E-mail based user authentication
First Claim
Patent Images
1. A method comprising:
- receiving, at an e-mail server, a Simple Mail Transfer Protocol (SMTP) message that includes header-level information that identifies the SMTP message as a message relating to e-mail based user authentication, wherein the SMTP message includes an authentication ticket from a third-party service provider, and wherein the authentication ticket is received in response to an access request relating to resources of the third-party service provider;
processing, at the e-mail server, the header-level information to give the message relating to e-mail based user authentication additional priority compared to an e-mail message received at the e-mail server, to cause the authentication ticket to be acted upon prior to an end of an expiration period associated with the authentication ticket; and
forwarding the authentication ticket from the e-mail server to a user name associated with an e-mail address included in the access request, the authentication ticket including an identification of the third-party service provider that is to be presented to a user via a user interface after the user has logged into an e-mail account associated with the e-mail address via the e-mail server, wherein the user interface allows the user to either grant permission to send the authentication ticket to the third-party service provider or deny permission to send the authentication ticket to the third-party service provider.
2 Assignments
0 Petitions
Accused Products
Abstract
E-mail based user authentication is described herein. A user can access resources of a service provider by submitting only an e-mail address to which the user has access. The service provider generates an authentication ticket corresponding to the user'"'"'s login request, and transmits the authentication ticket to the e-mail service provider indicated by the submitted e-mail address. The e-mail service provider processes the authentication ticket, and enables either approval or denial of the authentication ticket, whether by explicit user action or by automated processing.
49 Citations
16 Claims
-
1. A method comprising:
-
receiving, at an e-mail server, a Simple Mail Transfer Protocol (SMTP) message that includes header-level information that identifies the SMTP message as a message relating to e-mail based user authentication, wherein the SMTP message includes an authentication ticket from a third-party service provider, and wherein the authentication ticket is received in response to an access request relating to resources of the third-party service provider; processing, at the e-mail server, the header-level information to give the message relating to e-mail based user authentication additional priority compared to an e-mail message received at the e-mail server, to cause the authentication ticket to be acted upon prior to an end of an expiration period associated with the authentication ticket; and forwarding the authentication ticket from the e-mail server to a user name associated with an e-mail address included in the access request, the authentication ticket including an identification of the third-party service provider that is to be presented to a user via a user interface after the user has logged into an e-mail account associated with the e-mail address via the e-mail server, wherein the user interface allows the user to either grant permission to send the authentication ticket to the third-party service provider or deny permission to send the authentication ticket to the third-party service provider. - View Dependent Claims (2, 3)
-
-
4. A method comprising:
-
receiving, from a computing device, an e-mail address in connection with a request to access resources of a service provider; identifying a third party e-mail server associated with the e-mail address; sending an electronic message to the third party e-mail server, wherein the electronic message includes; header-level information that identifies the electronic message as a message relating to e-mail based user authentication, the header-level information to be processed by the third party e-mail server to give the message relating to e-mail based user authentication additional priority compared to an e-mail message received at the third party e-mail server; and an authentication ticket, the authentication ticket to be forwarded from the third party e-mail server to the computing device after the third party e-mail server has received one or more authentication credentials required to log into an e-mail account associated with the e-mail address; receiving disposition data from the computing device, wherein the disposition data does not include the one or more authentication credentials submitted to the third party e-mail server to log into the e-mail account; dispositioning the authentication ticket based on the disposition data received from the computing device; and dispositioning the request based upon at least the disposition of the authentication ticket, wherein; the request is denied when the authentication ticket is not approved within a predefined time interval; and the request is granted when the authentication ticket is approved within the predefined time interval. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
submitting one or more authentication credentials to an e-mail server to log into an e-mail account associated with an e-mail address; receiving, via a web browser, a request for access to resources of a service provider, wherein the request includes the e-mail address but does not include the one or more authentication credentials submitted to the e-mail server to log into the e-mail account; polling the e-mail server about every second for about five seconds by querying the e-mail server for an authentication ticket generated by the service provider; and automatically forwarding disposition data that includes the authentication ticket received from the e-mail server to the service provider for disposition of the request for access to resources of the service provider, wherein; the disposition data does not include the one or more authentication credentials submitted to the e-mail server to log into the e-mail account; at least a portion of the authentication ticket is sent as header-level information to the service provider; and the service provider processes the at least a portion of the authentication ticket sent as header-level information with a higher priority than an e-mail message, to cause the authentication ticket to be acted upon prior to an end of an expiration period associated with the authentication ticket. - View Dependent Claims (15, 16)
-
Specification