Mobile application, identity relationship management

US 9,495,533 B2
Filed: 05/31/2012
Issued: 11/15/2016
Est. Priority Date: 09/29/2011
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a memory storing a plurality of instructions; and

one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to;

receive, from a client application of a mobile device, a first instruction to manage an identity, the first instruction formatted as a representational state transfer (REST) method call, the first instruction comprising a request to modify information associated with the identity;

generate, based at least in part on the first instruction, a uniform resource identifier (URI) for the identity;

model, based at least in part on the URI, an identity relationship associated with the identity, the identity relationship identifying a relationship between the identity and at least one other entity associated with the client application;

determine, based at least in part on the REST method call, a service provider for managing the identity and the identity relationship associated with the identity;

determine a schema associated with the service provider;

map the URI to the schema associated with the service provider;

generate a second instruction for instructing the service provider to manage the identity and the identity relationship associated with the identity in accordance with the schema; and

transmit the second instruction to the service provider for managing the identity and the identity relationship associated with the identity of the client application, the management of the identity and the identity relationship associated with the identity comprising modifying, at the service provider, the information associated with the identity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for managing identities are provided. In some examples, identity management, authentication, authorization, and token exchange frameworks may be provided for use with mobile devices, mobile applications, cloud applications, and/or other web-based applications. For example a mobile client may request to perform one or more identity management operations associated with an account of a service provider. Based at least in part on the requested operation and/or the particular service provider, an application programming interface (API) may be utilized to generate and/or perform one or more instructions and/or method calls for managing identity information of the service provider.

Citations

19 Claims

1. A system, comprising:
- a memory storing a plurality of instructions; and
  
  one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to;
  
  receive, from a client application of a mobile device, a first instruction to manage an identity, the first instruction formatted as a representational state transfer (REST) method call, the first instruction comprising a request to modify information associated with the identity;
  
  generate, based at least in part on the first instruction, a uniform resource identifier (URI) for the identity;
  
  model, based at least in part on the URI, an identity relationship associated with the identity, the identity relationship identifying a relationship between the identity and at least one other entity associated with the client application;
  
  determine, based at least in part on the REST method call, a service provider for managing the identity and the identity relationship associated with the identity;
  
  determine a schema associated with the service provider;
  
  map the URI to the schema associated with the service provider;
  
  generate a second instruction for instructing the service provider to manage the identity and the identity relationship associated with the identity in accordance with the schema; and
  
  transmit the second instruction to the service provider for managing the identity and the identity relationship associated with the identity of the client application, the management of the identity and the identity relationship associated with the identity comprising modifying, at the service provider, the information associated with the identity.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1, wherein the first instruction is received from a Rich Internet Application (RIA) or a software as a service (SaaS) application.
  - 3. The system of claim 1, wherein the identity relationship comprises the identity and identification of an association between the identity and the at least one other entity.
  - 4. The system of claim 3, wherein the identity relationship is modeled as the URI based at least in part on a string of characters including the identity and the association.

5. A computer-implemented method, comprising:
- receiving, by a computer system, a first instruction to manage an identity relationship, the first instruction received from a client application of a mobile device, the first instruction formatted as a representational state transfer (REST) method call, the first instruction comprising a request to modify information associated with the identity;
  
  generating, by the computer system, a uniform resource identifier (URI) to represent the identity relationship based at least in part on the first instruction;
  
  determining, based at least in part on the REST method call, a service provider for managing the identity relationship;
  
  determining a schema associated with the service provider;
  
  mapping, by the computer system, the generated URI to the schema associated with the service provider;
  
  generating a second instruction for instructing the service provider to manage the identity relationship in accordance with the schema; and
  
  transmitting, by the computer system, the second instruction to the service provider for managing the identity relationship of the client application, the management of the identity and the identity relationship associated with the identity comprising modifying, at the service provider, the information associated with the identity.
- View Dependent Claims (8, 9, 10)
- - 8. The computer-implemented method of claim 5, wherein the first instruction to manage the identity relationship is received as the REST call and is independent of an application programming interface (API) of the service provider.
  - 9. The computer-implemented method of claim 5, wherein the schema associated with the service provider comprises a service provider interface for communicating instructions to the service provider.
  - 10. The computer-implemented method of claim 9, wherein the first instruction indicates an identity relationship operation to be performed by the service provider.

6. The computer-implemented method of 5, wherein the first instruction to manage the identity relationship includes the identity relationship.

7. The computer-implemented method of 5, wherein the identity relationship comprises an identity and an association between the identity and another entity.

11. A non-transitory computer-readable memory device storing a plurality of instructions executable by one or more computer processors, the plurality of instructions comprising:
- instructions that cause the one or more processors to receive, from a client application of a mobile device, a uniform resource identifier (URI) indicating a service provider, an identity of an entity, and an association of the identity;
  
  instructions that cause the one or more processors to determine, based at least in part on the received URI, an identity relationship instruction, the identity relationship instruction formatted as a representational state transfer (REST) method call, the identity relationship instruction comprising a request to modify information associated with the identity;
  
  instructions that cause the one or more processors to determine a schema associated with the service provider;
  
  instructions that cause the one or more processors to generate a mapping between the determined identity relationship instruction and the schema associated with the service provider;
  
  instructions that cause the one or more processors to generate a second instruction for instructing the service provider to manage the identity and the identity relationship associated with the identity in accordance with the schema, the management of the identity and the identity relationship associated with the identity comprising modifying, at the service provider, the information associated with the identity; and
  
  instructions that cause the one or more processors to transmit, to the service provider, the second instruction corresponding to the determined identity relationship instruction.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The non-transitory computer-readable memory of claim 11, wherein the URI is received as the REST method call.
  - 13. The non-transitory computer-readable memory of claim 11, wherein the association indicates a relationship between the identity and another entity.
  - 14. The non-transitory computer-readable memory of claim 11, wherein the URI is based at least in part on a string of characters including the service provider and at least one of the identity, the association, or an identity of another entity.
  - 15. The non-transitory computer-readable memory of claim 11, wherein the client application is a mobile application of the mobile device, a Rich Internet Application (RIA) or a software as a service (SaaS) application.
  - 16. The non-transitory computer-readable memory of claim 11, wherein the generated mapping is protected by a security filter.
  - 17. The non-transitory computer-readable memory of claim 11, wherein the schema associated with the service provider comprises a service provider interface for communicating instructions to the service provider.
  - 18. The non-transitory computer-readable memory of claim 11, wherein the service provider comprises one or more pluggable identity management services.
  - 19. The non-transitory computer-readable memory of claim 11, wherein a first schema corresponding to a first service provider is different from a second schema corresponding to a second service provider based at least in part on respective application programming interfaces (APIs) for the first and second service providers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Yiu, Kwok Lun Alex, Chu, Ching-Wen, Hingarajiya, Ravi, Brydon, Sean
Primary Examiner(s)
Eskandarnia, Arvin
Assistant Examiner(s)
Desai, Margishi

Application Number

US13/485,420
Publication Number

US 20130086210A1
Time in Patent Office

1,629 Days
Field of Search

709/217
US Class Current

1/1
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 67/306   User profiles

H04W 12/068   using credential vaults, e....

Mobile application, identity relationship management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile application, identity relationship management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links