What technology area does this patent fall under?

Primary CPC classification H04W12/66. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu Sep 03 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Complex composite tokens

US2020280846A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2020280846-A1
Application number	US-201916288689-A
Country	US
Kind code	A1
Filing date	Feb 28, 2019
Priority date	Feb 28, 2019
Publication date	Sep 3, 2020
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor.

First claim

Opening claim text (preview).

What is claimed is: 1 . A computer-implemented authorization delegation method for extension of OAuth multiple actor delegation, the method comprising: receiving a first authorization request from a subject client; responding to the first authorization by sending a first token having a first set of permissions to the subject client; receiving a second authorization request from a first partner actor, the second authorization request including the first token; responding to the second authorization request by: linking the first partner actor to the subject client in a trust stack pertaining to the subject client, and sending a second token to the first actor partner with a second set of permissions, where the second token comprises a first complex token that identifies the subject client and the first partner actor; receiving a third authorization request from a second partner actor, the third authorization request including the second token; responding to the third authorization request by: linking the second partner actor to the first partner actor in the trust stack, and sending a third token to the second actor partner with a third set of permissions, where the third token comprises a second complex token that identifies the first partner actor and the second partner actor. 2 . The method of claim 1 , the method including: receiving an access request to a resource from the second partner actor, the access request including the third token; and granting access to the resource based on the third set of permissions. 3 . The method of claim 2 , the method including: determining the second set of permissions based on either a union or intersection of permissions for the subject client and permissions for the first partner actor. 4 . The method of claim 3 , the method including: determining the third set of permissions based on either a union or intersection of permissions for the subject client, permissions for the first partner actor, and permissions for the third partner actor. 5 . The method of claim 1 , where the authorization delegation pertains to a financial transaction and: the first partner actor is not configured for compliance with a standard for secure handling of customer financial data; and the second partner actor is configured for compliance with the standard for secure handling of customer financial data. 6 . The method of claim 1 , where: the subject client comprises an end user; the first partner actor comprises a service provider to the end user; and the second partner actor comprises a subcontractor to the first partner. 7 . The method of claim 6 , where: the second partner actor is configured to provide one or more of shipping, packaging, warehousing and insurance to the first partner. 8 . A system for trust delegation, the system comprising: one or more processors; and one or more memory devices in communication with the one or more processors, the memory devices having computer-readable instructions stored thereupon that, when executed by the processors, cause the processors to: receive a first authorization request from a subject client; respond to the first authorization by sending a first token having a first set of permissions to the subject client; receive a second authorization request from a first partner actor, the second authorization request including the first token; respond to the second authorization request by: linking the first partner actor to the subject client in a trust stack pertaining to the subject client, and sending a second token to the first actor partner with a second set of permissions, where the second token comprises a first complex token that identifies the subject client and the first partner actor; receive a third authorization request from a second partner actor, the third authorization request including the second token; respond to the third authorization request by: linking the second partner actor to the first partner actor in the trust stack, and sending a third token to the second actor partner with a third set of permissions, where the third token comprises a second complex token that identifies the first partner actor and the second partner actor. 9 . The system of claim 8 , the system including stored instructions that, when executed by the processors, cause the processors to: receive an access request to a resource from the second partner actor, the access request including the third token; and grant access to the resource based on the third set of permissions. 10 . The system of claim 9 , the system including stored instructions that, when executed by the processors, cause the processors to: determine the second set of permissions based on either a union or intersection of permissions for the subject client and permissions for the first partner actor. 11 . The system of claim 10 , the system including stored instructions that, when executed by the processors, cause the processors to: determine the third set of permissions based on either a union or intersection of permissions for the subject client, permissions for the first partner actor, and permissions for the third partner actor. 12 . The system of claim 8 , where the authorization delegation pertains to a financial transaction and: the first partner actor is not configured to comply with a standard for secure handling of customer financial data; and the second partner actor is configured to comply with the standard for secure handling of customer financial data. 13 . The method of claim 8 , where: the subject client comprises an end user; the first partner actor comprises a service provider to the end user; and the second partner actor comprises a subcontractor to the first partner. 14 . The system of claim 13 , where: the second partner actor is configured to provide one or more of shipping, packaging, warehousing and insurance to the first partner. 15 . A computer storage medium having computer executable instructions stored thereon which, when executed by one or more processors, cause the processors to execute an authorization delegation method for extension of OAuth multiple actor delegation, the method comprising: receiving a first authorization request from a subject client; responding to the first authorization by sending a first token having a first set of permissions to the subject client; receiving a second authorization request from a first partner actor, the second authorization request including the first token; responding to the second authorization request by: linking the first partner actor to the subject client in a trust stack pertaining to the subject client, and sending a second token to the first actor partner with a second set of permissions, where the second token comprises a first complex token that identifies the subject client and the first partner actor; receiving a third authorization request from a second partner actor, the third authorization request including the second token; responding to the third authorization request by: linking the second partner actor to the first partner actor in the trust stack, and sending a third token to the second actor partner with a third set of permissions, where the third token comprises a second complex token that identifies the first partner actor and the second partner actor. 16 . The computer storage medium of claim 15 , the method including: receiving an access request to a resource from the second partner actor, the access request including the third token; and granting access to t

Assignees

Ebay Inc

Inventors

Classifications

H04W12/66Primary
Trust-dependent, e.g. using trust scores or trust relationships · CPC title
H04L63/0869
for achieving mutual authentication (cryptographic mechanisms or cryptographic arrangements for mutual authentication H04L9/3273) · CPC title
H04L63/0884
by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity · CPC title
H04L9/3255
using group based signatures, e.g. ring or threshold signatures · CPC title
H04L63/10Primary
for controlling access to devices or network resources · CPC title

Patent family

Related publications grouped by family.

View patent family 68290039

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2020280846A1 cover?: Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with secon…
Who is the assignee on this patent?: Ebay Inc
What technology area does this patent fall under?: Primary CPC classification H04W12/66. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu Sep 03 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).