METHODS AND SYSTEMS FOR SINGLE SIGN-ON WHILE PROTECTING USER PRIVACY

US 20140366110A1
Filed: 06/07/2013
Published: 12/11/2014
Est. Priority Date: 06/07/2013
Status: Active Grant

First Claim

Patent Images

1. A method for enabling applications to reference user information, the method comprising:

receiving, from an application, a first request for a first user identifier that references a user of the application;

sending a second request for the first user identifier to a server, wherein the second request includes a second user identifier that references the user and a second authentication token for the second user identifier, and the second user identifier and the second authentication token are not accessible by the user;

receiving, from the server, the first user identifier and a first authentication token for the first user identifier, wherein the first user identifier corresponds to the second identifier; and

providing the first user identifier and the first authentication token to the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of enabling applications to reference user information is provided, including receiving a request for a user identifier that references a user of the application and sending a second request for the user identifier to a server. The second request may include a second user identifier that references the user and a second authentication token for the second user identifier. Furthermore, the second user identifier and the second authentication token are not accessible by the user. The method includes receiving the user identifier and an authentication token for the first user identifier. The user identifier corresponds to the second identifier; and providing the user identifier and authentication token to the application. A method of enabling an application to identify users associated with a user of the application is provided; the method may include receiving, from the server, user identifiers that reference one or more users scoped to the application.

Citations

20 Claims

1. A method for enabling applications to reference user information, the method comprising:
- receiving, from an application, a first request for a first user identifier that references a user of the application;
  
  sending a second request for the first user identifier to a server, wherein the second request includes a second user identifier that references the user and a second authentication token for the second user identifier, and the second user identifier and the second authentication token are not accessible by the user;
  
  receiving, from the server, the first user identifier and a first authentication token for the first user identifier, wherein the first user identifier corresponds to the second identifier; and
  
  providing the first user identifier and the first authentication token to the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the second request further includes a container identifier that identifies a container associated with the application, andthe first user identifier is accessible by applications when the applications are associated with the container.
  - 3. The method of claim 1, further comprising:
    - receiving, at the server from a computing device, the second request, including the second user identifier and the authentication token;
      
      determining whether an association exists between the second user identifier and an application-accessible user identifier; and
      
      sending the application-accessible user identifier and an associated application-accessible authentication token to the computing device, wherein the first user identifier is the application-accessible user identifier.
  - 4. The method of claim 3, wherein receiving the second request includes receiving a container identifier that identifies a container associated with the application, and identifying a container association with the container identifier;
    - anddetermining whether an association exists further comprises determining whether an association exists between the container identifier and the second user identifier, wherein the first user identifier is accessible by applications associated with the container when the association exists.
  - 5. The method of claim 3, further comprising:
    - in response to determining that an association does not exist between the second user identifier and an application-accessible user identifier;
      
      generating a new application-accessible user identifier, andcreating an association between the second user identifier and the new application-accessible user identifier.
  - 6. The method of claim 5, wherein the association is represented by a mapping table, and creating an association between the second user identifier and the new application-accessible user identifier comprises creating an entry in the mapping table that maps the second user identifier to the new application-accessible user identifier.
  - 7. The method of claim 3, wherein the association is represented by a mapping table, and determining whether an association exists between the second user identifier and an application-accessible user identifier comprises searching the mapping table for an entry that includes the second user identifier.
  - 8. The method of claim 1, wherein the authentication token can be used to verify an identity of the user.

9. A method for enabling an application to identify one or more users associated with a first user of the application, the method comprising:
- receiving, from an application, contact information that can be used to identify one or more users;
  
  receiving, from the application, a request for one or more user identifiers that reference the one or more users;
  
  sending, to a server, the contact information and the request for one or more user identifiers that reference the one or more users;
  
  receiving, from the server, the one or more user identifiers that reference one or more users, and a correlation between the one or more user identifiers and the one or more users; and
  
  providing the one or more user identifiers and the correlation between the one or more user identifiers and the one or more users to the application.
- View Dependent Claims (10)
- - 10. The method of claim 9, wherein the contact information comprises a list of email addresses associated with the one or more users, andthe correlation between the one or more user identifiers and the one or more users includes a mapping between the one or more user identifiers and email addresses in the list of email addresses that correspond to the one or more user identifiers.

11. A method of enabling an application to identify one or more users associated with a first user of the application, the method comprising:
- receiving, from an application, a request for one or more user identifiers that reference one or more users in the first user'"'"'s contact list,wherein the first user'"'"'s contact list is not accessible to the application;
  
  sending, to a server, the request for one or more user identifiers that reference one or more users in the first user'"'"'s contact list;
  
  receiving, from the server, the one or more user identifiers that reference one or more users; and
  
  providing the one or more user identifiers to the application.
- View Dependent Claims (12)
- - 12. The method of claim 11, further comprising sending, to the server, the first user'"'"'s contact list.

13. A method for discovering address books in network-based software applications, the method comprising:
- querying an address book in the client device;
  
  providing the address book to a server;
  
  selecting vetted addresses from the server;
  
  querying user identifiers (IDs) for e-mail and phone numbers in the address book; and
  
  providing a contact-to-user ID mapping to the client device.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, further comprising providing a prompt to a user handling the client device.
  - 15. The method of claim 13, wherein selecting vetted addresses from the server comprises comparing addresses in the address book with addresses in a container stored in the server.
  - 16. The method of claim 13, wherein selecting vetted addresses from the server comprises selecting an address of a registered user included in the container.
  - 17. The method of claim 13, further comprising creating a map in the container.
  - 18. The method of claim 17, wherein creating a map in the container comprises adding a line to an already existing map in the container, the line including a user ID associated with personal information, the personal information comprising a user e-mail and a user phone number.

19. A method for creating e-mail user lists, the method comprising:
- requesting user permission for information discover and discovery scope in an address book;
  
  making the address book discoverable;
  
  adding the user to an e-mail list stored in a server; and
  
  receiving a user interface from the server to generate e-mails.
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising allowing a user in the e-mail list to toggle discoverability settings and e-mail alert settings.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
HUHN, Derrick S., WERNER, Jeremy M., PATTEKAR, Amol V.

Granted Patent

US 9,479,490 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/45   Structures or tools for the...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

METHODS AND SYSTEMS FOR SINGLE SIGN-ON WHILE PROTECTING USER PRIVACY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS AND SYSTEMS FOR SINGLE SIGN-ON WHILE PROTECTING USER PRIVACY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links