logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 10834096 B1

PDFFull Text
Date of Patent:
Nov. 10, 2020

Filed:

Jun. 05, 2018

Methods and systems for controlling access to a protected resource

Applicant:

The Toronto-dominion Bank, Toronto, CA;

Inventors:

Milos Dunjic, Oakville, CA;

Anthony Haituyen Nguyen, Toronto, CA;

Yubing Liu, Toronto, CA;

Arthur Carroll Chow, Markham, CA;

Casey Lyn Doyle, Ajax, CA;

Richard John Frederick Thake, Cobourg, CA;

Mengfei Wang, Toronto, CA;

Aaron Ashish Hudali, Cambridge, CA;

Gregory Albert Kliewer, Barrie, CA;

Martin Albert Lozon, London, CA;

Yusbel Garcia Diaz, Toronto, CA;

Gareth Daly, Toronto, CA;

Masashi Kobayashi, Toronto, CA;

Randall John Bast, Oakville, CA;

Assignee:

THE TORONTO-DOMINION BANK, Toronto, Ontario, CA;

Attorney:

Rowand LLP

Primary Examiner:

Paul E Callahan

Int. Cl.
CPC ...
H04L 29/06 (2006.01); H04L 9/32 (2006.01); H04L 9/08 (2006.01); H04L 9/30 (2006.01);
U.S. Cl.
CPC ...
H04L 63/123 (2013.01); H04L 9/0869 (2013.01); H04L 9/3213 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); H04L 63/0442 (2013.01); H04L 63/10 (2013.01); H04L 9/30 (2013.01);
Abstract

A method for regulating access to a protected resource is disclosed. The method includes: receiving, from a client application executing on a first device, a first signal including a request to obtain an access token for accessing a protected resource, the request including: a client identifier uniquely identifying the client application; a user identifier uniquely identifying an end user of the client application; and a public key associated with the end user; in response to validating the request, transmitting, to the client application on the first device, a second signal including an access token for accessing the protected resource; receiving, from a web server associated with the protected resource, a third signal including a request to validate a bearer token submitted by the client application to the web server, the bearer token including a digital signature; validating the bearer token, the validating including verifying the digital signature using the public key; and in response to validating the bearer token, sending to the web server a fourth signal including a notification that the bearer token is valid.

Find Patent Forward Citations

Loading…