Application programming interface for centralized storage of principal data

US 20070094301A1
Filed: 05/30/2006
Published: 04/26/2007
Est. Priority Date: 10/23/2003
Status: Active Grant

First Claim

Patent Images

1-9. -9. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In the present invention, data relating to principals known to a computer system is centrally stored and objects having a standardized principal application programming interface (API) for finding, managing and accessing that data is provided to applications in lieu of having the applications independently store the principal data. The present invention eliminates the need for each application to create duplicate principal data. It also ensures that principal data are consistent throughout the applications on the computer system. In addition, the present invention allows any application with objects having the principal API to manage and change the principal data making such principal data easy to update. The principal API includes methods to find principals based on an identity reference to a principal or an identity claim that uniquely identifies the principal on computer system.

Citations

35 Claims

1-9. -9. (canceled)

10. An application programming interface (API) for a central data store of principal objects in a computer system that is part of a distributed system, each principal object associated with one principal and having at least one property that uniquely identifies the associated principal in the distributed system, the API comprising:
- a findbyidentity method that when invoked with the property searches the computer system for principal data uniquely identified by the property, instantiates a principal object containing the principal data identified by the property, and returns a pointer to the principal object.
- View Dependent Claims (11, 12, 13)
- - 11. The API of claim 10 wherein the API comprises:
    - a second findbyidentity method that when invoked with the property and an identifier identifying a data store on the computer system, searches the data store for principal data uniquely identified by the property, instantiates a principal object containing the principal data identified by the property, and returns a pointer to the principal object.
  - 12. The API of claim 10 wherein the property comprises a value and a scheme and the API comprises:
    - a third findbyidentity method that when invoked with the value and an identifier identifying a data store, searches the data store for principal data uniquely identified by the value and a default scheme, instantiates a principal object containing the principal data identified by the value and the default scheme, and returns a pointer to the principal object.
  - 13. The API of claim 10 wherein the object is an identity reference object that has a second property that is an identity reference and the API comprises:
    - a fourth findbyidentity method that when invoked with the identity reference and an identifier identifying a data store, searches the data store, instantiates one or more principal objects containing an identity claim matching the identity reference, and returns a pointer to the principal object.

14-19. -19. (canceled)

20. A method in a computer system for managing principal data, the computer system having installed thereon a plurality of disparate applications that utilize principal data, the method comprising:
- storing on the computer system in a central data store principal data for a plurality of principals;
  
  identifying for each principal, one or more identity claims that uniquely identifies the principal;
  
  providing the plurality of disparate applications access to the principal data via component objects having at least one identity reference and capable of calling a standardized principal application programming interface (API), the standardized principal API containing methods accessing the central data store, instantiating principal objects, and retrieving principal data.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 21. The method of claim 20 wherein identifying comprises:
    - identifying at least one identity claim for each principal known to the computer system.
  - 22. The method of claim 21 wherein the at least one identity claim for each principal is independently selected from the group consisting of a telephone number, an email address, a name, a security identifier, a globally unique identifier, a social security number, an employee number, a student number, a drivers license number, a credit card number, and a physical address.
  - 23. The method of claim 21 wherein the standardized principal API includes a findbyidentity method that, when passed a first identity reference, searches the central data store for the first identity claim identified by the first identity reference and instantiates a principal object having the first identity claim.
  - 24. The method of claim 21 wherein each identity claim includes an identity claim value and an identity claim scheme and the standardized principal API includes a findbyidentity method that, when passed an identity claim value but not an identity claim scheme, searches the central data store for an identity claim of a default identity claim scheme having the identity claim value and instantiates a principal object having an identity claim with the identity claim value and the default identity claim scheme.
  - 25. The method of claim 21 wherein each identity claim includes an identity claim value and a identity claim scheme and the standardized principal API includes a findbyidentity method that, when passed a first identity claim value and a first identity claim scheme, searches the central data store for an identity claim having the first identity claim value and first identity claim scheme and instantiates a principal object having an identity claim with the first identity claim value and first identity claim scheme.
  - 26. The method of claim 20 further comprising:
    - monitoring the data received by the plurality of disparate applications for new principal data not already stored in the central data store; and
      
      storing the new principal data in the central data store.
  - 27. The method of claim 21 wherein each identity claim includes an identity claim value and a identity claim scheme and the standardized principal API includes a findbyidentity method that, when passed a store identifier identifying the central store, a first identity claim value and a first identity claim scheme, searches the central data store for an identity claim having the first identity claim value and first identity claim scheme and instantiates a principal object having an identity claim with the first identity claim value and first identity claim scheme.
  - 28. The method of claim 21 wherein each identity claim includes an identity claim value and a identity claim scheme and the standardized principal API includes a findbyidentity method that, when passed a principal type identifier identifying a first principal type, a first identity claim value and a first identity claim scheme, searches the central data store for a principal of the first principal type having an identity claim having the first identity claim value and first identity claim scheme and instantiates a principal object having an identity claim with the first identity claim value and first identity claim scheme.
  - 29. The method of claim 21 wherein each principal includes one or more identity claims and the standardized principal API includes a findbyidentity method that, when passed a first identity reference, searches the central data store for principals having the first identity claim identified by the identity reference and instantiates the principal object having an the first identity reference.
  - 30. The method of claim 29 wherein each identity reference includes an identity reference value and a identity reference scheme and the standardized principal API includes a findbyidentity method that, when passed a first identity reference value but not an identity reference scheme, searches the central data store and instantiates a principal object having an identity claim having the first identity reference value and a default identity reference scheme.

31. A method in a computer system for determining a first identity reference of a first type of a principal from a second identity reference property of the principal comprising:
- using the second identity reference to identify a principal;
  
  instantiating a principal object for the principal, the principal object having a first identity claim of the first type identified by the first identity reference and a second identity claim of a different type identified by the second identity reference;
  
  invoking a translate function exposed by the principal object with the first type as an argument;
  
  receiving the first identity reference.
- View Dependent Claims (32, 33, 34, 35)
- - 32. The method of claim 31, wherein the principal object includes a first identity claim object having the first identity claim and a second identity claim object having the second identity claim and invoking comprises:
    - invoking the translate function in the second identity claim object.
  - 33. The method of claim 32 further comprising:
    - under control of the translate function, searching the identity claim objects of the principal object for an identity claim object with an identity claim of the first type; and
      
      returning a pointer to the first identity claim object.
  - 34. The method of claim 31, wherein using comprises:
    - invoking a findbyidentity method of a principal API with the second identity reference as an argument.
  - 35. The method of claim 32, wherein using further comprises:
    - receiving a pointer to the second identity claim object of the principal object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Satagopan, Murli, Cameron, Kim, Harjanto, Andy, Hacherl, Don, Rimer, Matthew, Karmarkar, Nitin

Granted Patent

US 7,593,951 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 9/4493   Object persistence

Y10S 707/99942   Manipulating data structure...

Y10S 707/99943   Generating database or data...

Y10S 707/99944   Object-oriented database st...

Y10S 707/99945   Object-oriented database st...

Application programming interface for centralized storage of principal data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Application programming interface for centralized storage of principal data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links