Techniques for securing electronic identities
First Claim
1. A method for generating temporarily assigned identity information, comprising:
- authenticating identity information associated with a request received from a requestor for accessing a service;
generating temporarily assigned identity information for the requestor;
updating a protected identity directory with the temporarily assigned identity information; and
transmitting the request and the temporarily assigned identity information to the service on behalf of the requester, wherein the service accesses the protected identity directory with the temporarily assigned identity information to authenticate the requestor for access.
11 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and data stores generate and manage temporarily assigned identities. A requestor issues a request for a service. The request includes an identity used for authenticating the requestor. The identity is used for generating an identity configuration and for generating a temporarily assigned identity that is updated to a protected identity directory. The request and the temporarily assigned identity are transmitted to the service. The service uses the temporarily assigned identity to access the protected identity directory for purposes of authenticating the request. The service uses the authenticated request to access attributes associated with the temporarily assigned identity.
80 Citations
34 Claims
-
1. A method for generating temporarily assigned identity information, comprising:
-
authenticating identity information associated with a request received from a requestor for accessing a service;
generating temporarily assigned identity information for the requestor;
updating a protected identity directory with the temporarily assigned identity information; and
transmitting the request and the temporarily assigned identity information to the service on behalf of the requester, wherein the service accesses the protected identity directory with the temporarily assigned identity information to authenticate the requestor for access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for generating temporarily assigned identity information, comprising:
-
acquiring a request for a service;
authenticating the request;
compiling an identity configuration for the request;
generating temporarily assigned identity information for the request using the identity configuration; and
transmitting the temporarily assigned identity information and the request to the service. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. An identity information management system, comprising:
-
a proxy server that intercepts requests made for services, wherein the requests are associated with requestors;
a local identity mapping store for housing mappings between temporarily assigned identity information and identity configurations, the temporarily assigned identity information and the identity configurations are generated from identity information provided with the requests; and
a protected identity directory updated with the temporarily assigned identity information and accessed by the services in order to authenticate the requests, wherein the requests and the temporarily assigned identity information are transmitted to the services on behalf of the requesters. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A data store residing in a computer-readable medium, for managing identity information, the data store comprising:
-
identity configuration information generated in response to a request made from a requestor for a service; and
temporarily assigned identity information generated for the identity configuration and used by the service for authenticating the requestor. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34)
-
Specification