2004
Status: Active Grant

First Claim

Patent Images

1. A method for invoking a service provider, the method comprising:

receiving a first service request at a server of a service provider configured to provide data delivery service, the first service request including a security token;

determining, with the server, whether the security token is valid for all service requests;

if the security token is valid, determining a session security token and generating a first service response including the session security token;

receiving a second service request at the server of the service provider, the second service request including the session security token;

determining, with the server, whether the session security token is valid;

if the session security token is valid, generating a second service response;

determining, after the first service response including the session security token has been generated, whether the security token has become invalid; and

if the security token has become invalid, revoking the session security token.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A service provider may provide one or more services to and/or for a client. Providing a service may involve receiving a service request including a security token at the service provider and determining whether the security token is valid. Providing the service may also involve determining a session security token if the security token is valid and generating a service response including the session security token. Providing the service may further involve receiving a service request including the session security token, determining whether the session security token is valid, and, if the session security token is valid, generating a second service response.

112 Citations

View as Search Results

19 Claims

1. A method for invoking a service provider, the method comprising:
- receiving a first service request at a server of a service provider configured to provide data delivery service, the first service request including a security token;
  
  determining, with the server, whether the security token is valid for all service requests;
  
  if the security token is valid, determining a session security token and generating a first service response including the session security token;
  
  receiving a second service request at the server of the service provider, the second service request including the session security token;
  
  determining, with the server, whether the session security token is valid;
  
  if the session security token is valid, generating a second service response;
  
  determining, after the first service response including the session security token has been generated, whether the security token has become invalid; and
  
  if the security token has become invalid, revoking the session security token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein determining the session security token comprises:
    - determining whether the session security token should be generated; and
      
      if the session security token should be generated, generating the session security token.
  - 3. The method of claim 1, wherein the second service response comprises a message with a header, the header specifying that future service requests should be sent to a different server.
  - 4. The method of claim 1, further comprising:
    - determining whether the session security token has become invalid; and
      
      if the session security token has become invalid, revoking the session security token.
  - 5. The method of claim 1, further comprising:
    - determining whether a request to update the session security token has been received; and
      
      if the request to update the session security token has been received, validating the request and modifying the validity period of the session security token if the request is valid.
  - 6. The method of claim 5, wherein updating the session security token does not occur if the session security token has expired.
  - 7. The method of claim 1, further comprising:
    - receiving a third service request at the service provider, the third service request including the session security token;
      
      determining whether the session security token is valid; and
      
      if the session security token is valid, determining a second session security token and generating a third service response including the second session security token;
      
      wherein the second session security token is used in providing the third data service concurrently with the session security token being used to provide the second data service.
  - 8. The method of claim 1, wherein the requests and responses are expressed in a self-describing protocol.
  - 9. The method of claim 8, wherein the protocol comprises the Simple Object Access Protocol.
  - 10. The method of claim 8, wherein:
    - the security token is received in a first request header type; and
      
      the session security token is received in a second request header type.
  - 11. The method of claim 1, wherein:
    - the first service request comprises a data service request;
      
      the service provider comprises a data service provider; and
      
      the session security token comprises a data session security token.
  - 12. The method of claim 1, wherein the security token is generated by a service infrastructure for the service provider.
  - 13. The method of claim 12, wherein the service infrastructure is configured to:
    - determine the availability of one or more service providers; and
      
      determine security tokens for the available service providers.
  - 14. The method of claim 12, wherein the service provider and the service infrastructure utilize a common server.
  - 15. The method of claim 1, wherein:
    - the security token comprises an externally-generated security token, and the session security token comprises a self-determined security token; and
      
      the method further comprises;
      
      substituting the externally-generated security token with the self-determined security token such that a third service request utilizes the self-determined token;
      
      receiving the third service request at the server of the service provider;
      
      determining if the third service request is valid; and
      
      upon determining that the third service request is valid, generating a third service response.
  - 16. The method of claim 15, further comprising updating the self-determined security token at the service provider.

17. A method for invoking a service provider, the method comprising:
- receiving a service discovery request at a first server of a service infrastructure for a plurality of service providers;
  
  determining, with the first server of the service infrastructure, the availability of one or more service providers;
  
  determining, with the first server of the service infrastructure, security tokens for the available service providers;
  
  generating, with the first server, a response at the service infrastructure, the response including the available service providers and their security tokens;
  
  receiving a first service request at a second server of a service provider associated with the service infrastructure, the service provider configured to provide a data delivery service, and the first service request including the security token associated with the service provider;
  
  determining, with the second server of the service provider, whether the security token is valid for all service requests;
  
  if the security token is valid, determining a session security token at the service provider and generating a first service response including the session security token;
  
  receiving a second service request at the second server of the service provider, the second service request including the session security token;
  
  determining, with the second server of the service provider, whether the session security token is valid;
  
  if the session security token is valid, generating a second service response at the service provider;
  
  determining whether the security token has become invalid after the first service response including the session security token has been generated; and
  
  if the security token has become invalid, revoking the session security token.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, further comprising:
    - determining whether a request to update the session security token has been received; and
      
      if a request to update the session security token has been received, validating the request and modifying the validity period of the session security token if the request is valid.
  - 19. The method of claim 17, further comprising:
    - receiving a third service request at the service provider, the third service request including the session security token;
      
      determining whether the session security token is valid; and
      
      if the session security token is valid, determining a second session security token and generating a third service response including the second session security token;
      
      wherein the second session security token is used in providing the third data delivery service concurrently with the session security token being used to provide the second data delivery service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
AOL Inc. (Apollo Global Management, Inc.)
Inventors
Cahill, Conor P
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
HO, VIRGINIA T

Application Number

US11/079,709
Time in Patent Office

2,360 Days
Field of Search

None
US Class Current

713/155
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 65/1066   Session management

H04L 65/1104   Session initiation protocol...

Service provider invocation

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

112 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Service provider invocation

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

112 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links