System and method of extending a host website

US 9,210,155 B2
Filed: 03/04/2014
Issued: 12/08/2015
Est. Priority Date: 03/08/2013
Status: Expired due to Fees

First Claim

Patent Images

1. A method of providing access control, the method comprising:

a memory;

at least one processor;

a module stored in the memory including computer instruction code that is executable by the at least one processor and structured to cause the at least one processor to be configured to;

receive a request to access an extension module from a browsing device, the browsing device is for maintaining a browsing session with a host website, and the extension module is for extending the host website by exchanging data with the host website;

generate a first authorization token that is associated with the browsing session;

send, to the browsing device, the first authorization token;

receive, at the extension module, a second authorization token from the browsing device;

receive the second authorization token from the extension module and verify that the second authorization token matches the first authorization token;

if verification is successful, allow the extension module to exchange data with the host website and communicate with the browsing device;

receive, from the extension module, a request to access host website data from the host website;

determine if the extension module is authorized to access the host website data from the host website; and

if the extension module is authorized to access the host website data from the host website, transmit at least one credential to the extension module;

wherein the extension module is configured to transmit the at least one credential to the host website when accessing the host website data from the host website, andwherein the host website provides a primary set of information, and the data exchanged by the extension module with the host website provides a secondary set of information that is related to the primary set of information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments of the present disclosure provide a system for providing access control. The system may include an extension module for extending a host website; and a marketplace server that is configured to: receive a request to access the extension module from a browsing device, the browsing device is for maintaining a browsing session with the host website, and the extension module is for exchanging data with the host website; generate a first authorization token that is associated with the browsing session; and send, to the browsing device, the first authorization token. The extension module may be configured to receive a second authorization token from the browsing device. One of the extension module or the marketplace server may then be further configured to: verify that the second authorization token matches the first authorization token; and if verification is successful, the extension module can be allowed to exchange data with the host website and communicate with the browsing device.

30 Citations

View as Search Results

15 Claims

1. A method of providing access control, the method comprising:
- a memory;
  
  at least one processor;
  
  a module stored in the memory including computer instruction code that is executable by the at least one processor and structured to cause the at least one processor to be configured to;
  
  receive a request to access an extension module from a browsing device, the browsing device is for maintaining a browsing session with a host website, and the extension module is for extending the host website by exchanging data with the host website;
  
  generate a first authorization token that is associated with the browsing session;
  
  send, to the browsing device, the first authorization token;
  
  receive, at the extension module, a second authorization token from the browsing device;
  
  receive the second authorization token from the extension module and verify that the second authorization token matches the first authorization token;
  
  if verification is successful, allow the extension module to exchange data with the host website and communicate with the browsing device;
  
  receive, from the extension module, a request to access host website data from the host website;
  
  determine if the extension module is authorized to access the host website data from the host website; and
  
  if the extension module is authorized to access the host website data from the host website, transmit at least one credential to the extension module;
  
  wherein the extension module is configured to transmit the at least one credential to the host website when accessing the host website data from the host website, andwherein the host website provides a primary set of information, and the data exchanged by the extension module with the host website provides a secondary set of information that is related to the primary set of information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the computer instruction code is structured to cause the at least one processor to be further configured to:
    - send, to the extension module, the first authorization token; and
      
      wherein, the verifying is performed by the extension module.
  - 3. The method of claim 1, wherein when sending the first authorization token to the browsing device, the computer instruction code is structured to cause the at least one processor to be further configured to:
    - send, to the browsing device, a resource locator for the extension module.
  - 4. The method of claim 1, wherein the computer instruction code is structured to cause the at least one processor to be further configured to:
    - send a user identifier to the extension module, wherein the user identifier is usable by the extension module to exchange data with the host website.
  - 5. The method of claim 1, wherein the host website provides personal finance information, and wherein the data is selected from a group consisting of:
    - a portfolio, a watchlist, a list of debit transactions, a list of credit transactions, loan information, asset information and a list of historical transactions.
  - 6. The method of claim 1, wherein the host website provides social media information, and wherein the data is selected from a group consisting of:
    - a name of a user, an email address of a user, a list of social media contacts, and one or more messages sent using the social media website.
  - 7. The method of claim 1, wherein the host website provides news and opinion information, and wherein the data is selected from a group consisting of:
    - an article, a headline, a blog entry, and a review.
  - 8. The method of claim 1, wherein the host website provides food information, and wherein the data is selected from a group consisting of:
    - an article, a food recipe, and a review.
  - 9. The method of claim 1, wherein the host website provides fitness information, and wherein the data is selected from a group consisting of:
    - an article, a workout, a blog entry, and a review.
  - 10. The method of claim 1, wherein the host website provides travel information, and wherein the data is selected from a group consisting of:
    - an article, a geographic location, a blog entry, and a review.
  - 11. The method of claim 1, wherein the host website provides movie and television information, and wherein the data is selected from a group consisting of:
    - an article, information about a movie, information about a television show, information about an actor, and a review.
  - 12. The method of claim 1, wherein the at least one credential comprises a first data token, and wherein the computer instruction code is structured to cause the at least one processor to be further configured to:
    - receive a second data token from the host website;
      
      verify that the second data token matches the first data token; and
      
      if verification is successful, send a data descriptor for the host website data to the host website, and upon receiving the data descriptor, the host website transmits the host website data to the extension module.
  - 13. The method of claim 1, wherein the computer instruction code is structured to cause the at least one processor to be further configured to:
    - receive, from the host website, a communication destined for the extension module; and
      
      relay the communication to the extension module.
  - 14. The method of claim 13, wherein the communication comprises a request to access extension module data from the extension module, and wherein the computer instruction code is structured to cause the at least one processor to be further configured to:
    - determine if the host website is authorized to access the extension module data; and
      
      if the host website is authorized to access the extension module data, relay the request to the extension module.
  - 15. The method of claim 14, further comprising:
    - receiving the extension module data from the extension module; and
      
      transmitting the extension module data to the host website.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
StockTree Inc. (Stripe, Inc.)
Original Assignee
StockTree Inc. (Stripe, Inc.)
Inventors
Amaro, Brian
Primary Examiner(s)
Abrishamkar, Kaveh
Assistant Examiner(s)
Wilcox, James J

Application Number

US14/196,422
Publication Number

US 20140298443A1
Time in Patent Office

644 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 67/14   Session management for real...

H04L 67/141   Setup of application sessio...

System and method of extending a host website

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

System and method of extending a host website

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others