Method, system, and computer-readable storage medium for establishing a login session

US 8,561,157 B2
Filed: 09/23/2011
Issued: 10/15/2013
Est. Priority Date: 09/23/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a computing device, notification of a log-in event associated with a first login session wherein a user is logged in to the computing device based on a credential such that the user is authorized to access a resource of the computing device;

obtaining the credential from a first storage area;

storing the credential in a second storage area, the second storage area different from the first storage area;

determining whether the credential is valid;

during the first login session and in response to determining that the credential is valid, establishing, at the computing device, a second login session wherein the user is logged in to an application on the computing device by granting the user access to a resource of the application;

receiving, at the computing device, information indicating an event has occurred;

during the first login session and in response to the receiving the information indicating the event has occurred, terminating the second login session such that the user does not have access to the resource of the application;

in response to the terminating the second login session, retrieving the credential from the second storage area;

in response to the retrieving the credential from the second storage area, determining again whether the credential is valid; and

during the first login session and in response to determining again that the credential is valid, establishing, at the computing device, a third login session wherein the user is logged in to the application on the computing device by granting the user access to a resource of the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and computer-readable storage medium are provided. Embodiments of the invention include receiving notification of a log-in event associated with a first login session wherein a user is authorized to access a resource of a computing system based on a credential. During the first login session and in response to determining the credential is valid, a second login session is established by granting the user access to a resource of an application associated with the computing system. During the first login session and in response to receiving information indicating an event has occurred, the second login session is terminated such that the user does not have access to the resource of the application. And during the first login session and in response to determining again that the credential is valid, a third login session is established by granting the user access to a resource of the application.

31 Citations

View as Search Results

19 Claims

1. A method comprising:
- receiving, at a computing device, notification of a log-in event associated with a first login session wherein a user is logged in to the computing device based on a credential such that the user is authorized to access a resource of the computing device;
  
  obtaining the credential from a first storage area;
  
  storing the credential in a second storage area, the second storage area different from the first storage area;
  
  determining whether the credential is valid;
  
  during the first login session and in response to determining that the credential is valid, establishing, at the computing device, a second login session wherein the user is logged in to an application on the computing device by granting the user access to a resource of the application;
  
  receiving, at the computing device, information indicating an event has occurred;
  
  during the first login session and in response to the receiving the information indicating the event has occurred, terminating the second login session such that the user does not have access to the resource of the application;
  
  in response to the terminating the second login session, retrieving the credential from the second storage area;
  
  in response to the retrieving the credential from the second storage area, determining again whether the credential is valid; and
  
  during the first login session and in response to determining again that the credential is valid, establishing, at the computing device, a third login session wherein the user is logged in to the application on the computing device by granting the user access to a resource of the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - in response to the receiving the information indicating the event has occurred, determining whether to delete the credential from the second storage area,wherein the event comprises changing a configuration of the application.
  - 3. The method of claim 2, wherein the determining whether to delete the credential from the second storage area is based on whether the changing the configuration of the application includes a configuration change with respect to an authentication service.
  - 4. The method of claim 2, further comprising:
    - in response to determining to delete the credential from the second storage area, deleting the credential from the second storage area;
      
      in response to the deleting the credential from the second storage area, obtaining again the credential from the first storage area; and
      
      in response to the obtaining again the credential from the first storage area, storing again the credential in the second storage area,wherein the retrieving the credential from the second storage area comprises retrieving the credential stored again in the second storage area.
  - 5. The method of claim 1, wherein a transition from the second login session to the third login session occurs without prompting the user to provide a credential.
  - 6. The method of claim 1, further comprising:
    - obtaining domain information associated with the first login session, the domain information identifying a network domain; and
      
      determining whether the application is configured for the network domain.
  - 7. The method of claim 1, wherein the determining again whether the credential is valid comprises using a remote authentication service to determine whether the credential is valid.
  - 8. The method of claim 1, wherein the obtaining the credential from the first storage area comprises obtaining the credential from a memory shared by the application and one or more other applications on the computing device.
  - 9. The method of claim 1, wherein the computing device comprises an image processing device and wherein the application is configured to use a resource of the image processing device to perform an operation in response to an instruction from the user.

10. An apparatus comprising:
- one or more processors; and
  
  one or more computer-readable media coupled to the one or more processors, the one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
  
  receiving, at a computing device, notification of a log-in event associated with a first login session wherein a user is logged in to the computing device based on a credential such that the user is authorized to access a resource of the computing device;
  
  obtaining the credential from a first storage area;
  
  storing the credential in a second storage area, the second storage area different from the first storage area;
  
  determining whether the credential is valid;
  
  during the first login session and in response to determining that the credential is valid, establishing, at the computing device, a second login session wherein the user is logged in to an application on the computing device by granting the user access to a resource of the application;
  
  receiving, at the computing device, information indicating an event has occurred;
  
  during the first login session and in response to the receiving the information indicating the event has occurred, terminating the second login session such that the user does not have access to the resource of the application;
  
  in response to the terminating the second login session, retrieving the credential from the second storage area;
  
  in response to the retrieving the credential from the second storage area, determining again whether the credential is valid; and
  
  during the first login session and in response to determining again that the credential is valid, establishing, at the computing device, a third login session wherein the user is logged in to the application on the computing device by granting the user access to a resource of the application.

11. A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
- receiving, at a computing device, notification of a log-in event associated with a first login session wherein a user is logged in to the computing device based on a credential such that the user is authorized to access a resource of the computing device;
  
  obtaining the credential from a first storage area;
  
  storing the credential in a second storage area, the second storage area different from the first storage area;
  
  determining whether the credential is valid;
  
  during the first login session and in response to determining that the credential is valid, establishing, at the computing device, a second login session wherein the user is logged in to an application on the computing device by granting the user access to a resource of the application;
  
  receiving, at the computing device, information indicating an event has occurred;
  
  during the first login session and in response to the receiving the information indicating the event has occurred, terminating the second login session such that the user does not have access to the resource of the application;
  
  in response to the terminating the second login session, retrieving the credential from the second storage area;
  
  in response to the retrieving the credential from the second storage area, determining again whether the credential is valid; and
  
  during the first login session and in response to determining again that the credential is valid, establishing, at the computing device, a third login session wherein the user is logged in to the application on the computing device by granting the user access to a resource of the application.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The non-transitory computer-readable storage medium of claim 11, the operations further comprising:
    - in response to the receiving the information indicating the event has occurred, determining whether to delete the credential from the second storage area,wherein the event comprises changing a configuration of the application.
  - 13. The non-transitory computer-readable storage medium of claim 12, wherein the determining whether to delete the credential from the second storage area is based on whether the changing the configuration of the application includes a configuration change with respect to an authentication service.
  - 14. The non-transitory computer-readable storage medium of claim 12, the operations further comprising:
    - in response to determining to delete the credential from the second storage area, deleting the credential from the second storage area;
      
      in response to the deleting the credential from the second storage area, obtaining again the credential from the first storage area; and
      
      in response to the obtaining again the credential from the first storage area, storing again the credential in the second storage area,wherein the retrieving the credential from the second storage area comprises retrieving the credential stored again in the second storage area.
  - 15. The non-transitory computer-readable storage medium of claim 11, wherein a transition from the second login session to the third login session occurs without prompting the user to provide a credential.
  - 16. The non-transitory computer-readable storage medium of claim 11, the operations further comprising:
    - obtaining domain information associated with the first login session, the domain information identifying a network domain; and
      
      determining whether the application is configured for the network domain.
  - 17. The non-transitory computer-readable storage medium of claim 11, wherein the determining again whether the credential is valid comprises using a remote authentication service to determine whether the credential is valid.
  - 18. The non-transitory computer-readable storage medium of claim 11, wherein the obtaining the credential from the first storage area comprises obtaining the credential from a memory shared by the application and one or more other applications on the computing device.
  - 19. The non-transitory computer-readable storage medium of claim 11, wherein the computing device comprises an image processing device and wherein the application is configured to use a resource of the image processing device to perform an operation in response to an instruction from the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon USA, Inc. (Canon Inc.)
Original Assignee
Canon USA, Inc. (Canon Inc.)
Inventors
Ge, Jiuyuan
Primary Examiner(s)
Gee, Jason

Application Number

US13/242,361
Publication Number

US 20130081118A1
Time in Patent Office

753 Days
Field of Search

726/6
US Class Current

726/6
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

Method, system, and computer-readable storage medium for establishing a login session

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system, and computer-readable storage medium for establishing a login session

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links