Delegating authorizations
First Claim
Patent Images
1. A method for delegating access tokens relied upon to authenticate access to services, the method comprising:
- receiving a plurality of access tokens from a plurality of service providers after the plurality of service providers associates each of the plurality of access tokens with at least one of a plurality of users;
receiving a first credential from a control device generated in response to the control device interacting with an sink device while the sink device is being engaged to access a first services associated with a first service provider of the plurality of service providers at a first instance in time;
identifying a first access token of the plurality of access tokens associated with a first user of the plurality of users as a function of information included within the first credential; and
transmitting the first access token to the first service provider at a second instance in time occurring after the first instance in time, the first service provider granting the sink device access to the first service at the second instance in time according to entitlements of the first user if the first access token is valid when received, thereby enabling the sink device to access the first service without providing the first access token to the service provider.
1 Assignment
0 Petitions
Accused Products
Abstract
Delegating authorizations sufficient to access services is contemplate. The authorization may be delegated in the form of a token or other transmissible construct relied upon to authenticate access to services, such as but not necessarily limited to conferring a user identity established via authenticated device for the purposes of enabling an unauthenticated or unsecured device to access a service associated with the user identity.
-
Citations
20 Claims
-
1. A method for delegating access tokens relied upon to authenticate access to services, the method comprising:
-
receiving a plurality of access tokens from a plurality of service providers after the plurality of service providers associates each of the plurality of access tokens with at least one of a plurality of users; receiving a first credential from a control device generated in response to the control device interacting with an sink device while the sink device is being engaged to access a first services associated with a first service provider of the plurality of service providers at a first instance in time; identifying a first access token of the plurality of access tokens associated with a first user of the plurality of users as a function of information included within the first credential; and transmitting the first access token to the first service provider at a second instance in time occurring after the first instance in time, the first service provider granting the sink device access to the first service at the second instance in time according to entitlements of the first user if the first access token is valid when received, thereby enabling the sink device to access the first service without providing the first access token to the service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium having a plurality of non-transitory instructions operable with a processor associated with a service provider to facilitate access to services, the non-transitory instructions being sufficient for:
-
associating a plurality of users with one or more of a plurality of access tokens, each access token authenticating the corresponding user for access to at least one of a plurality of services offered by the service provider; associating at least one of a plurality of indicators with each of the plurality of services, each indicator being sufficient to uniquely identify the service associated therewith; associating a first indicator of the plurality of indicators with a sink device attempting to access the first service, the first indicator uniquely identifying a first service of the plurality of services; and enabling the sink device access to the first service according to a first user of the plurality of users associated with a first access token of the plurality of access tokens, including determining the first access token in response to a control device generating a credential having information sufficient to identify the first user and the first service, the control device identifying the first service after interacting with the first indicator associated with the sink device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for authenticating a sink device to access a service associated with a service provider, the system comprising:
-
an control device configured to; i) capture an image of an indicator having visually recognizable indicia sufficient to represent service information associated with an attempt to instantiate the service at the sink device; and ii) transmit a credential sufficient to identify a user associated with the control device and at least a portion of the service information; a server configured to; i) receive a plurality of access tokens for a plurality of users authorized to access the service; ii) receive the credential from the control device; iii) determine an access token from the plurality of access tokens associated with the user identified with the credential; iv) transmit an access message to the service provider to authenticate the sink device to access the service, the access message including the access token and at least a portion of the server information included with the credential. - View Dependent Claims (18, 19, 20)
-
Specification