Using a trusted token and push for validating the request for single sign on
First Claim
1. A distributed computer-implemented method for providing access to an enterprise application from a telecommunications device, the method comprising:
- in a client;
requesting an enterprise application token from an intermediate application gateway (IAG) using a dataset comprising a device identifier, a user identifier, or both a device identifier and a user identifier;
in an IAG;
preparing an enterprise application token in response to the request,pushing a first portion of the prepared token to a user-centered address associated with the telecommunications device via a push technology network element;
pushing a second portion of the prepared token to a device-centered address associated with the telecommunications device via the push technology network element;
in the client;
receiving the first portion of the prepared token and second portion of the prepared token;
assembling the first portion and second portion into a token; and
employing the assembled token in communications addressed to an enterprise application stored on one or more application servers via a device server and the IAG with the device server and the IAG interposed between the telecommunications device and the one or more application servers;
in the IAG;
replacing the employed token in each communication with identification information called for by the enterprise application; and
sending the communication with the identification information to the enterprise application.
7 Assignments
0 Petitions
Accused Products
Abstract
Providing access to an enterprise application from a telecommunications device via a client, through a device server, and an intermediate application gateway (IAG), is disclosed. The server is communication with the client and the IAG. The IAG and client are in indirect communication via the server. The client is operative to request an enterprise application token from the IAG using a dataset comprising a device identifier and a user identifier, without concurrently prompting a user for the dataset. The IAG is operative to prepare a token in response to the request, and push the token to an e-mail address associated with the telecommunications device via the server'"'"'s push proxy gateway. The client is operative to employ the token in communications addressed to an enterprise application via the server and the IAG. The IAG is operative to replace the token in each communication with identification information called for by the enterprise application.
-
Citations
18 Claims
-
1. A distributed computer-implemented method for providing access to an enterprise application from a telecommunications device, the method comprising:
-
in a client; requesting an enterprise application token from an intermediate application gateway (IAG) using a dataset comprising a device identifier, a user identifier, or both a device identifier and a user identifier; in an IAG; preparing an enterprise application token in response to the request, pushing a first portion of the prepared token to a user-centered address associated with the telecommunications device via a push technology network element; pushing a second portion of the prepared token to a device-centered address associated with the telecommunications device via the push technology network element; in the client; receiving the first portion of the prepared token and second portion of the prepared token; assembling the first portion and second portion into a token; and employing the assembled token in communications addressed to an enterprise application stored on one or more application servers via a device server and the IAG with the device server and the IAG interposed between the telecommunications device and the one or more application servers; in the IAG; replacing the employed token in each communication with identification information called for by the enterprise application; and sending the communication with the identification information to the enterprise application. - View Dependent Claims (2, 3, 4)
-
-
5. A system for providing access to an enterprise application from a telecommunications device, the system comprising:
-
the telecommunications device comprising a client application; a device server comprising a push technology network element; and an intermediate application gateway (IAG); wherein; the device server is in communication with the client and the IAG; the IAG and client are in indirect communication via the device server; the client is operative to request an enterprise application token from the IAG using the dataset comprising at least one of;
a device identifier and a user identifier;the IAG is operative to; prepare an enterprise application token in response to the request, and push a first portion of the prepared token to a user-centered address associated with the telecommunications device; push a second portion of the prepared token to a device-centered address associated with the telecommunications device; the client is operative to; receive the first portion of the prepared token and second portion of the prepared token; assemble the first portion and second portion into a token; employ the assembled token in communications addressed to an enterprise application stored on one or more application servers via the device server and the IAG with the device server and the IAG interposed between the telecommunications device and the one or more application servers; and the IAG is operative to; replace the token in each communication with identification information called for by the enterprise application; and send the communication with the identification information to the enterprise application. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. A distributed computer program product for providing access to an enterprise application from a telecommunications device, the computer program product comprising:
-
non-transitory computer readable media distributed across a client, a device server comprising a push proxy gateway, and an intermediate application gateway (IAG); a client programming module; stored on the media, and operative to; request an enterprise application token from the IAG using the dataset comprising at least one of;
a device identifier and a user identifier;receive a first portion of a prepared token and a second portion of the prepared token; assemble the first portion and second portion into a token; employ the assembled token in communications addressed to an enterprise application stored on one or more application servers via the device server and the IAG with the device server and the IAG interposed between the telecommunications device and the one or more application servers; an IAG programming module; stored on the media, and operative to; prepare an enterprise application token in response to the request, push the first portion of the prepared token to a user-centered address associated with the telecommunications device via the push proxy gateway; push the second portion of the prepared token to a device-centered address associated with the telecommunications device via the push proxy gateway; replace the token in each communication with identification information called for by the enterprise application; and send the communication with the identification information to the enterprise application; and a device server programming module; stored on the media, and operative to communicate between a plurality of devices and an IAG. - View Dependent Claims (12, 13, 14)
-
-
15. A system for providing access to an enterprise application from a telecommunications device, the system comprising:
-
the telecommunications device comprising a client application; a device server comprising a push proxy gateway and an HTTP gateway; and an intermediate application gateway (IAG); wherein; the device server is communication with the client and the IAG; the IAG and client are in indirect communication via the device server; the client is operative to request an enterprise application token from the IAG using the dataset comprising at least one of;
a device identifier and a user identifier;the IAG is operative to; prepare an enterprise application token in response to the request, push a first portion of the prepared token to a user-centered address associated with the telecommunications device via the push proxy gateway; push a second portion of the prepared token to a device-centered address associated with the telecommunications device via the push proxy gateway the client is operative to; receive the first portion and second portion; assemble the first portion and second portion into a token; employ the assembled token in communications addressed to an enterprise application stored on one or more application servers via the device server and the IAG with the device server and the IAG interposed between the telecommunications device and the one or more application servers; and the IAG is operative to; replace the token in each communication with identification information called for by the enterprise application; and send the communication with the identification information to the enterprise application. - View Dependent Claims (16, 17, 18)
-
Specification