Techniques for establishing and managing a distributed credential store
First Claim
1. A method for managing a distributed credential store, comprising:
- associating portions of an enterprise credential store to a principal credential store;
selectively synchronizing changes between the portions and the principal credential store; and
managing conflicts and the changes according to a policy.
11 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for establishing and managing a distributed credential store. An identity service aggregates identity information from one or more identity stores and maintains the information as a remote credential store. Initially, the remote credential store, or portions thereof, is transmitted to a principal service as an initial configuration of a local credential store. A principal interacts with the principal service for defining or modifying a policy that identifies portions of the remote credential store which are to be synchronized with the local credential store. In some embodiments, the principal interacts with the principal service for defining a local policy that identifies portions of the local credential store which are not synchronized with the remote credential store. The interactions between the credential stores are trusted and secured.
-
Citations
27 Claims
-
1. A method for managing a distributed credential store, comprising:
-
associating portions of an enterprise credential store to a principal credential store;
selectively synchronizing changes between the portions and the principal credential store; and
managing conflicts and the changes according to a policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for managing a distributed credential store, comprising:
-
establishing a trust relationship with a remote credential store;
receiving changes associated with one or more entries in the remote credential store into a local credential store; and
transmitting changes associated with one or more entries in the local credential store to the remote credential store. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A distributed credential management system, comprising:
-
a trust specification;
a local credential store; and
a remote credential store;
wherein the local credential store and the remote credential store interact with one another according to the trust specification, and wherein portions of the remote credential store are synchronized with portions of the local credential store and vice versa. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A distributed credential store, residing in a computer-readable medium, the distributed credential store used to acquire credentialing information associated with a principal, the distributed credential store comprising:
-
a principal identifier field capable of housing a principal identifier value that identifies a particular principal; and
a credentialing information record associated with the principal identifier field and capable of housing credentialing information associated with the principal identifier value for the particular principal;
wherein the distributed credential store is initially generated by an identity service. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
Specification