Mobile cloud service architecture

US 9,712,511 B2
Filed: 11/16/2015
Issued: 07/18/2017
Est. Priority Date: 02/07/2014
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, through an interface of a computer system, from a computing device, a request for one or more services provided by one or more enterprise computer systems, wherein the interface supports a first protocol for communication with the computer system, and wherein the request has a format corresponding to the first protocol;

determining, by the computer system, that the request for the one or more services received from the computing device is for a plurality of services;

determining, by the computer system, that access to each of the plurality of services is supported by a different security protocol of one or more security protocols;

generating, by the computer system, according to the security protocol supporting the access to each of the plurality of services, a security token for each of the plurality of services based on an authentication of a user;

generating, by the computer system, a plurality of converted requests, wherein each of the plurality of converted requests is generated for a different service of the plurality of services, wherein each of the plurality of converted requests includes the security token generated according to the security protocol supporting the access to the different service, wherein each of the plurality of converted requests has a format corresponding to a second protocol for communication with the one or more enterprise computer systems that provides the different service, and wherein generating each of the plurality of converted requests includes converting the request from the format of the first protocol to the format of the second protocol;

sending, by the computer system, each of the plurality of converted requests to one of the one or more enterprise computer systems;

converting, by the computer system, a response to one or more of the plurality of converted requests, wherein the response has the format of the second protocol, wherein the response is converted from the format of the second protocol to the format of the first protocol, and wherein the response is received from an enterprise computer system of the one or more enterprise computer systems and has the format of the second protocol; and

providing, by the computer system, the converted response to the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are described for implementing a cloud computer system to facilitate communication between a computing device (e.g., a mobile computing device) and enterprise computer systems. In certain embodiments, the cloud computer system may receive, from a computing device, a request for a service provided by an enterprise computer system. The cloud computer system may determine security authentication of a user for the requested service. A security protocol may be determined for a requested enterprise computer system and a security token may be generated for the request according to the determined security protocol. The request may be sent to the requested enterprise computer system. In some embodiments, security authentication for a request to an enterprise computer system may be determined based on previous authentication. The cloud computer system may be configured to communicate with several different enterprise computer systems according to their supported protocols (e.g., communication protocol and/or security protocol).

65 Citations

View as Search Results

16 Claims

1. A method comprising:
- receiving, through an interface of a computer system, from a computing device, a request for one or more services provided by one or more enterprise computer systems, wherein the interface supports a first protocol for communication with the computer system, and wherein the request has a format corresponding to the first protocol;
  
  determining, by the computer system, that the request for the one or more services received from the computing device is for a plurality of services;
  
  determining, by the computer system, that access to each of the plurality of services is supported by a different security protocol of one or more security protocols;
  
  generating, by the computer system, according to the security protocol supporting the access to each of the plurality of services, a security token for each of the plurality of services based on an authentication of a user;
  
  generating, by the computer system, a plurality of converted requests, wherein each of the plurality of converted requests is generated for a different service of the plurality of services, wherein each of the plurality of converted requests includes the security token generated according to the security protocol supporting the access to the different service, wherein each of the plurality of converted requests has a format corresponding to a second protocol for communication with the one or more enterprise computer systems that provides the different service, and wherein generating each of the plurality of converted requests includes converting the request from the format of the first protocol to the format of the second protocol;
  
  sending, by the computer system, each of the plurality of converted requests to one of the one or more enterprise computer systems;
  
  converting, by the computer system, a response to one or more of the plurality of converted requests, wherein the response has the format of the second protocol, wherein the response is converted from the format of the second protocol to the format of the first protocol, and wherein the response is received from an enterprise computer system of the one or more enterprise computer systems and has the format of the second protocol; and
  
  providing, by the computer system, the converted response to the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - determining, based on the security protocol supporting the access to each of the plurality of services, the authentication of the user to access one or more services; and
      
      verifying that the plurality of services is included in the one or more services based on the authentication.
  - 3. The method of claim 1, wherein the security token generated for each of the plurality of services indicates the authentication of the user and indicates access to the service permitted by the authentication.
  - 4. The method of claim 1, wherein the interface is an application programming interface (API) that uses the first protocol to receive requests for at least one service.
  - 5. The method of claim 1, wherein determining that access to each of the plurality of services is supported by the different security protocol is based on the one or more enterprise computer systems providing the service.
  - 6. The method of claim 1, wherein request received from the computing device and the converted response sent to the computing device have a JavaScript Object Notation (JSON) format.
  - 7. The method of claim 1, wherein the response received from the enterprise computer system indicates a result of the one or more of the plurality of converted requests.
  - 8. The method of claim 1, the response received from the enterprise computer system includes error information about one of the plurality of services for which a converted request is generated.
  - 9. The method of claim 1, wherein the response received from the enterprise computer system includes enterprise data related to operation of one of the plurality of services for which a converted request is generated.
  - 10. The method of claim 1, further comprising:
    - identifying, based on the authentication of the user, the one or more enterprise computer systems accessible to the user through the computer system, wherein each of the one or more enterprise computer systems supports a protocol for communication, and wherein the protocol for communication is different from the first protocol; and
      
      verifying that the enterprise computer system is included in the one or more enterprise computer systems accessible to the user.
  - 11. The method of claim 1, wherein the computer system is located at a first geographical location that is different from a second geographical location of the one or more enterprise computer systems.
  - 12. The method of claim 1, wherein the request received from the computing device and each of the plurality of converted requests sent to one of the one or more enterprise computer systems conform to different representational state transfer (REST) architectural styles.
  - 13. The menthod of claim 1, wherein the first protocol and the second protocol conform to a hypertext transfer protocol (HTTP).

14. A computer system comprising:
- one or more processors; and
  
  a memory operatively coupled to the one or more processors, wherein the memory stores instructions that, when executed by the one or more processors, causes the one or more processors to;
  
  receive, through an interface of the computer system, from a computing device, a request for one or more services provided by one or more enterprise computer systems, wherein the interface supports a first protocol for communication with the computer system, and wherein the request has a format corresponding to the first protocol;
  
  determine that the request for the one or more services received from the computing device is for a plurality of services;
  
  determine that access to each of the plurality of services is supported by a different security protocol of one or more security protocols;
  
  generate, according to the security protocol supporting the access to each of the plurality of services, a security token for each of the plurality of services based on an authentication of a user;
  
  generate a plurality of converted requests, wherein each of the plurality of converted requests is generated for a different service of the plurality of services, wherein each of the plurality of converted requests includes the security token generated according to the security protocol supporting the access to the different service, wherein each of the plurality of converted requests has a format corresponding to a second protocol for communication with the one or more enterprise computer systems that provides the different service, and wherein each of the plurality of converted requests includes converting the request from the format of the first protocol to the format of the second protocol;
  
  send each of the plurality of converted requests to one of the one or more enterprise computer systems;
  
  convert a response to one or more of the plurality of converted requests, wherein the response has the format of the second protocol, wherein the response is converted from the format of the second protocol to the format of the first protocol, and wherein the response is received from an enterprise computer system of the one or more enterprise computer systems and has the format of the second protocol; and
  
  provide the converted response to the computing device.
- View Dependent Claims (15)
- - 15. The computer system of claim 14, wherein the security token generated for each of the plurality of services indicates the authentication of the user and indicates access to the service permitted by the authentication.

16. A non-transitory machine-readable storage medium storing instructions that are executable by one or more processors to cause the one or more processors to:
- receive, through an interface of a computer system, from a computing device, a request for one or more services provided by one or more enterprise computer systems, wherein the interface supports a first protocol for communication with the computer system, and wherein the request has a format corresponding to the first protocol;
  
  determine that the request for the one or more services received from the computing device is for a plurality of services;
  
  determine, by the computer system, that access to each of the plurality of services is supported by a different security protocol of one or more security protocols;
  
  generate, by the computer system, according to the security protocol supporting the access to each of the plurality of services, a security token for each of the plurality of services based on an authentication of a user;
  
  generate a plurality of converted requests, wherein each of the plurality of converted requests is generated for a different service of the plurality of services, wherein each of the plurality of converted requests includes the security token generated according to the security protocol supporting the access to the different service, wherein each of the plurality of converted requests has format corresponding to a second protocol for communication with the one or more enterprise computer systems that provides the different service, and wherein each of the plurality of converted requests includes converting the request from the format of the first protocol to the format of the second protocol;
  
  send, by the computer system, each of the plurality of converted requests to one of the one or more enterprise computer systems;
  
  convert a response to one or more of the plurality of converted requests, wherein the response has the format of the second protocol, wherein the response is converted from the format of the second protocol to the format of the first protocol, and wherein the response is received from an enterprise computer system of the one or more enterprise computer systems and has the format of the second protocol; and
  
  provide the converted response to the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Loo, Kaj van de
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
GIDDINS, NELSON S

Application Number

US14/942,930
Publication Number

US 20160072789A1
Time in Patent Office

610 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6236   between heterogeneous systems

G06F 8/65   Updates security arrangemen...

G06Q 10/10   Office automation; Time man...

H04L 41/0226   Mapping or translating mult...

H04L 63/02   for separating internal fro...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0281   Proxies

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/0853   using an additional device,...

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 67/02   based on web technology, e....

H04L 67/141   Setup of application sessio...

H04L 67/34   involving the movement of s...

H04L 67/565   Conversion or adaptation of...

H04L 69/08   Protocols for interworking;...

H04W 12/06   Authentication

H04W 12/084   using delegated authorisati...

H04W 12/30 : Security of mobile devices;...

H04W 12/63 : Location-dependent; Proximi...

H04W 4/18 : Information format or conte...

View All

Mobile cloud service architecture

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

65 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile cloud service architecture

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links