System and methods for facilitating authentication of an electronic device accessing plurality of mobile applications

US 9,369,286 B2
Filed: 04/01/2014
Issued: 06/14/2016
Est. Priority Date: 11/27/2013
Status: Active Grant

First Claim

Patent Images

1. A method for facilitating authentication of an electronic device accessing a plurality of mobile applications, the method comprising:

receiving a device public key of the electronic device and authentication information of the electronic device from a first application server associated with a first mobile application installed on the electronic device;

validating the authentication information using reference data stored in an active directory;

creating an authentication token for the electronic device post-validation of the authentication information;

signing the authentication token with a server signature using a server private key, wherein the server signature and the server private key are associated with a system;

transmitting the authentication token to the electronic device via the first application server post-signing, wherein the authentication token transmitted to the electronic device is further accessible to a second application server, and wherein the second application server is associated with a second mobile application installed on the electronic device;

enabling the electronic device to access the first mobile application based on the authentication information validated;

receiving the authentication token from the second application server associated with the second mobile application installed on the electronic device, wherein the authentication token received is signed with a device signature using a device private key, and wherein the device signature and the device private key are associated with the electronic device;

authorizing the authentication token by verifying the device signature and the server signature on the authentication token using the device public key and a server public key, wherein the server public key is associated with the system;

transmitting the authentication token authorized to the electronic device via the second application server; and

enabling the electronic device to access the second mobile application using the authentication token authorized.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for facilitating authentication of an electronic device accessing plurality of mobile applications are disclosed. The system may receive a device public key and authentication information of the electronic device. The system may validate the authentication information to initiate a device session with the electronic device and create an authentication token signed with a server signature. The system may enable the electronic device to access a first mobile application based on the authentication information validated. Further, the system may receive the authentication token signed with a device signature. The system may authorize the authentication token by verifying the device signature and the server signature on the authentication token with a device public key and a server public key respectively. The system may then enable the electronic device to access the second mobile application using the authentication token authorized.

Citations

14 Claims

1. A method for facilitating authentication of an electronic device accessing a plurality of mobile applications, the method comprising:
- receiving a device public key of the electronic device and authentication information of the electronic device from a first application server associated with a first mobile application installed on the electronic device;
  
  validating the authentication information using reference data stored in an active directory;
  
  creating an authentication token for the electronic device post-validation of the authentication information;
  
  signing the authentication token with a server signature using a server private key, wherein the server signature and the server private key are associated with a system;
  
  transmitting the authentication token to the electronic device via the first application server post-signing, wherein the authentication token transmitted to the electronic device is further accessible to a second application server, and wherein the second application server is associated with a second mobile application installed on the electronic device;
  
  enabling the electronic device to access the first mobile application based on the authentication information validated;
  
  receiving the authentication token from the second application server associated with the second mobile application installed on the electronic device, wherein the authentication token received is signed with a device signature using a device private key, and wherein the device signature and the device private key are associated with the electronic device;
  
  authorizing the authentication token by verifying the device signature and the server signature on the authentication token using the device public key and a server public key, wherein the server public key is associated with the system;
  
  transmitting the authentication token authorized to the electronic device via the second application server; and
  
  enabling the electronic device to access the second mobile application using the authentication token authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the plurality of mobile applications are native mobile applications or hybrid mobile applications.
  - 3. The method of claim 1, wherein the authentication information comprises login credentials including username and password.
  - 4. The method of claim 1, wherein the electronic device includes a unique device identifier associated with the electronic device.
  - 5. The method of claim 1, wherein the authentication token is based on Security Assertion Markup Language (SAML) format.
  - 6. The method of claim 1, wherein when the first mobile application is a hybrid mobile application, the authentication token is transmitted to the electronic device corresponding to a request received by the first application server, via a response Header (HTTPHeader), and wherein a response body (HTTPBody) from the first application server, corresponding to the request, contains a home page of the first mobile application.
  - 7. The method of claim 1, wherein the authentication token is stored in a memory unit of the electronic device, and wherein the authentication token is deleted from the memory unit once a user is logged out from the first mobile application or the second mobile application.
  - 8. The method of claim 7 further comprises destroying an existing user session on the electronic device, via the first application server or the second application server, once the user is logged out from the first mobile application or the second mobile application.

9. A system for facilitating authentication of an electronic device accessing a plurality of mobile applications, the system comprising:
- a processor; and
  
  a memory coupled to the processor, wherein the processor is capable of executing a set of instructions stored in the memory, and wherein the set of instructions comprising instructions for;
  
  receiving a device public key of the electronic device and authentication information of the electronic device from a first application server associated with a first mobile application installed on the electronic device;
  
  validating the authentication information using reference data stored in an active directory;
  
  creating an authentication token for the electronic device post-validation of the authentication information;
  
  signing the authentication token with a server signature using a server private key, wherein the server signature and the server private key are associated with a system;
  
  transmitting the authentication token to the electronic device via the first application server post-signing, wherein the authentication token transmitted to the electronic device is further accessible to a second application server, and wherein the second application server is associated with a second mobile application installed on the electronic device;
  
  enabling the electronic device to access the first mobile application based on the validation of the authentication information;
  
  receiving the authentication token from the second application server associated with the second mobile application installed on the electronic device, wherein the authentication token received is signed with a device signature using a device private key, and wherein the device signature and the device private key are associated with the electronic device;
  
  authorizing the authentication token by verifying the device signature and the server signature on the authentication token using the device public key and a server public key, wherein the server public key is associated with the system;
  
  transmitting the authentication token authorized to the electronic device via the second application server; and
  
  enabling the electronic device to access the second mobile application using the authentication token authorized.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, wherein the plurality of mobile applications are native mobile applications or hybrid mobile applications.
  - 11. The system of claim 9, wherein the authentication token is based on Security Assertion Markup Language (SAML) format.
  - 12. The system of claim 9, wherein when the first mobile application is a hybrid mobile application, the authentication token is transmitted to the electronic device corresponding to a request received by the first application server, via a response Header (HTTPHeader), and wherein a response body (HTTPBody) from the first application server, corresponding to the request, contains a home page of the first mobile application.
  - 13. The system of claim 12, wherein the authentication token is stored in a memory unit of the electronic device, and wherein the authentication token is deleted from the memory unit once a user is logged out from the first mobile application or the second mobile application.

14. A computer program product having a non-transitory computer readable storage medium having a computer program for facilitating authentication of an electronic device accessing a plurality of mobile applications, the computer program comprising a set of instructions, the set of instructions comprising instructions for:
- receiving a device public key of the electronic device and authentication information of the electronic device from a first application server associated with a first mobile application installed on the electronic device;
  
  validating the authentication information using reference data stored in an active directory;
  
  creating an authentication token for the electronic device post-validation of the authentication information;
  
  signing the authentication token with a server signature using a server private key, wherein the server signature and the server private key are associated with a system;
  
  transmitting the authentication token to the electronic device via the first application server post-signing, wherein the authentication token transmitted to the electronic device is further accessible to a second application server, and wherein the second application server is associated with a second mobile application installed on the electronic device;
  
  enabling the electronic device to access the first mobile application based on the authentication information validated;
  
  receiving the authentication token from the second application server associated with the second mobile application installed on the electronic device, wherein the authentication token received is signed with a device signature using a device private key, and wherein the device signature and the device private key are associated with the electronic device;
  
  authorizing the authentication token by verifying the device signature and the server signature on the authentication token using the device public key and a server public key, wherein the server public key is associated with the system;
  
  transmitting the authentication token authorized to the electronic device via the second application server; and
  
  enabling the electronic device to access the second mobile application using the authentication token authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Original Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Inventors
Shukla, Kartikey, Singh, Nishant, Shetty, Kalidas Krishna, Tiwari, Shishir, Yohannan, Nisha
Primary Examiner(s)
NGUYEN, TU T

Application Number

US14/242,660
Publication Number

US 20150149766A1
Time in Patent Office

805 Days
Field of Search

713/155
US Class Current

1/1
CPC Class Codes

H04L 63/0815   providing single-sign-on or...

H04L 9/3247   involving digital signatures

H04W 12/06   Authentication

H04W 12/069   using certificates or pre-s...

System and methods for facilitating authentication of an electronic device accessing plurality of mobile applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and methods for facilitating authentication of an electronic device accessing plurality of mobile applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links