Secure authorization for accessing content on a shareable device
First Claim
1. A method of securely authorizing access to media content, comprising:
- receiving, from a first device, a first identification of a second device and a request to authorize access to the media content by the second device;
verifying a user account associated with the first device;
generating a token in a manner that prevents authentication information of a user of the first device from being derived from the token, the token being a randomly generated or arbitrary value;
associating the token with the first identification received from the first device;
sending the token to the first device, the token to be sent from the first device to the second device;
receiving, from the second device, the token and a second identification of the second device;
authenticating the second device based on comparing the second identification received from the second device to the first identification associated with the received token; and
authorizing access to the media content by the second device based on saidauthenticating and while the second device is associated with a user account different from the user account associated with the first device.
2 Assignments
0 Petitions
Accused Products
Abstract
Described is a process for securely authorizing access to media content from a first device to a second device. Access to content may be authorized by performing authentication from the first device. Information used for authentication (e.g. login information) is not shared with the second device. Instead, a token may be used to authenticate the second device. The authorization process may be done in a secure manner by sharing only the generated token with the second device. Authentication information may not be derived from the token, and accordingly, even if the second device is not secure or the token is exposed, authentication information remains secure.
67 Citations
20 Claims
-
1. A method of securely authorizing access to media content, comprising:
-
receiving, from a first device, a first identification of a second device and a request to authorize access to the media content by the second device; verifying a user account associated with the first device; generating a token in a manner that prevents authentication information of a user of the first device from being derived from the token, the token being a randomly generated or arbitrary value; associating the token with the first identification received from the first device; sending the token to the first device, the token to be sent from the first device to the second device; receiving, from the second device, the token and a second identification of the second device; authenticating the second device based on comparing the second identification received from the second device to the first identification associated with the received token; and authorizing access to the media content by the second device based on said authenticating and while the second device is associated with a user account different from the user account associated with the first device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of securely authorizing access to media content, comprising:
-
receiving, from a first device, a request to access the media content; authorizing access to the media content by the first device based on information received from the first device; receiving, from the first device, a first identification of a second device and a request to delegate access to the authorized media content to the second device; generating a token in a manner that prevents authentication information of a user of the first device from being derived from the token, the token being a randomly generated or arbitrary value; associating the token with the first identification received from the first device; sending the token to the first device, the token to be sent from the first device to the second device; receiving, from the second device, the token and a second identification of the second device; authenticating the second device based on comparing the second identification received from the second device to the first identification associated with the received token; and delegating access to the authorized media content to the second device based on said authenticating and while the second device is associated with a user account different from a user account associated with the first device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for securely authorizing access to media content, comprising a first server, the first server comprising:
-
communications circuitry configured to connect to a first device and a second device; and a processor configured to; receive, from the first device, a first identification of the second device and a request to authorize access to the media content by the second device; verify a user account associated with the first device; generate a token in a manner that prevents authentication information of a user of the first device from being derived from the token, the token being a randomly generated or arbitrary value; associate the token with the first identification received from the first device; send the token to the first device, the token to be sent from the first device to the second device; receive, from the second device, the token and a second identification of the second device; authenticate the second device based on comparing the second identification received from the second device to the first identification associated with the received token; and authorize access to the media content by the second device based on authentication of the second device and while the second device is associated with a user account different from the user account associated with the first device. - View Dependent Claims (18, 19)
-
-
20. A system for securely delegating access to media content, comprising a first server, the first server comprising:
-
communications circuitry configured to connect to a first device and a second device; and a processor configured to; receive, from the first device, a request to access the media content; authorize access to the media content by the first device based on information received from the first device; receive, from the first device, a first identification of the second device and a request to delegate access to the authorized media content to the second device; generate a token in a manner that prevents authentication information of a user of the first device from being derived from the token, the token being a randomly generated or arbitrary value; associate the token with the first identification received from the first device; send the token to the first device, the token to be sent from the first device to the second device; receive, from the second device, the token and a second identification of the second device; authenticate the second device based on comparing the second identification received from the second device to the first identification associated with the received token; and delegate access to the authorized media content to the second device based on authentication of the second device and while the second device is associated with a user account different from a user account associated with the first device.
-
Specification