Affiliations within single sign-on systems
First Claim
1. A method for establishing an affiliation within a single sign-on system, comprising the steps of:
- defining a group of service providers that act as a single entity on a network for purposes of any of authentication, federation, and authorization;
defining an owner of said affiliation that is responsible for maintaining a list that shows which service providers are members of said affiliation, as well as any control structure or meta-data associated with said affiliation; and
providing a unique identifier for each affiliation within said single sign-on system in which said affiliation is defined.
5 Assignments
0 Petitions
Accused Products
Abstract
The invention provides an affiliation within a single sign-on system, which affiliation comprises a group of service providers that have chosen to act as a single entity on a network from the point of view of authentication, federation, and authorization. This type of entity is used to implement functionality within a portal site, such as the Yahoo (see http://www.yahoo.com) portal with a Travelocity (see http://www.travelocity.com/) travel section that acts as part of Yahoo and not as part of Travelocity. In the preferred embodiment, there is an owner of the affiliation that is responsible for maintaining a list that shows which service providers are members of the affiliation, as well as any control structure or meta-data associated with the affiliation. Each affiliation must have an identifier that is unique within the single sign-on system in which the affiliation is defined. User actions associated with the affiliation apply to all entities within the affiliation.
51 Citations
23 Claims
-
1. A method for establishing an affiliation within a single sign-on system, comprising the steps of:
-
defining a group of service providers that act as a single entity on a network for purposes of any of authentication, federation, and authorization;
defining an owner of said affiliation that is responsible for maintaining a list that shows which service providers are members of said affiliation, as well as any control structure or meta-data associated with said affiliation; and
providing a unique identifier for each affiliation within said single sign-on system in which said affiliation is defined. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus for establishing an affiliation within a single sign-on system, comprising:
-
a plurality of principals that can acquire a federated identity and be authenticated and vouched for by an identity provider;
an identity provider for authenticating and vouching for principals;
a plurality of service providers that act as a single entity with regard to authentication, federation and authorization to establish a single sign-on system within which such affiliation cooperates; and
at least one service associated with each service provider which comprises a grouping of common functionality comprising at least one method that callers can use to manipulate information managed by said service with regard to a particular principal. - View Dependent Claims (6, 7, 8)
-
-
9. A method for establishing an affiliation within a single sign-on system, comprising the steps of:
-
defining a group of service providers that act as a single entity on a network for purposes of any of authentication, federation, and authorization;
providing a plurality of principals that can acquire a federated identity and be authenticated and vouched for by an identity provider; and
providing an identity provider for authenticating and vouching for principals. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification