Distributed Network Identity
First Claim
1. A method for providing user authentication to a service provider, the method comprising:
- receiving, at an identity provider, an identifier that indicates the service provider, wherein the identifier includes an assertion of an identity of a user;
requesting an identity credential from the user;
authenticating the identity credential to produce an authenticated credential; and
passing the authenticated credential to the service provider.
0 Assignments
0 Petitions
Accused Products
Abstract
A distributed network identity is provided. An identity provider stores a portion of a user'"'"'s personal information. A service provider accesses user information from one or more identity providers. System entities such as identity providers and service providers can be linked to enable information sharing and aggregation. User policies and privacy preferences are provided to control how information is shared. A single sign-on architecture is provided where an identity provider is used to facilitate cross-domain authentication and to enhance user convenience. Service delegation features are also provided.
-
Citations
11 Claims
-
1. A method for providing user authentication to a service provider, the method comprising:
-
receiving, at an identity provider, an identifier that indicates the service provider, wherein the identifier includes an assertion of an identity of a user;
requesting an identity credential from the user;
authenticating the identity credential to produce an authenticated credential; and
passing the authenticated credential to the service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for delegating a service, the method comprising:
-
authenticating a user with an identity provider;
requesting, by a first service provider a ticket from the identity provider for the delegated service, wherein the delegated service is performed by a second service provider;
receiving the ticket at the first service provider, the ticket for authorizing the second service provider to perform the delegated service on behalf of the user; and
presenting the ticket at the second service provider to use the delegated service. - View Dependent Claims (9, 10, 11)
-
Specification