Authentication of a device with a service provider

US 8,893,239 B2
Filed: 09/14/2012
Issued: 11/18/2014
Est. Priority Date: 04/15/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

maintaining, on a non-transitory storage medium, user information associated with a user account for a service;

receiving, from a user device, a request to authenticate the user device to the service, wherein the request to authenticate the user device to the service comprises verification information, wherein the verification information comprises a username and a password;

sending, based on the verification information, authentication information to the user device, wherein the authentication information comprises a token;

receiving a request, from the user device, to access the service, wherein the request to access the service comprises the authentication information;

determining that the authentication information is no longer valid;

checking a validity of the verification information;

sending, in response to determining that the verification information is valid, new authentication information to the user device;

authenticating, based on the new authentication information, the user device for access to the service; and

providing, to the user device, access to the service.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A service provider may provide one or more services to and/or for a client. Providing a service may involve receiving a service request including a security token at the service provider and determining whether the security token is valid. Providing the service may also involve determining a session security token if the security token is valid and generating a service response including the session security token. Providing the service may further involve receiving a service request including the session security token, determining whether the session security token is valid, and, if the session security token is valid, generating a second service response.

Citations

20 Claims

1. A method comprising:
- maintaining, on a non-transitory storage medium, user information associated with a user account for a service;
  
  receiving, from a user device, a request to authenticate the user device to the service, wherein the request to authenticate the user device to the service comprises verification information, wherein the verification information comprises a username and a password;
  
  sending, based on the verification information, authentication information to the user device, wherein the authentication information comprises a token;
  
  receiving a request, from the user device, to access the service, wherein the request to access the service comprises the authentication information;
  
  determining that the authentication information is no longer valid;
  
  checking a validity of the verification information;
  
  sending, in response to determining that the verification information is valid, new authentication information to the user device;
  
  authenticating, based on the new authentication information, the user device for access to the service; and
  
  providing, to the user device, access to the service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein determining that the authentication information is no longer valid comprises determining that the time period is expired.
  - 3. The method of claim 1, further comprising:
    - receiving an initial request, from the user device, to access the service, wherein the initial request to access the service comprises the authentication information;
      
      authenticating, based on the authentication information, the user device for access to the service; and
      
      providing, to the user device, access to the service.
  - 4. The method of claim 1, wherein sending the authentication information to the user device comprises sending a security token.
  - 5. The method of claim 1, wherein the user information comprises at least one of:
    - audio data, video data or photograph data.
  - 6. The method of claim 1, wherein the user information comprises user settings that control at least one aspect of the service.
  - 7. The method of claim 1, wherein the service comprises:
    - a service infrastructure that manages the access the user device has to the service; and
      
      a service provider that provides the user device with data.
  - 8. The method of claim 7, wherein the service infrastructure is provided by way of a first sever and the service provider is provided by way of a second server.

9. A system comprising:
- at least one processor; and
  
  a non-transitory computer readable medium storing instructions that, when executed by the at least one processor, cause the system to;
  
  maintain user information associated with a user account for a service;
  
  receive, from a user device, a request to authenticate the user device to the service, wherein the request to authenticate the user device to the service comprises verification information, wherein the verification information comprises a username and a password;
  
  send, based on the verification information, authentication information to the user device, wherein the authentication information comprises a token;
  
  receive a request, from the user device, to access the service, wherein the request to access the service comprises the authentication information;
  
  determine that the authentication information is no longer valid;
  
  check a validity of the verification information;
  
  send, in response to determining that the verification information is valid, new authentication information to the user device;
  
  authenticate, based on the new authentication information, the user device for access to the service; and
  
  provide, to the user device, access to the service.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The system of claim 9, further comprising instructions that, when executed by the at least one processor, cause the system to establish a time period in which the authentication information is valid.
  - 11. The system of claim 10, further comprising instructions that, when executed by the at least one processor, cause the system to determine that the authentication information is no longer valid by determining the time period is expired.
  - 12. The system of claim 11, wherein the user information comprises user settings that control at least one aspect of the service.
  - 13. The system of claim 12, wherein the service comprises:
    - a service infrastructure that manages the access the user device has to the service; and
      
      a service provider that provides the user device with data, wherein;
      
      the service infrastructure is provided by way of a first sever; and
      
      the service provider is provided by way of a second server.
  - 14. The system of claim 9:
    - further comprising instructions that, when executed by the at least one processor, cause the system to;
      
      receive an initial request, from the user device, to access the service, wherein the initial request to access the service comprises the authentication information;
      
      authenticate, based on the authentication information, the user device for access to the service; and
      
      provide, to the user device, access to the service.

15. A non-transitory computer readable storage medium storing instructions thereon that, when executed by a processor, cause a computer system to:
- maintain user information associated with a user account for a service;
  
  receive, from a user device, a request to authenticate the user device to the service, wherein the request to authenticate the user device to the service comprises verification information, wherein the verification information comprises a username and a password;
  
  send, based on the verification information, authentication information to the user device, wherein the authentication information comprises a token;
  
  receive a request, from the user device, to access the service, wherein the request to access the service comprises the authentication information;
  
  determine that the authentication information is no longer valid;
  
  check a validity of the verification information;
  
  send, in response to determining that the verification information is valid, new authentication information to the user device;
  
  authenticate, based on the new authentication information, the user device for access to the service; and
  
  provide, to the user device, access to the service.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer readable storage medium of claim 15, further comprising instructions that, when executed by the at least one processor, cause the computer system to establish a time period in which the authentication information is valid.
  - 17. The computer readable storage medium of claim 16, further comprising instructions that, when executed by the at least one processor, cause the computer system to determine that the authentication information is no longer valid by determining the time period is expired.
  - 18. The computer readable storage medium of claim 17, wherein the user information comprises user settings that control at least one aspect of the service.
  - 19. The computer readable storage medium of claim 18, wherein the service comprises:
    - a service infrastructure that manages the access the user device has to the service; and
      
      a service provider that provides the user device with data, wherein;
      
      the service infrastructure is provided by way of a first sever; and
      
      the service provider is provided by way of a second server.
  - 20. The computer readable storage medium of claim 15, further comprising instructions that, when executed by the at least one processor, cause the computer system to:
    - receive an initial request, from the user device, to access the service, wherein the initial request to access the service comprises the authentication information;
      
      authenticate, based on the authentication information, the user device for access to the service; and
      
      provide, to the user device, access to the service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Cahill, Conor P.
Primary Examiner(s)
Okeke, Izunna

Application Number

US13/620,607
Publication Number

US 20130174233A1
Time in Patent Office

795 Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 65/1066   Session management

H04L 65/1104   Session initiation protocol...

Authentication of a device with a service provider

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of a device with a service provider

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links