发明名称 |
System and method for managing tokens authorizing on-device operations |
摘要 |
A system and method can support on-device operation management. A token issuer on a backend server, and/or a tool, can generate an authorization token, which is bound to a user of one or more devices using a unique identifier (ID) that is assigned to the user. The unique ID can be known and/or shared between the an on-device authorizing entity and the token issuer. Then, the on-device authorizing entity can verify the authorization token before granting an execution of one or more protected on-device operations. Furthermore, the on-device authorizing entity may not grant the execution of the one or more protected on-device operations, when the unique ID is erased from the device. |
申请公布号 |
US9525705(B2) |
申请公布日期 |
2016.12.20 |
申请号 |
US201414220966 |
申请日期 |
2014.03.20 |
申请人 |
ORACLE INTERNATIONAL CORPORATION |
发明人 |
Violleau Thierry;Ponsini Nicolas;Van Haver Patrick |
分类号 |
G06F7/04;H04L29/06;G06F21/30;G06F21/31 |
主分类号 |
G06F7/04 |
代理机构 |
Tucker Ellis LLP |
代理人 |
Tucker Ellis LLP |
主权项 |
1. A method for supporting on-device operation management, comprising:
providing an on-device authorizing entity on a device that includes one or more microprocessors, wherein the on-device authorizing entity stores a unique identifier assigned to a user of the device, wherein the unique identifier is shared with a token issuer that stores the unique identifier; receiving, at the device, an authorization token generated by the token issuer, wherein the authorization token includes the unique identifier; verifying, by the on-device authorizing entity, the authorization token by comparing the unique identifier contained in the authorization token with the unique identifier stored in the on-device authorizing entity, to determine whether to grant an execution of one or more protected operations on the device; and wherein the token issuer operates to provision the unique identifier (ID) stored therein on the device after the device is reset, or on a new device, in response to a request by the user. |
地址 |
Redwood Shores CA US |