Single sign-on for access to a central data repository

US 9,928,508 B2
Filed: 01/06/2006
Issued: 03/27/2018
Est. Priority Date: 08/04/2000
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing access to an information account stored in a central data repository that is accessible via a distributed network and is coupled to a database management system on a host server, wherein the host server is in communication via the distributed network with a network device, the method comprising:

transmitting, by the host server, a client-side application to a browser on the network device;

receiving, by the host server, over the distributed electronic network, consumer authentication information and a first request from the network device, via the client-side application, for access to the information account, the first request specifying information elements;

in response to the first request, authenticating, via a first authentication by the host server, a consumer with the database management system based on the consumer authentication information and providing access to the information account stored in the central data repository;

receiving, by the host server, a browser identifier from the network device;

receiving, by the host server, at least one subsequent authentication request from the browser on the network device for access to the information account;

based on the first authentication of the consumer, performing, by the host server, the at least one subsequent authentications with the database management system, using the browser identifier;

in response to the first request for access to the information account stored in the central data repository, retrieving, by the host server, the specified information elements from the information account; and

transmitting, by the host server, the specified information elements to the browser on the network device.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for providing access to an information account stored in a central data repository. The information account is associated with a consumer and is subject to the consumer'"'"'s control and management. Consumer authentication information is input by the consumer in connection with a first request for access to the information account via a first web-site. Responsive to authentication of the consumer, a single sign-on feature may be activated for automatically managing subsequent authentications of the consumer so that the consumer will not be required to again input the consumer authentication information upon initiating a second request for access to the information account while interacting with a subsequent web-site that is configured to provide access to the information account upon authentication of the consumer. The single sign-on function may be deactivated upon the occurrence of a terminating event, such as the expiration of a time-out interval.

207 Citations

12 Claims

1. A computer-implemented method for providing access to an information account stored in a central data repository that is accessible via a distributed network and is coupled to a database management system on a host server, wherein the host server is in communication via the distributed network with a network device, the method comprising:
- transmitting, by the host server, a client-side application to a browser on the network device;
  
  receiving, by the host server, over the distributed electronic network, consumer authentication information and a first request from the network device, via the client-side application, for access to the information account, the first request specifying information elements;
  
  in response to the first request, authenticating, via a first authentication by the host server, a consumer with the database management system based on the consumer authentication information and providing access to the information account stored in the central data repository;
  
  receiving, by the host server, a browser identifier from the network device;
  
  receiving, by the host server, at least one subsequent authentication request from the browser on the network device for access to the information account;
  
  based on the first authentication of the consumer, performing, by the host server, the at least one subsequent authentications with the database management system, using the browser identifier;
  
  in response to the first request for access to the information account stored in the central data repository, retrieving, by the host server, the specified information elements from the information account; and
  
  transmitting, by the host server, the specified information elements to the browser on the network device.
- View Dependent Claims (2, 3, 4, 5, 7, 8, 9)
- - 2. The method of claim 1, further comprising providing a first information element of the information account comprising one or more name fields to identify the consumer, and providing a second information element of the information account comprising one or more geographic address fields associated with the consumer.
  - 3. The method of claim 1, wherein transmitting the specified information elements to the network device comprises sending the specified information elements over the distributed electronic network.
  - 4. The method of claim 1, further comprising parsing the first request to obtain indications of the specified information elements.
  - 5. The method of claim 1, wherein retrieving the specified information elements from the information account further comprises filtering data from the information account with the database management system based on an identification of a second web-site.
  - 7. The method of claim 1, further comprising performing the at least one subsequent authentication by determining that a previous authentication of the consumer for access to the information account remains valid and generating a message to cause a subsequent web-site to skip a sign-on interface that would otherwise prompt input of the consumer authentication information when a subsequent request for access to the information account is initiated.
  - 8. The method of claim 1, wherein an authentication of the consumer remains valid if a subsequent request for access to the information account is initiated prior to the occurrence of a terminating event.
  - 9. The method of claim 8, wherein said terminating event comprises expiration of a time-out interval.

6. A computer readable memory storing instructions that, when executed by a host server, cause the host server to perform operations for accessing an information account stored in a central data repository that is accessible via a distributed electronic network and is coupled to a database management system, wherein the host server is in communication via the distributed network with a network device, the operations comprising:
- transmitting, by the host server, a client-side application to a browser on the network device;
  
  receiving, by the host server, over the distributed electronic network, consumer authentication information and a first request from the network device, via the client-side application, for access to the information account, the first request specifying information elements;
  
  in response to the first request, authenticating, via a first authentication by the host server, a consumer with the database management system based on the consumer authentication information and providing access to the information account stored in the central data repository;
  
  receiving, by the host server, a browser identifier from the network device;
  
  receiving, by the host server, at least one subsequent authentication request from the browser on the network device for access to the information account;
  
  based on the first authentication of the consumer, performing, by the host server, the at least one subsequent authentication with the database management system, using the browser identifier;
  
  in response to the first request for access to the information account stored in the central data repository, retrieving, by the host server, the specified information elements from the information account; and
  
  transmitting, by the host server, the specified information elements to the browser on the network device.
- View Dependent Claims (11)
- - 11. The computer readable memory of claim 6, wherein an authentication remains valid if a subsequent request for access to the information account is initiated prior to the occurrence of a terminating event.

10. A system for providing access to an information account stored in a central data repository that is accessible via a distributed network comprising:
- a host server for communicating with the central data repository and with a network device via the distributed electronic network; and
  
  a computer readable storage memory having instructions stored thereon that, when executed by the server, cause the host server to perform a method comprising;
  
  transmitting, by the host server, a client-side application to a browser on the network device;
  
  receiving, by the host server, over the distributed electronic network, consumer authentication information and a first request from the client application executing on the network device for access to the information account, the first request specifying information elements;
  
  in response to the first request, authenticating, via a first authentication by the host server, a consumer with the host server based on the consumer authentication information, thereby providing access to the information account stored in the central data repository;
  
  receiving, by the host server, a browser identifier from the network device;
  
  receiving, by the host server, at least one subsequent authentication request from the browser on the network device for access to the information account;
  
  based on the first authentication of the consumer, performing, by the host server, the at least one subsequent authentication of the consumer using the browser identifier;
  
  retrieving, by the host server, one or more information elements from the information account in response to the first request; and
  
  transmitting, by the host server, the one or more information elements to the browser on the network device.
- View Dependent Claims (12)
- - 12. The system of claim 10, wherein the information account comprises consumer information elements associated with at least one tag.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CXT Systems, Inc. (Quest Patent Research Corporation)
Original Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Inventors
Steele, Nick, Hawkins, Stan, Maranville, Joe, Bradnan, Andrew
Primary Examiner(s)
Hewitt, II, Calvin L
Assistant Examiner(s)
SHERR, CRISTINA O

Application Number

US11/327,176
Publication Number

US 20060200425A1
Time in Patent Office

4,463 Days
Field of Search

705 60- 65
US Class Current
CPC Class Codes

G06F 21/41   where a single sign-on prov...

G06Q 20/382   insuring higher security of...

H04L 63/0815   providing single-sign-on or...

H04L 67/02   based on web technology, e....

Single sign-on for access to a central data repository

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

207 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Single sign-on for access to a central data repository

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

207 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links