Router for managing trust relationships
First Claim
Patent Images
1. A method of managing trust relationships between federated identity and service providers, the method comprising:
- receiving an assertion of a user identity from an identity provider via a first federation protocol, wherein a destination service provider is indicated with the assertion;
verifying permission of the user identity to access the destination service provider; and
asserting the user identity to the destination service provider via a second federation protocol.
8 Assignments
0 Petitions
Accused Products
Abstract
One embodiment relates to a method of managing trust relationships between federated identity and service providers. An assertion of a user identity is received from an identity provider via a first federation protocol, wherein a destination service provider is indicated with the assertion. Permission of the user identity to access the destination service provider is verified. If permission is verified, the user identity is asserted to the destination service provider via a second federation protocol. Other embodiments and features are also disclosed.
-
Citations
15 Claims
-
1. A method of managing trust relationships between federated identity and service providers, the method comprising:
-
receiving an assertion of a user identity from an identity provider via a first federation protocol, wherein a destination service provider is indicated with the assertion; verifying permission of the user identity to access the destination service provider; and asserting the user identity to the destination service provider via a second federation protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A router for managing trust relationships between federated identity and service providers, the router comprising a processor and memory, wherein the memory includes:
-
computer-readable code configured to receive an assertion of a user identity from an identity provider via a first federation protocol, wherein a destination service provider is indicated with the assertion; computer-readable code configured to verify permission of the user identity to access the destination service provider; computer-readable code configured to determine a second federation protocol which is compatible to the destination service provider; and computer-readable code configured to assert the user identity to the destination service provider via the second federation protocol. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus for managing trust relationships between federated identity and service providers, the apparatus comprising:
-
means for intercepting an assertion of a user identity from an identity provider, wherein a destination service provider is indicated with the assertion; means for checking permission of the user identity to access the destination service provider; means for constructing a view of the user identity for presentation to the destination service provider; and means for sending the constructed view of the user identity to the destination service provider. - View Dependent Claims (15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicro Focus LLC (Open Text Corporation)
-
Original AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
InventorsTulshibagwale, Atul Vijay, Whitehead, Gregory Ryan
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current709/223
-
CPC Class CodesG06F 21/305 by remotely controlling dev...G06F 21/33 using certificatesG06F 21/335 for accessing specific reso...G06F 21/45 Structures or tools for the...G06F 21/57 Certifying or maintaining t...G06F 2221/2141 Access rights, e.g. capabil...H04L 12/66 Arrangements for connecting...H04L 63/0815 providing single-sign-on or...H04L 63/10 for controlling access to d...H04L 67/306 User profiles
