Multi-dimensional framework for defining criteria that indicate when authentication should be revoked
First Claim
Patent Images
1. An aggregator system comprising:
- a storage system configured to store;
authentication information associated with a client device, wherein the authentication information indicates that the client device has been authenticated,first rules information received from a first interested party, comprising a first quantitative parameter value and a first priority score;
second rules information received from a second interested party, comprising a second quantitative parameter value, and a second priority score;
processing circuitry implementing a credentials engine configured to;
calculate a resultant quantitative parameter value by performing a mathematical calculation on the first quantitative parameter value, the second quantitative parameter value, the first priority score, and the second priority score;
define criteria indicating when authentication of the client device will be revoked based on the resultant quantitative parameter value; and
invalidation circuitry configured to revoke authentication for the identified client device based on the criteria.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are presented for defining criteria that indicate when authentication for an identified client device should be revoked based on rules associated with interested parties. Authentication information is stored that indicates that an identified client device is authenticated. Rules that are associated with a plurality of interested parties and include rules of different rule types may also be stored. Criteria may be defined based on the rules and the authentication information, the criteria indicating when authentication of the identified client device should be revoked. Authentication of the identified client device may be revoked based on the criteria.
-
Citations
20 Claims
-
1. An aggregator system comprising:
-
a storage system configured to store; authentication information associated with a client device, wherein the authentication information indicates that the client device has been authenticated, first rules information received from a first interested party, comprising a first quantitative parameter value and a first priority score; second rules information received from a second interested party, comprising a second quantitative parameter value, and a second priority score; processing circuitry implementing a credentials engine configured to; calculate a resultant quantitative parameter value by performing a mathematical calculation on the first quantitative parameter value, the second quantitative parameter value, the first priority score, and the second priority score; define criteria indicating when authentication of the client device will be revoked based on the resultant quantitative parameter value; and invalidation circuitry configured to revoke authentication for the identified client device based on the criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
storing, on a storage device, authentication information associated with a client device, wherein the authentication information indicates that the client device has been authenticated, storing, on the storage device, first rules information received from a first interested party, comprising a first quantitative parameter value and a first priority score; storing, on the storage device, second rules information received from a second interested party, comprising a second quantitative parameter value, and a second priority score; calculating, using a credentials engine, a resultant quantitative parameter value by performing a mathematical calculation on the first quantitative parameter value, the second quantitative parameter value, the first priority score, and the second priority score; defining, using the credentials engine, criteria indicating when authentication of the client device will be revoked based on the resultant quantitative parameter value; and revoking, using invalidation circuitry, authentication for the identified client device based on the criteria. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification