Method and apparatus for single sign-on collaboraton among mobile devices
First Claim
1. An apparatus for enabling a user of a first mobile device to extend user authentication credentials to a second mobile device, the apparatus comprising:
- a server having a processor that is configured to;
issue and send a first identity token to the first mobile device, wherein the first identity token can be utilized to authenticate the user of the first mobile device to a service provider;
establish a collaboration key with the first mobile device, wherein generation of the collaboration key is based on one or more of user authentication and receipt of a request, associated with the first identity token, for a collaboration key;
receive a collaboration credential from the second mobile device, wherein the collaboration credential is based on, the collaboration key;
verify the collaboration credential received from the second mobile device; and
in response to verifying the collaboration credential received from the second mobile device, issue and send a second identity token to the second mobile device, wherein the second identity token can be utilized to authenticate the user at second mobile device to the service provider;
the processor further is configured to receive, from the first mobile device a collaboration notification that identifies the first mobile device as a source of the collaboration credential and identifies the second mobile device as a recipient of the collaboration credential.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration key to the first device based on the first identity token or user authentication. The first device generates and sends a collaboration credential based on the collaboration key to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.
157 Citations
27 Claims
-
1. An apparatus for enabling a user of a first mobile device to extend user authentication credentials to a second mobile device, the apparatus comprising:
a server having a processor that is configured to; issue and send a first identity token to the first mobile device, wherein the first identity token can be utilized to authenticate the user of the first mobile device to a service provider; establish a collaboration key with the first mobile device, wherein generation of the collaboration key is based on one or more of user authentication and receipt of a request, associated with the first identity token, for a collaboration key; receive a collaboration credential from the second mobile device, wherein the collaboration credential is based on, the collaboration key; verify the collaboration credential received from the second mobile device; and in response to verifying the collaboration credential received from the second mobile device, issue and send a second identity token to the second mobile device, wherein the second identity token can be utilized to authenticate the user at second mobile device to the service provider; the processor further is configured to receive, from the first mobile device a collaboration notification that identifies the first mobile device as a source of the collaboration credential and identifies the second mobile device as a recipient of the collaboration credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A method for enabling a user of a first mobile device to extend user authentication credentials to a second mobile device, the method comprising:
-
issuing and sending a first identity token to the first mobile device, wherein the first identity token can be utilized to authenticate the user of the first mobile device to a service provider; establishing a collaboration key with the first mobile device, wherein generation of the collaboration key is based on one or more of user authentication and receipt of a request, associated with the first identity token, for a collaboration key and wherein the collaboration credential is sharable among a plurality of mobile devices; receiving a collaboration credential from the second mobile device wherein the collaboration credential is different from, and is based on, the collaboration key; verifying the collaboration credential received from the second mobile device; and in response to verifying the collaboration credential received from the second mobile device, issuing and sending a second identity token to the second mobile device, wherein the second identity token can be utilized to authenticate the second mobile device to the service provider; receiving a collaboration notification that identifies the first mobile device as a source of the collaboration credential and identifies the second mobile device as a recipient of the collaboration credential. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus for enabling single sign-on collaboration among a plurality of mobile devices, the apparatus comprising:
a mobile device comprising a processor that is configured to; receive each of a first identity token and a collaboration key from a server, wherein the first identity token can be utilized to authenticate a user of the mobile device to a service provider; generate a collaboration credential based on the collaboration key, wherein the collaboration credential is different from the collaboration key, is sharable among the plurality of mobile devices, and is configured to enable each mobile device of the plurality of mobile devices to obtain an identity token; and send the collaboration credential to another mobile device; wherein the processor further is configured to send a collaboration notification to the server, wherein the collaboration notification identifies the mobile device as a source of the collaboration credential and identifies the another mobile device as a recipient of the collaboration credential. - View Dependent Claims (22, 23, 24)
-
25. A method for enabling single sign-on collaboration among a plurality of mobile devices, the method comprising:
-
receiving, by a mobile device of the plurality of mobile devices, each of a first identity token and a collaboration key from a server, wherein the first identity token can be utilized to authenticate a user of a mobile device to a service provider; generating a collaboration credential based on the collaboration key, wherein the collaboration credential is different from the collaboration key, is sharable among the plurality of mobile devices, and is configured to enable each mobile device of the plurality of mobile devices to obtain an identity token; and send the collaboration credential to another mobile device of the plurality of mobile devices; sending a collaboration notification to the server, wherein the collaboration notification-identifies the mobile device as a source of the collaboration credential and identifies the another mobile device as a recipient of the collaboration credential. - View Dependent Claims (26, 27)
-
Specification