METHOD AND SYSTEM FOR IMPLEMENTING A FLOATING IDENTITY PROVIDER MODEL ACROSS DATA CENTERS
First Claim
1. A method for processing transactions in a federated computational environment, the computer-implemented method comprising:
- receiving resource requests at a first federated entity from a second federated entity, wherein the first federated entity responds to federation protocol operations for the second federated entity in accordance with a trust relationship between the first federated entity and the second federated entity, wherein services of the first federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems is able to act as an identity provider;
establishing a first data processing system in the set of data processing systems, through a self-assignment process by the first data processing system, to act as an identity provider across the set of data processing systems with respect to the second federated entity; and
employing, across the set of data processing systems, the first data center to perform federated protocol operations as an identity provider while processing requests from the second federated entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is presented for processing transactions in a federated computational environment. Resource requests are received at a first federated entity from a second federated entity. The first federated entity responds to federation protocol operations for the second federated entity in accordance with a trust relationship between the first and second federated entity. The services of the first federated entity are provided by a set of data processing systems within a distributed data processing system, and each data processing system in the set of data processing systems is able to act as an identity provider. A first data processing system in the set of data processing systems establishes itself to act as an identity provider for the set of data processing systems with respect to the second federated entity and then is employed to perform federated protocol operations as an identity provider for requests from the second federated entity.
-
Citations
24 Claims
-
1. A method for processing transactions in a federated computational environment, the computer-implemented method comprising:
-
receiving resource requests at a first federated entity from a second federated entity, wherein the first federated entity responds to federation protocol operations for the second federated entity in accordance with a trust relationship between the first federated entity and the second federated entity, wherein services of the first federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems is able to act as an identity provider; establishing a first data processing system in the set of data processing systems, through a self-assignment process by the first data processing system, to act as an identity provider across the set of data processing systems with respect to the second federated entity; and employing, across the set of data processing systems, the first data center to perform federated protocol operations as an identity provider while processing requests from the second federated entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product on a computer readable storage medium for processing transactions in a federated computational environment, the computer program product comprising:
-
instructions for receiving resource requests at a first federated entity from a second federated entity, wherein the first federated entity responds to federation protocol operations for the second federated entity in accordance with a trust relationship between the first federated entity and the second federated entity, wherein services of the first federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems is able to act as an identity provider; instructions for establishing a first data processing system in the set of data processing systems, through a self-assignment process by the first data processing system, to act as an identity provider across the set of data processing systems with respect to the second federated entity; and instructions for employing, across the set of data processing systems, the first data center to perform federated protocol operations as an identity provider while processing requests from the second federated entity. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus for processing transactions in a federated computational environment, the apparatus comprising:
-
means for receiving resource requests at a first federated entity from a second federated entity, wherein the first federated entity responds to federation protocol operations for the second federated entity in accordance with a trust relationship between the first federated entity and the second federated entity, wherein services of the first federated entity are provided by a set of data processing systems within a distributed data processing system, and wherein each data processing system in the set of data processing systems is able to act as an identity provider; means for establishing a first data processing system in the set of data processing systems, through a self-assignment process by the first data processing system, to act as an identity provider across the set of data processing systems with respect to the second federated entity; and means for employing, across the set of data processing systems, the first data center to perform federated protocol operations as an identity provider while processing requests from the second federated entity. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification