METHOD AND SYSTEM FOR DISTRIBUTED RETRIEVAL OF DATA OBJECTS WITHIN MULTI-PROTOCOL PROFILES IN FEDERATED ENVIRONMENTS
First Claim
1. A method for transferring data objects between federated entities in a federated computational environment, the computer-implemented method comprising:
- receiving a data object retrieval request from a first federated entity at a second federated entity, wherein the second federated entity issues artifacts for the first federated entity in accordance with a trust relationship between the second federated entity and the first federated entity, wherein services of the second federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems generates artifacts;
extracting an artifact from the data object retrieval request by a first data processing system in the set of data processing systems, wherein the artifact references a data object that is stored by the second federated entity;
employing the artifact to retrieve the data object by the first data processing system from a second data processing system in the set of data processing systems; and
returning a data object retrieval response from the first data processing system to the first federated entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is presented for transferring data objects between federated entities within a federation using artifacts. A first federated entity, such as a service provider, receives artifacts from a second federated entity, such as an identity provider, which generates data objects, such as assertions, for use at or by the first federated entity. The artifact references a data object that is locally stored by the second federated entity, which is implemented as a distributed data processing system with a set of data processing systems, each of which can generate artifacts and artifact-referenced data objects, and each of which can proxy data object retrieval requests to other data processing systems within the distributed data processing system. When the second federated entity receives a data object retrieval request with an artifact from the first federated entity, the artifact-referenced data object is retrieved from within the distributed data processing system using the artifact.
-
Citations
37 Claims
-
1. A method for transferring data objects between federated entities in a federated computational environment, the computer-implemented method comprising:
-
receiving a data object retrieval request from a first federated entity at a second federated entity, wherein the second federated entity issues artifacts for the first federated entity in accordance with a trust relationship between the second federated entity and the first federated entity, wherein services of the second federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems generates artifacts; extracting an artifact from the data object retrieval request by a first data processing system in the set of data processing systems, wherein the artifact references a data object that is stored by the second federated entity; employing the artifact to retrieve the data object by the first data processing system from a second data processing system in the set of data processing systems; and returning a data object retrieval response from the first data processing system to the first federated entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer program product on a computer readable storage medium for transferring data objects between federated entities in a federated computational environment, the computer program product comprising:
-
instructions for receiving a data object retrieval request from a first federated entity at a second federated entity, wherein the second federated entity issues artifacts for the first federated entity in accordance with a trust relationship between the second federated entity and the first federated entity, wherein services of the second federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems generates artifacts; instructions for extracting an artifact from the data object retrieval request by a first data processing system in the set of data processing systems, wherein the artifact references a data object that is stored by the second federated entity; instructions for employing the artifact to retrieve the data object by the first data processing system from a second data processing system in the set of data processing systems; and instructions for returning a data object retrieval response from the first data processing system to the first federated entity. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. An apparatus for transferring data objects between federated entities in a federated computational environment, the apparatus comprising:
-
means for receiving a data object retrieval request from a first federated entity at a second federated entity, wherein the second federated entity issues artifacts for the first federated entity in accordance with a trust relationship between the second federated entity and the first federated entity, wherein services of the second federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems generates artifacts; means for extracting an artifact from the data object retrieval request by a first data processing system in the set of data processing systems, wherein the artifact references a data object that is stored by the second federated entity; means for employing the artifact to retrieve the data object by the first data processing system from a second data processing system in the set of data processing systems; and means for returning a data object retrieval response from the first data processing system to the first federated entity. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
-
Specification