System and method for managing application program access to a protected resource residing on a mobile device
First Claim
1. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
- associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device;
receiving from an application residing on the mobile device via a network a request for the user identifier of the user via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device;
receiving from the user by redirection of a user agent by the module an identifier request authorization to provide the user identifier to the application;
redirecting the user agent back to the module;
providing the user identifier to the application via the module in response to receiving the identifier request authorization;
receiving a request via the module for an authorization to provide the application permission to access a protected resource of the particular mobile device associated with the user identifier;
receiving via the mobile device a resource access authorization from the user to transmit the authorization to provide the application permission to access the protected resource of the particular mobile device; and
providing the authorization via the module to provide the application permission to access the protected resource of the particular mobile device responsive to receiving the resource access authorization from the user.
7 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for managing application program access to a protected resource residing on a mobile device is provided. The method includes receiving from an application program a request for a permission to access the protected resource, and receiving from a source external to the mobile device an authentication of the application program. An authorization to provide the permission to access the protected resource is received and permission to access the protected resource is provided to the application program in response to receiving the authorization. Data produced by the protected resource is cryptographically signed, and a notification is generated in response to at least one of the application program requesting the permission to access the protected resource and the application program accessing the protected resource. A system for managing application program access to a protected resource residing on a mobile device is further provided.
59 Citations
10 Claims
-
1. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
-
associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device; receiving from an application residing on the mobile device via a network a request for the user identifier of the user via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device; receiving from the user by redirection of a user agent by the module an identifier request authorization to provide the user identifier to the application; redirecting the user agent back to the module; providing the user identifier to the application via the module in response to receiving the identifier request authorization; receiving a request via the module for an authorization to provide the application permission to access a protected resource of the particular mobile device associated with the user identifier; receiving via the mobile device a resource access authorization from the user to transmit the authorization to provide the application permission to access the protected resource of the particular mobile device; and providing the authorization via the module to provide the application permission to access the protected resource of the particular mobile device responsive to receiving the resource access authorization from the user. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
-
associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device; receiving from an application residing on the mobile device through a network a request for a user identifier via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device; providing a request token to the module residing on the mobile device; receiving from at least one of the user or the application via the module an identifier request authorization to provide the user identifier to the application; associating the user identifier request authorization with the request token to authorize the request token; receiving the authorized request token from the module; providing an access token to the module in response to receiving the authorized request token from the module; receiving the access token from the module; and providing the user identifier to the application in response to receiving the access token from the module; receiving a request for an authorization to provide the application permission to access a protected resource of the mobile device associated with the user identifier; receiving via the mobile device a resource access authorization from the user to transmit the authorization to provide the application permission to access the protected resource of the mobile device; and providing the authorization to provide the application permission to access the protected resource of the mobile device responsive to receiving the resource access authorization from the user. - View Dependent Claims (6, 7)
-
-
8. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
-
associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device; receiving through a network from an application residing on the mobile device a request for the user identifier of the user via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device; receiving from at least one of the user or the application an identifier request authorization to provide the user identifier to the application; providing the user identifier to the application via the module; receiving from the application via the module a token request including the user identifier; providing a request token to the module in response to receiving the user identifier; receiving a resource access authorization from the user by redirection of a user agent; redirecting the user agent back to the module; associating the resource access authorization from the user with the request token to authorize the request token; receiving the authorized request token from the module; providing an access token to the module in response to receiving the authorized request token; receiving the access token from the module; and providing the module an authorization to provide the application permission to access the protected resource in response to receiving the access token.
-
-
9. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
-
associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device; receiving from an application residing on the mobile device through a network a request for a user identifier via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device; providing a first request token to the module residing on the mobile device; receiving from at least one of the user or the application via the module an identifier request authorization to provide the user identifier to the application; associating the user identifier request authorization with the first request token to authorize the first request token; receiving the authorized first request token from the module; providing a first access token to the module in response to receiving the authorized first request token from the module; receiving the first access token from the module; providing the user identifier to the application in response to receiving the first access token from the module; receiving from the application via the module a request for authorization to provide the application permission to access the protected resource, the request including the user identifier; providing a second request token to the module in response to receiving the user identifier; receiving a resource access authorization from the user by redirection of a user agent; redirecting the user agent back to the module; associating the resource access authorization from the user with the second request token to authorize the second request token; receiving the authorized second request token from the module; providing a second access token to the module in response to receiving the authorized second request token; receiving the second access token from the module; and providing the module the authorization to provide the application permission to access the protected resource in response to receiving the second access token.
-
-
10. A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method performed by at least one network-connectable server, the method comprising:
-
associating a user identifier with a user account corresponding to identifying information of a user corresponding to the mobile device; receiving from an application residing on the mobile device via a network a request for the user identifier of the user via a module residing on the mobile device, the module separating an application program interface (API) layer for enabling the application from a protected resource layer comprising the protected resource on the mobile device; receiving from at least one of the user and the application an identifier request authorization to provide the user identifier to the application; providing the user identifier to the application via the module in response to receiving the identifier request authorization; receiving a request via the module for an authorization to provide the application permission to access a protected resource of the particular mobile device associated with the user identifier; receiving via the mobile device by redirection of a user agent by the module a resource access authorization from the user to transmit the authorization to provide the application permission to access the protected resource of the particular mobile device; redirecting the user agent back to the module; and providing the authorization via the module to provide the application permission to access the protected resource of the particular mobile device responsive to receiving the resource access authorization from the user.
-
Specification