SESSION TIMEOUT USING ACCESS TOKEN REFRESH

Organization Name

Rubrik, Inc.

Inventor(s)

Praveen Kumar Subramanian Prabaharan of Bengaluru (IN)

Hao Wu of Mountain View CA (US)

Tanmay Bansal of Bengaluru (IN)

Saptarshi Polley of Bengaluru (IN)

SESSION TIMEOUT USING ACCESS TOKEN REFRESH - A simplified explanation of the abstract

This abstract first appeared for US patent application 18307142 titled 'SESSION TIMEOUT USING ACCESS TOKEN REFRESH

The abstract describes methods, systems, and devices for data management, specifically focusing on the process of obtaining and refreshing access tokens for applications.

• A client sends a login request with authentication parameters to a server for an application.
• The server responds with an access token that allows access to services associated with the application.
• The client can request a new access token before the current one expires, based on a session inactivity timeout timer.
• The application provides a new access token in response to the refresh request, allowing continued access to services.

Potential Applications: - Secure access management for applications and services - Improved user experience by seamlessly refreshing access tokens - Enhanced security measures for user authentication

Problems Solved: - Ensuring continuous access to services without interruptions - Mitigating security risks by regularly refreshing access tokens

Benefits: - Enhanced user security and privacy - Streamlined access to application services - Improved user experience with seamless token refresh process

Commercial Applications: Title: Secure Access Management System This technology can be utilized in various industries such as finance, healthcare, and e-commerce to enhance security measures and provide a seamless user experience. Market implications include increased trust from users and improved data protection compliance.

Prior Art: Readers can explore prior art related to access token management systems in the fields of cybersecurity, data management, and application development.

Frequently Updated Research: Stay informed about the latest advancements in access token management systems, cybersecurity protocols, and data protection measures to ensure the most up-to-date security practices are implemented.

Questions about Access Token Management: 1. How does the system ensure the security of access tokens during transmission? 2. What measures are in place to prevent unauthorized access to the application services?

Original Abstract Submitted

Methods, systems, and devices for data management are described. A client may transmit, to a server, a login request for an application. The login request may include authentication parameters associated with a user. The client may receive, from the server, an access token that supports access via a user interface to one or more services associated with the application before expiration of a time-to-live for the access token. The client may transmit, prior to expiration of the time-to-live for the access token and based on a session inactivity timeout timer being active, a refresh request for a new access token. The refresh request may include an indication of the access token. The application may receive the new access token in response to the refresh request, and the new access token supports access to the one or more services before expiration of a time-to-live for the new access token.