Enhanced security of process control instruments
US-2024210907-A1 · Jun 27, 2024 · US
User authentication of applications on third-party devices via user devices
US9628475B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9628475-B2 |
| Application number | US-201514702578-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 1, 2015 |
| Priority date | Jun 27, 2012 |
| Publication date | Apr 18, 2017 |
| Grant date | Apr 18, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In one embodiment, a first computing device receives an access token from a second computing device, the access token being generated by the second computing device for a specific software application executing on a specific computing device; stores the access token; receives a request for the access token from a software application executing on a third computing device; verifies whether the software application is the same as the specific software application and the third computing device is the same as the specific computing device for which the access token is generated; and sends the access token to the third computing device only when the software application is the same as the specific software application and the third computing device is the same as the specific computing device for which the access token is generated.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, at a first computing device, a request for an access token stored on the first computing device, wherein the request was sent from a software application executing on a second computing device, wherein the request comprises an application token, the application token being generated by the second computing device based on an application identifier and a secret key of the software application, and wherein the access token was generated for a specific software application executing on a specific computing device; verifying, by the first computing device and based on the application token, that the software application executing on the second computing device is the same as the specific software application and the second computing device is the same as the specific computing device for which the access token was generated; and in response to receiving a positive verification, sending, by the first computing device, the access token to the second computing device. 2. The method of claim 1 , wherein the access token was received at the first computing device from a third computing device, wherein the access token was generated by the third computing device for the specific software application executing on the specific computing device. 3. The method of claim 2 , wherein: the first computing device is associated with a social network; the third computing device is associated with a user of the social network; and the second computing device is associated with a second party connected with the social network. 4. The method of claim 3 , wherein the access token is stored in connection with the user at the social network. 5. The method of claim 3 , further comprising: receiving, at the first computing device, information associated with the user from the second computing device; storing, by the first computing device, the information at the social network. 6. The method of claim 2 , wherein: the specific software application has a unique application identifier and a set of permissions; the specific computing device has a unique device identifier; and the access token is generated by the third computing device based on the unique application identifier, the set of permissions, and the unique device identifier. 7. The method of claim 6 , wherein: the specific computing device has a radio-frequency identification (RFID) tag; and a tag identifier of the RFID tag is used as the unique device identifier of the specific computing device. 8. The method of claim 7 , wherein: the third computing device has a RFID reader; and the third computing device reads the RFID tag of the specific computing device to obtain the unique application identifier of the specific software application and the unique device identifier of the specific computing device. 9. The method of claim 6 , wherein: the specific computing device displays a QR code; and the QR code is encoded with the unique application identifier of the specific software application and the unique device identifier of the specific computing device. 10. The method of claim 9 , wherein: the third computing device has a QR code reader; and the third computing device reads the QR code of the specific computing device to obtain the unique application identifier of the specific software application and the unique device identifier of the specific computing device. 11. The method of claim 9 , wherein the QR code is further encoded with the set of permissions. 12. The method of claim 2 , wherein the third computing device and the second computing device are mobile devices. 13. One or more computer-readable non-transitory storage media embodying software operable when executed by one or more processors to: receive, at a first computing device, a request for an access token stored on the first computing device, wherein the request was sent from a software application executing on a second computing device, wherein the request comprises an application token, the application token being generated by the second computing device based on an application identifier and a secret key of the software application, and wherein the access token was generated for a specific software application executing on a specific computing device; verify, by the first computing device and based on the application token, that the software application executing on the second computing device is the same as the specific software application and the second computing device is the same as the specific computing device for which the access token was generated; and in response to receiving a positive verification, send, by the first computing device, the access token to the second computing device. 14. The media of claim 13 , wherein the access token was received at the first computing device from a third computing device, wherein the access token was generated by the third computing device for the specific software application executing on the specific computing device. 15. The media of claim 14 , wherein: the first computing device is associated with a social network; the third computing device is associated with a user of the social network; and the second computing device is associated with a second party connected with the social network. 16. The media of claim 15 , wherein the access token is stored in connection with the user at the social network. 17. The media of claim 15 , further comprising: receiving, at the first computing device, information associated with the user from the second computing device; storing, by the first computing device, the information at the social network. 18. The media of claim 14 , wherein: the specific software application has a unique application identifier and a set of permissions; the specific computing device has a unique device identifier; and the access token is generated by the third computing device based on the unique application identifier, the set of permissions, and the unique device identifier. 19. A computing device comprising: one or more processors; and a memory coupled to the processors comprising instructions executable by the processors, the processors being operable when executing the instructions to: receive, at the computing device, a request for an access token stored on the computing device, wherein the request was sent from a software application executing on an other computing device, wherein the request comprises an application token, the application token being generated by the second computing device based on an application identifier and a secret key of the software application, and wherein the access token was generated for a specific software application executing on a specific computing device; verify, by the computing device and based on the application token, that the software application executing on the other computing device is the same as the specific software application and the other computing device is the same as the specific computing device for which the access token was generated; and in response to receiving a positive verification, send, by the computing device, the access token to the other computing device. 20. The media of claim 18 , wherein: the specific computing device has a radio-frequency identification (RFID) tag; and a tag identifier of the RFID tag is used as the unique device identifier of the specific computing device. 21. The media of claim 20 , wherein: the third computing device has a RFID r
Assignees
Inventors
Classifications
- G06F21/34Primary
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
- H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
based on web technology, e.g. hypertext transfer protocol [HTTP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9628475B2 cover?
- In one embodiment, a first computing device receives an access token from a second computing device, the access token being generated by the second computing device for a specific software application executing on a specific computing device; stores the access token; receives a request for the access token from a software application executing on a third computing device; verifies whether the s…
- Who is the assignee on this patent?
- Facebook Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/34. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 18 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).