System and method for facilitating federated user provisioning through a cloud-based system

US 9,426,156 B2
Filed: 11/19/2013
Issued: 08/23/2016
Est. Priority Date: 11/19/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable medium storing computer-readable instructions that, when executed by one or more processors of a cloud server, cause the cloud server to:

obtain, by a pre-registration module, registration information associated with a user, wherein the registration information comprises an activation key;

generate, by the pre-registration module, a tokenized resource identifier in a tokenized URL element based on the registration information, the tokenized resource identifier identifying the location of one or more resources in the cloud server, wherein the tokenized resource identifier comprises an embedded pre-registration token that is used to grant access to the one or more resources in the cloud server, the pre-registration token comprising the activation key used to verify the user and grant access to the one or more resources;

provide, by the pre-registration module, the tokenized URL element with the tokenized resource identifier to the user in the form of a link;

obtain, by a registration module, the pre-registration token embedded in the tokenized URL element with the tokenized resource identifier when the user accesses the one or more resources in the cloud server using the link;

determine, by the registration module, whether to grant access to the one or more resources based on the pre-registration token by comparing and verifying the obtained pre-registration token from the registration module to the pre-registration token in generated tokenized resource identifier from the pre-registration module;

grant, by the registration module, access to the one or more resources based on the determination and verification that access to the one or more resources should be granted based on the pre-registration token; and

register, by the registration module, the user with the cloud server using the one or more resources.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure relates to systems and methods for provisioning a new user to a cloud-based system through a pre-registration process where the cloud-based system generates a tokenized resource identifier based on the user'"'"'s registration information provided by an external service provider and through a registration process where the user accesses the cloud-based system using the tokenized resource identifier and the cloud-based system completes the registration of the user when the user'"'"'s registration information in the cloud-based system is verified against the corresponding registration information maintained by the external service provider. Once the registration is complete, data related to the registered user may be synchronized between the cloud-based system and the external service provider.

98 Citations

View as Search Results

18 Claims

1. A non-transitory computer readable medium storing computer-readable instructions that, when executed by one or more processors of a cloud server, cause the cloud server to:
- obtain, by a pre-registration module, registration information associated with a user, wherein the registration information comprises an activation key;
  
  generate, by the pre-registration module, a tokenized resource identifier in a tokenized URL element based on the registration information, the tokenized resource identifier identifying the location of one or more resources in the cloud server, wherein the tokenized resource identifier comprises an embedded pre-registration token that is used to grant access to the one or more resources in the cloud server, the pre-registration token comprising the activation key used to verify the user and grant access to the one or more resources;
  
  provide, by the pre-registration module, the tokenized URL element with the tokenized resource identifier to the user in the form of a link;
  
  obtain, by a registration module, the pre-registration token embedded in the tokenized URL element with the tokenized resource identifier when the user accesses the one or more resources in the cloud server using the link;
  
  determine, by the registration module, whether to grant access to the one or more resources based on the pre-registration token by comparing and verifying the obtained pre-registration token from the registration module to the pre-registration token in generated tokenized resource identifier from the pre-registration module;
  
  grant, by the registration module, access to the one or more resources based on the determination and verification that access to the one or more resources should be granted based on the pre-registration token; and
  
  register, by the registration module, the user with the cloud server using the one or more resources.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The non-transitory computer readable medium of claim 1, the non-transitory computer readable medium further causing the cloud server to:
    - generate, by the pre-registration module, the pre-registration token based on the activation key.
  - 3. The non-transitory computer readable medium of claim 1, wherein the registration information further comprises contact information, the contact information comprising an email address or a phone number.
  - 4. The non-transitory computer readable medium of claim 3, wherein providing the tokenized resource identifier to the user further comprises:
    - generating, by the pre-registration module, a registration invitation, wherein the registration invitation includes the tokenized source identifier; and
      
      transmitting, by the pre-registration module, via a communication channel, the registration invitation to the user based on the contact information.
  - 5. The non-transitory computer readable medium of claim 1, the non-transitory computer readable medium further causing the cloud server to:
    - generate, by a user account module, a user record associated with the user based on the registration information, wherein a status associated with the user record indicates that the registration is incomplete; and
      
      update, by the user account module, the user record based on registering the user with the cloud server using the one or more resources.
  - 6. The non-transitory computer readable medium of claim 5, wherein the registration information further comprises first user information and wherein registering the user with the cloud server using the one or more resources further comprises:
    - obtaining, by the registration module, second user information;
      
      determining, by the registration module, whether the second user information matches the first user information in the user record; and
      
      registering, by the registration module, the user with the cloud server using the one or more resources based on the determination that the second user information matches the first user information in the user record.
  - 7. The non-transitory computer readable medium of claim 6, wherein the first and second user information comprise a date of birth, a social security number, a phone number, an email address, or an address.
  - 8. The non-transitory computer readable medium of claim 5, wherein registering the user with the cloud server using the one or more resources further comprises:
    - identifying, by a verification module, an external service provider that has generated the activation key;
      
      providing, by the verification module, at least a portion of the user record to the external service provider to verify the at least a portion of the user record against a corresponding user record stored in a data storage coupled to the external service provider;
      
      receiving, by the verification module, an indication that the at least a portion of the user record has been verified against the corresponding user record; and
      
      registering, by the registration module, the user with the cloud server based on the indication that the user record has been verified against the corresponding user record.
  - 9. The non-transitory computer readable medium of claim 8, wherein registering the user with the cloud server using the one or more resources further comprises:
    - updating, by the user account module, the status to indicate that the registration is complete based on the indication that the user record has been verified against the corresponding user record.
  - 10. The non-transitory computer readable medium of claim 8, the non-transitory computer readable medium further causing the cloud server to:
    - receive, by a synchronization module, a shared secret from the external service provider, the shared secret used to establish a secure communication between the cloud server and the external service provider; and
      
      synchronize, by a synchronization module, between the user record and the corresponding user record via the secure communication.

11. A method implemented in a computer that includes one or more processors configured to execute one or more computer program instructions, the method comprising:
- obtaining registration information associated with a user;
  
  generating an activation key associated with the user based on the registration information;
  
  obtaining a tokenized resource identifier in a tokenized URL element that identifies the location of one or more resources in a cloud server, wherein the tokenized resource identifier comprises an embedded pre-registration token that is used to grant access to the one or more resources in the cloud server, the pre-registration token comprising the activation key used to authenticate the user and grant access to the one or more resources;
  
  providing the tokenized URL element with the tokenized resource identifier and embedded pre-registration token to the user in the form of a link;
  
  granting access to the one or more resources when the user accesses the one or more resources using the link by authenticating the activation key of the pre-registration token; and
  
  registering the user using the one or more resources.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, the method further comprising:
    - obtaining contact information associated with the user, the contact information comprising an email address or a phone number.
  - 13. The method of claim 12, wherein providing the tokenized resource identifier to the user further comprises:
    - generating a registration invitation, wherein the registration invitation includes the tokenized resource identifier; and
      
      transmitting, via a communication channel, the registration invitation to the user based on the contact information.
  - 14. The method of claim 13, wherein the registration invitation comprises a message instructing a recipient of the registration invitation to register with the cloud server.
  - 15. The method of claim 11, the method further comprising:
    - generating a first user record associated with the user, the first user record comprises the activation key, wherein a status associated with the first user record indicates that the registration is incomplete.
  - 16. The method of claim 15, the method further comprising:
    - receiving at least a portion of a second user record associated with the user from the cloud server;
      
      verifying the at least a portion of the second user record against the first user record; and
      
      providing, once verified, an indication that the at least a portion of the second user record has been verified to the cloud server.
  - 17. The method of claim 16, the method further comprising:
    - registering the user with the external service provider based on verifying the at least a portion of the second user record against the first user record, wherein the status associated with the first user record is updated to indicate that the registration is complete.

18. A method implemented in a computer that includes one or more processors configured to execute one or more computer program instructions, the method comprising:
- obtaining at least a portion of a first user record associated with a user, wherein the at least a portion of the first user record comprises an activation key generated by an external service provider;
  
  generating a second user record based on the at least a portion of the first user record;
  
  generating a tokenized resource identifier in a tokenized URL element based on the activation key, the tokenized resource identifier identifying the location of one or more resources in a cloud server, wherein the tokenized resource identifier comprises an embedded pre-registration token that is used to grant access to the one or more resources in the cloud server, the pre-registration token comprising the activation key used to verify the user and grant access to the one or more resources;
  
  providing the tokenized URL element with the tokenized resource identifier to the user in the form of a link;
  
  granting access to the user who uses the link with the tokenized resource identifier to access the one or more resources in the cloud server;
  
  providing at least a portion of the second user record to the external service provider to verify the at least a portion of the second user record against the first user record stored in a data storage coupled to the external service provider;
  
  receiving an indication that the at least a portion of the second user record has been verified against the first user record; and
  
  registering the user with the cloud server based on the indication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Care Innovations LLC
Original Assignee
Care Innovations LLC
Inventors
Furgison, Jason, Hebert, Kevin, Smith, Jason, Martin, David
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US14/083,848
Publication Number

US 20150143468A1
Time in Patent Office

1,008 Days
Field of Search

726/4, 726/2, 726/7, 726/9, 726/26, 726/28, 713/167, 713/183, 713/171
US Class Current

1/1
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 2221/2117   User registration

H04L 63/06   for supporting key manageme...

H04L 63/062   for key distribution, e.g. ...

H04L 63/10   for controlling access to d...

H04L 67/1001   for accessing one among a p...

H04L 67/12   specially adapted for propr...

System and method for facilitating federated user provisioning through a cloud-based system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

98 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for facilitating federated user provisioning through a cloud-based system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links