Methods and systems for controlling access to resources in a gaming network

US 8,191,121 B2
Filed: 11/09/2007
Issued: 05/29/2012
Est. Priority Date: 11/10/2006
Status: Active Grant

First Claim

Patent Images

1. A method of controlling access to resources in a casino gaming network system, the method comprising:

receiving login information associated with a user accessing a client computer at an authorization Web service executed on a server, wherein the resources to which access is controlled are those in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;

sending data indicative of the login information from the authorization Web service to a database for verification;

receiving verification of the login information from the database;

creating a security session for the user;

storing data associated with the security session on the server; and

sending a user identifier associated with the security session to the client computer.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Web authorization service facilitates the control of access to resources in a casino gaming network system.

385 Citations

42 Claims

1. A method of controlling access to resources in a casino gaming network system, the method comprising:
- receiving login information associated with a user accessing a client computer at an authorization Web service executed on a server, wherein the resources to which access is controlled are those in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;
  
  sending data indicative of the login information from the authorization Web service to a database for verification;
  
  receiving verification of the login information from the database;
  
  creating a security session for the user;
  
  storing data associated with the security session on the server; and
  
  sending a user identifier associated with the security session to the client computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein receiving the login information further comprises:
    - receiving a user name and a pass phrase of the user.
  - 3. The method of claim 2, wherein receiving the login information further comprises:
    - receiving the user name and the pass phrase via a user interface application executed on the client computer.
  - 4. The method of claim 1, wherein the login information is received from the client computer in a Service Oriented Architecture Protocol (“
    - SOAP”
      
      ) message.
  - 5. The method of claim 1, wherein sending the data indicative of the login information further comprises:
    - sending the data indicative of the login information from the authorization Web service to the database via a directory service.
  - 6. The method of claim 5, wherein the directory service is Active Directory.
  - 7. The method of claim 1, wherein receiving the verification of the login information further comprises:
    - receiving a set of permissions associated with the user.
  - 8. The method of claim 7, wherein storing the security session data further comprises storing the set of permissions on the server.
  - 9. The method of claim 7, wherein the set of permissions comprises role-based access policies.
  - 10. The method of claim 1, wherein storing the security session data further comprises:
    - leasing memory on the server to store the security session data.
  - 11. The method of claim 10, wherein the security session ends when the memory lease expires.
  - 12. The method of claim 11, further comprising:
    - when the memory lease expires, sending the data indicative of the login information from the authorization Web service to the database for verification;
      
      receiving verification of the login information from the database;
      
      creating a new security session for the user on the server; and
      
      leasing the memory on the server.
  - 13. The method of claim 10, wherein the security session data comprises a user identifier, and a set of permissions associated with the user.
  - 14. The method of claim 1, further comprising:
    - receiving a request to authorize the user from a gaming-related Web service at the authorization Web service, the user authorization request including a user identifier associated with the user;
      
      determining a set of permissions associated with the user based at least in part on the user identifier; and
      
      sending data indicative of the set of permissions to the gaming-related Web service.
  - 15. The method of claim 14, wherein the stored security session data includes the set of permissions.
  - 16. The method of claim 14, wherein determining the set of permissions further comprises:
    - sending data indicative of the login information to the database; and
      
      receiving data indicative of the set of permissions at the authorization Web service from the database.
  - 17. The method of claim 14, wherein the user identifier included in the user authorization request is extracted from a SOAP header.

18. A method of accessing resources in a casino gaming network system, the method comprising:
- receiving user input at a client computer indicative of login information associated with a user, wherein the resources accessed are those in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, a casino slot operations, casino floor or an electronic gaming machine;
  
  sending the login information from the client computer to an authorization Web service executed on a server;
  
  receiving a user identifier from the authorization Web service;
  
  sending the user identifier in a Service Oriented Architecture Protocol (“
  
  SOAP”
  
  ) header to a gaming-related Web service;
  
  sending a request to the gaming-related Web service to access a resource in the casino gaming network; and
  
  receiving access to the resource without further user input indicative of the login information.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the user identifier and the resource request are sent together in a SOAP message.
  - 20. The method of claim 18, wherein receiving the user input further comprises:
    - receiving the user input indicative of the login information through a user interface application executed on the client computer; and
      
      storing the login information on the client computer via the user interface application.

21. A non-transitory computer-readable medium that stores instructions that cause a server to control access to resources in a casino gaming network system, by:
- receiving login information associated with a user accessing a client computer at an authorization Web service executed on the server, wherein the resources to which access is controlled are those in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;
  
  sending data indicative of the login information from the authorization Web service to a database for verification;
  
  receiving verification of the login information from the database;
  
  creating a security session for the user;
  
  storing data associated with the security session on the server; and
  
  sending a user identifier associated with the security session to the client computer.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 22. The non-transitory computer-readable medium of claim 21, wherein receiving the login information further comprises:
    - receiving a user name and a pass phrase of the user.
  - 23. The non-transitory computer-readable medium of claim 22, wherein receiving the login information further comprises:
    - receiving the user name and the pass phrase via a user interface application executed on the client computer.
  - 24. The non-transitory computer-readable medium of claim 21, wherein the login information is received from the client computer in a Service Oriented Architecture Protocol (“
    - SOAP”
      
      ) message.
  - 25. The non-transitory computer-readable medium of claim 21, wherein sending the data indicative of the login information further comprises:
    - sending the data indicative of the login information from the authorization Web service to the database via a directory service.
  - 26. The non-transitory computer-readable medium of claim 25, wherein the directory service is Active Directory.
  - 27. The non-transitory computer-readable medium of claim 21, wherein receiving the verification of the login information further comprises:
    - receiving a set of permissions associated with the user.
  - 28. The non-transitory computer-readable medium of claim 27, wherein storing the security session data further comprises storing the set of permissions on the server.
  - 29. The non-transitory computer-readable medium of claim 27, wherein the set of permissions comprises role-based access policies.
  - 30. The non-transitory computer-readable medium of claim 21, wherein storing the security session data further comprises:
    - leasing memory on the server to store the security session data.
  - 31. The non-transitory computer-readable medium of claim 30, wherein the security session ends when the memory lease expires.
  - 32. The non-transitory computer-readable medium of claim 31, wherein the instructions cause the server to control access to resources in the casino gaming network system, further by:
    - when the memory lease expires, sending the data indicative of the login information from the authorization Web service to the database for verification;
      
      receiving verification of the login information from the database;
      
      creating a new security session for the user on the server; and
      
      leasing the memory on the server.
  - 33. The non-transitory computer-readable medium of claim 30, wherein the security session data comprises a user identifier, and a set of permissions associated with the user.
  - 34. The non-transitory computer-readable medium of claim 21, wherein the instructions cause the server to control access to resources in the casino gaming network system, further by:
    - receiving a request to authorize the user from a gaming-related Web service at the authorization Web service, the user authorization request including a user identifier associated with the user;
      
      determining a set of permissions associated with the user based at least in part on the user identifier; and
      
      sending data indicative of the set of permissions to the gaming-related Web service.
  - 35. The non-transitory computer-readable medium of claim 34, wherein the stored security session data includes the set of permissions.
  - 36. The non-transitory computer-readable medium of claim 34, wherein determining the set of permissions further comprises:
    - sending data indicative of the login information to the database; and
      
      receiving data indicative of the set of permissions at the authorization Web service from the database.
  - 37. The non-transitory computer-readable medium of claim 34, wherein the user identifier included in the user authorization request is extracted from a SOAP header.

38. A non-transitory computer-readable medium that stores instructions that cause a client computer to access resources in a casino gaming network system, by:
- receiving user input at the client computer indicative of login information associated with a user, wherein the resources accessed are those in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;
  
  sending the login information from the client computer to an authorization Web service executed on a server;
  
  receiving a user identifier from the authorization Web service;
  
  sending the user identifier in a Service Oriented Architecture Protocol (“
  
  SOAP”
  
  ) header to a gaming-related Web service;
  
  sending a request to the gaming-related Web service to access a resource in the casino gaming network system; and
  
  receiving access to the resource without further user input indicative of the login information.
- View Dependent Claims (39, 40)
- - 39. The non-transitory computer-readable medium of claim 38, wherein the user identifier and the resource request are sent together in a SOAP message.
  - 40. The non-transitory computer-readable medium of claim 38, wherein receiving the user input further comprises:
    - receiving the user input indicative of the login information through a user interface application executed on the client computer; and
      
      storing the login information on the client computer via the user interface application.

41. A method of controlling access to a resource in a casino gaming network system, the method comprising:
- receiving a request from a user to access a resource at a gaming-related Web service, wherein the resource is in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;
  
  receiving a user identifier from the user in a Service Oriented Architecture Protocol (“
  
  SOAP”
  
  ) header;
  
  sending data indicative of the user identifier from the gaming-related Web service to an authorization Web service;
  
  receiving a set of permissions associated with the user from the authorization Web service; and
  
  granting access to the resource based at least in part on the received set of permissions.

42. A non-transitory computer-readable medium that stores instructions that cause a server to control access to a resource in a casino gaming network system, by:
- receiving a request from a user to access a resource at a gaming-related Web service, wherein the resource is in the casino gaming network system, the casino gaming network system being of a casino having games wherein money or credits are exchanged based on the outcome of game play, and wherein the resources to which access is controlled are those of one of a gaming machine, a gaming floor, casino slot operations, a casino floor or an electronic gaming machine;
  
  receiving a user identifier from the user in a Service Oriented Architecture Protocol (“
  
  SOAP”
  
  ) header;
  
  sending data indicative of the user identifier from the gaming-related Web service to an authorization Web service;
  
  receiving a set of permissions associated with the user from the authorization Web service; and
  
  granting access to the resource based at least in part on the received set of permissions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LNW Gaming Incorporated
Original Assignee
Bally Gaming Incorporated (Scientific Games Corporation)
Inventors
Ruppert, Ryan, Deng, Haiyang
Primary Examiner(s)
Tran, Ellen

Application Number

US11/938,163
Publication Number

US 20080155665A1
Time in Patent Office

1,663 Days
Field of Search

713/171, 713/183, 726/1, 726/2, 726/3, 726/4
US Class Current

726/5
CPC Class Codes

G07F 17/32 for games, toys, sports, or...

Methods and systems for controlling access to resources in a gaming network

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

385 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for controlling access to resources in a gaming network

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

385 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links