Server for managing home appliance and system including the same
US-2015111539-A1 · Apr 23, 2015 · US
Automatic upgrade from one step authentication to two step authentication via application programming interface
US2019065731A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2019065731-A1 |
| Application number | US-201715813712-A |
| Country | US |
| Kind code | A1 |
| Filing date | Nov 15, 2017 |
| Priority date | Aug 29, 2017 |
| Publication date | Feb 28, 2019 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A client transmits a user identifier and a password to a server via an application programming interface (API). The client establishes an authenticated session with the server in which the client has a first set of permissions for operations associated with the API. The client receives, responsive to a verification of the user identifier and password by the server, a logon response and a shared secret. The client generates a one time passcode (OTP) based upon the shared secret. The client sends the OTP to the server via the API. Responsive to the server validating the OTP against the shared secret, the server grants a second set of permissions for operations associated with the API.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: transmitting, by a client, a user identifier and a password to a server via an application programming interface (API); establishing an authenticated session with the server, the client having a first set of permissions for operations associated with the API; receiving, responsive to a verification of the user identifier and password by the server, a logon response and a shared secret; generating, by the client, a one time passcode (OTP) based upon the shared secret; sending the OTP to the server via the API; and granting, responsive to the server validating the OTP against the shared secret, a second set of permissions for operations associated with the API. 2 . The method of claim 1 , further comprising: receiving, by the client device, the user identifier and password, from a user. 3 . The method of claim 1 , wherein the receiving of the logon response and shared secret is responsive to a determination that a user associated with the user identifier is designated for upgrading from one factor authentication to two factor authentication. 4 . The method of claim 1 , further comprising: storing, by the client, the shared secret within client preferences associated with a user. 5 . The method of claim 1 , wherein the server is configured to store the shared secret within a user profile associated with a user. 6 . The method of claim 1 , wherein the API includes a Representational state transfer (REST) API. 7 . The method of claim 1 , wherein the second set of permissions is greater than the first set of permissions. 8 . The method of claim 1 , further comprising: transmitting the user ID, the password, and a current OTP generated based upon the shared secret to the server in a subsequent logon operation.
Assignees
Inventors
Classifications
applying multi-factor authentication · CPC title
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
- G06F21/31Primary
User authentication · CPC title
Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these (network architectures or network communication protocols for key exchange in a packet data network H04L63/061) · CPC title
involving passwords or one-time passwords (network architectures or network communication protocols for using one-time keys in a packet data network H04L63/067) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2019065731A1 cover?
- A client transmits a user identifier and a password to a server via an application programming interface (API). The client establishes an authenticated session with the server in which the client has a first set of permissions for operations associated with the API. The client receives, responsive to a verification of the user identifier and password by the server, a logon response and a shared…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/31. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Feb 28 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).