Method of assessing an organization's network identity capability
First Claim
1. A method of implementing network identity capability within an organization, the method comprising:
- assess the organization'"'"'s identity capabilities regarding the organization'"'"'s employees, customers, technology infrastructure, and relationships with business partners;
assessing the organization'"'"'s identity requirements regarding the employees, customers, technology infrastructure and relationships with business partners;
redesigning said technology infrastructure to accommodate said identity requirements;
enabling role-based access to services offered by the organization;
decoupling users'"'"' identity information from the users'"'"' access to said services, wherein the users include at least the employees and the customers; and
obtaining user identity information from a trusted identity provider service external to the organization.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of determining an organization'"'"'s network identity capability. The organization'"'"'s relationships with its employees, customers and business partners, and the organization'"'"'s technological infrastructure, are examined. By examining the organization'"'"'s use of identity data (e.g., data identifying customers, employees), the organization'"'"'s management of that data, and the technology infrastructure can be redesigned to enable better network identity capability. Improved network identity capability enables users'"'"' access to multiple applications or services through a single authentication process (e.g., a single login or sign-on), device-independent access to those applications and services, greater protection for the data, improved business processes and collaborations with business partners, etc.
108 Citations
30 Claims
-
1. A method of implementing network identity capability within an organization, the method comprising:
-
assess the organization'"'"'s identity capabilities regarding the organization'"'"'s employees, customers, technology infrastructure, and relationships with business partners;
assessing the organization'"'"'s identity requirements regarding the employees, customers, technology infrastructure and relationships with business partners;
redesigning said technology infrastructure to accommodate said identity requirements;
enabling role-based access to services offered by the organization;
decoupling users'"'"' identity information from the users'"'"' access to said services, wherein the users include at least the employees and the customers; and
obtaining user identity information from a trusted identity provider service external to the organization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer readable storage medium storing instructions that, when executed by a computer, cause the computer to perform a method of implementing network identity capability within an organization, the method comprising:
-
assess the organization'"'"'s identity capabilities regarding the organization'"'"'s employees, customers, technology infrastructure, and relationships with business partners;
assessing the organization'"'"'s identity requirements regarding the employees, customers, technology infrastructure and relationships with business partners;
redesigning said technology infrastructure to accommodate said identity requirements;
enabling role-based access to services offered by the organization;
decoupling users'"'"' identity information from the users'"'"' access to said services, wherein the users include at least the employees and the customers; and
obtaining user identity information from a trusted identity provider service external to the organization.
-
-
13. A method of assessing an organization'"'"'s network identity capability, comprising:
-
determining whether the organization offers a user access to multiple applications with a single authentication of the user'"'"'s identity;
determining whether access to the multiple applications requires authorization and authentication;
determining whether the user'"'"'s access to said applications is independent of the device employed by the user to access said applications;
determining whether the organization provides adequate protection of user identity data; and
determining whether the organization offers personalized, context-sensitive services to the user. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer readable storage medium storing instructions that, when executed by a computer, cause the computer to perform a method of assessing an organization'"'"'s network identity capability, the method comprising:
-
determining whether the organization offers a user access to multiple applications with a single authentication of the user'"'"'s identity;
determining whether access to the multiple applications requires authorization and authentication;
determining whether the user'"'"'s access to said applications is independent of the device employed by the user to access said applications;
determining whether the organization provides adequate protection of user identity data; and
determining whether the organization offers personalized, context-sensitive services to the user.
-
-
19. A method of assessing an organization'"'"'s network identity capabilities, comprising:
-
identifying a plurality of benefits achievable from implementing one or more network identity capabilities;
eliciting a first prioritization of said benefits for the organization;
categorizing said network identity capabilities into multiple categories corresponding to functional areas of the organization;
from at least one individual within each of the categories;
receiving a prioritization of a subset of said benefits;
receiving indications of the extent to which each said capability in the category is applied to achieve one or more of said benefits; and
aggregating said indications across all of the categories to report an assessment of the organization'"'"'s network identity capabilities. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer readable storage medium storing instructions that, when executed by a computer, cause the computer to perform a method of assessing an organization'"'"'s network identity capabilities, the method comprising:
-
identifying a plurality of benefits achievable from implementing one or more network identity capabilities;
eliciting a first prioritization of said benefits for the organization;
categorizing said network identity capabilities into multiple categories corresponding to functional areas of the organization;
from at least one individual within each of the categories;
receiving a prioritization of a subset of said benefits; and
receiving indications of the extent to which each said capability in the category is applied to achieve one or more of said benefits; and
aggregating said indications across all of the categories to report an assessment of the organization'"'"'s network identity capabilities.
-
Specification