Method and system for secure binding register name identifier profile
First Claim
1. A method for performing an operation within a federated computing environment, the method comprising:
- receiving a register name identifier request for a principal from a first federated entity at a second federated entity within the federated computing environment;
in response to receiving the register name identifier request for the principal, performing an authentication operation at the second federated entity for the principal;
in response to successfully completing the authentication operation, registering or modifying a name identifier from the received register name identifier request at the second federated entity; and
sending a register name identifier response from the second federated entity to the first federated entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, a system, an apparatus, and a computer program product are presented for improving a register name identifier profile within a federated computing environment such that the register name identifier profile is enhanced to be more securely binding between two federated entities within the federated computing environment, such as an identity provider and a service provider. After the first federated entity sends a register name identifier request for a principal to the second federated entity, the second federated entity performs an authentication operation for the principal. In response to successfully completing the authentication operation, the second federated entity registers or modifies a name identifier for the principal that has been extracted from the received register name identifier request.
98 Citations
27 Claims
-
1. A method for performing an operation within a federated computing environment, the method comprising:
-
receiving a register name identifier request for a principal from a first federated entity at a second federated entity within the federated computing environment;
in response to receiving the register name identifier request for the principal, performing an authentication operation at the second federated entity for the principal;
in response to successfully completing the authentication operation, registering or modifying a name identifier from the received register name identifier request at the second federated entity; and
sending a register name identifier response from the second federated entity to the first federated entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus for performing an operation within a federated computing environment, the apparatus comprising:
-
means for receiving a register name identifier request for a principal from a first federated entity at a second federated entity within the federated computing environment;
means for performing, in response to receiving the register name identifier request for the principal, an authentication operation at the second federated entity for the principal;
means for registering or modifying, in response to successfully completing the authentication operation, a name identifier from the received register name identifier request at the second federated entity; and
means for sending a register name identifier response from the second federated entity to the first federated entity. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product on a computer readable medium for performing an operation within a federated computing environment, the computer program product comprising:
-
means for receiving a register name identifier request for a principal from a first federated entity at a second federated entity within the federated computing environment;
means for performing, in response to receiving the register name identifier request for the principal, an authentication operation at the second federated entity for the principal;
means for registering or modifying, in response to successfully completing the authentication operation, a name identifier from the received register name identifier request at the second federated entity; and
means for sending a register name identifier response from the second federated entity to the first federated entity. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification