Authentication objects with attestation
First Claim
Patent Images
1. A computer-implemented method, comprising:
- under the control of a client computing device configured with executable instructions,generating a graphical user interface that makes a plurality of graphical representations available for selection, at least a subset of the graphical representations including a graphical representation that represents a set of actions for authenticating an identity with a service provider system;
receiving, from a user input device, user input indicating a user selection from the plurality of graphical representations of the graphical representation and a request to authenticate with the service provider system, wherein the selection of the representation is a result of a drag and drop operation using the graphical user interface; and
as a result of receiving the user input;
obtaining an attestation that a component of the client computing device is of a particular version;
obtaining an authentication claim that is based at least in part on the attestation and that corresponds to the graphical representation selected, the authentication claim sufficient for authenticating the identity with the service provider system; and
providing the authentication claim to the service provider system so that the service provider system can authenticate the identity using the authentication claim.
1 Assignment
0 Petitions
Accused Products
Abstract
Representations of authentication objects are selectable through a user interface, such as through a drag and drop operation. When an authentication object is selected by a user, a corresponding authentication object (e.g., in the form of an authentication claim) is transmitted to s system for authentication. The authentication object may contain information that is sufficient for authentication with the system and the information may include an attestation to the state of a computing environment from which the authentication object is transmitted.
144 Citations
23 Claims
-
1. A computer-implemented method, comprising:
-
under the control of a client computing device configured with executable instructions, generating a graphical user interface that makes a plurality of graphical representations available for selection, at least a subset of the graphical representations including a graphical representation that represents a set of actions for authenticating an identity with a service provider system; receiving, from a user input device, user input indicating a user selection from the plurality of graphical representations of the graphical representation and a request to authenticate with the service provider system, wherein the selection of the representation is a result of a drag and drop operation using the graphical user interface; and as a result of receiving the user input; obtaining an attestation that a component of the client computing device is of a particular version; obtaining an authentication claim that is based at least in part on the attestation and that corresponds to the graphical representation selected, the authentication claim sufficient for authenticating the identity with the service provider system; and providing the authentication claim to the service provider system so that the service provider system can authenticate the identity using the authentication claim. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer system, comprising:
-
one or more processors; and memory including executable instructions that, as a result of execution by the one or more processors, cause the computer system to; provide a set of representations for selection via an interface on a client computing device, a representation of the set of representations associated with a set of actions for authenticating an identity with a service provider system; receive a selection of the representation from the set of representations, wherein the selection of the representation is a result of a drag and drop operation using a graphical user interface; as a result of the selection of the representation, obtain an authentication claim that is sufficient, as a result of an attestation at least including an attestation to a component of the client computing device having a particular version, for authenticating the identity; and provide the authentication claim for authentication. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to at least:
-
receive input indicating a selection, via an interface on a client computing device and from a set of representations, of a representation of a set of actions for authenticating an identity, wherein the selection of the representation is a result of a drag and drop operation using a graphical user interface; as a result of the selection of the representation, obtain an authentication claim, the authentication claim sufficient for authentication as a result of including an attestation to a component of the client computing device having a particular version; and provide the authentication claim for authentication of the identity. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
Specification