Method and system for providing a circle of trust on a network
First Claim
1. A method of providing a circle of trust comprising:
- receiving a first certificate of a first affiliated entity by a second affiliated entity;
storing said first certificate of said first affiliated entity in a first trusted partner list accessible by said second affiliated entity;
receiving a second certificate of said second affiliated entity by said first affiliated entity; and
storing said second certificate of said second affiliated entity in a second trusted partner list accessible by said second affiliated entity;
wherein access to a resource is controlled as a function of said first trusted partner list or said second trusted partner list.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a circle of trust on a network. The circle of trust is configured by exchanging credential of a first and a second affiliated entity. The credentials of the first affiliated entity is stored in a trusted partner list of the second affiliated entity. The credentials of the second affiliated entity is stored in a trusted partner list of the first affiliated entity. Thereafter, a circle of trust session may be provided when a client device initiates use of a resource on a relying party device by providing an authentication assertion reference. The identity of the issuing party of the authentication is determined as a function of the authentication assertion reference. The relying party sends an authentication query containing its credential to the issuing party. The issuing party determines if the relying party is a trusted entity based upon whether the relying party'"'"'s credential is contained in the trusted partner list of the issuing party.
51 Citations
32 Claims
-
1. A method of providing a circle of trust comprising:
-
receiving a first certificate of a first affiliated entity by a second affiliated entity;
storing said first certificate of said first affiliated entity in a first trusted partner list accessible by said second affiliated entity;
receiving a second certificate of said second affiliated entity by said first affiliated entity; and
storing said second certificate of said second affiliated entity in a second trusted partner list accessible by said second affiliated entity;
wherein access to a resource is controlled as a function of said first trusted partner list or said second trusted partner list. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of providing a circle of trust comprising:
-
initiating user of a resource on a relying party device by a client device, wherein an authentication assertion reference is provided by a client device;
determining an identity of an issuing party as a function of said authentication assertion reference;
sending an authentication request containing a certificate of said relying party to said issuing party;
determining if said certificate is contained in a trusted partner list of said issuing party;
sending an authentication assertion, indicating that said client has been authenticated, from said issuing party to said relying party when said certificate is contained in a trusted partner list of said issuing party;
sending an authentication assertion, indicating that said client has not been authenticated, from said issuing party to said relying party when said certificate is not contained in said trusted partner list of said issuing party; and
providing said requested resource to said client device by said relying party when said authentication assertion indicates that said client has been authenticated. - View Dependent Claims (9, 10, 11)
-
-
12. A system for providing a circle of trust comprising:
-
a first affiliated entity comprising;
a first administration module; and
a first trusted partner list communicatively coupled to said first administration module; and
said second affiliated entity comprising;
a second administration module; and
a second trusted partner list communicatively coupled to said second administration module. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for providing a circle of trust comprising:
-
a client device;
a first affiliated entity communicatively coupled to said client device and a second affiliated entity, comprising;
a first session module; and
a first authentication module; and
said second affiliated entity communicatively coupled to said client device and said first affiliated entity, comprising;
a second session module; and
a second trusted partner list. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
-
28. A computer readable-medium containing a plurality of instructions which when executed cause a network device to implement a method of providing a circle of trust comprising:
-
receiving a first network address of a first affiliated entity by a second affiliated entity;
storing said first network address of said first affiliated entity in a first trusted partner list accessable by said second affiliated entity;
receiving a second network address of said second affiliated entity by said first affiliated entity; and
storing said second network address of said second affiliated entity in a second trusted partner list accessable by said second affiliated entity. - View Dependent Claims (29, 30, 31, 32)
-
Specification