Identity and access management framework
First Claim
1. A method for authenticating a user, comprising:
- receiving a request from the user to access a resource, wherein the resource is associated with at least one authentication requirement;
determining a trust level associated with access to the resource;
obtaining user credentials based on the trust level associated with the resource;
selecting an authentication method for authenticating the user based on the trust level associated with the resource;
generating user authentication information based on the trust level associated with the resource and the user credentials obtained, wherein user authentication information relates to the user'"'"'s environment while accessing the resource;
sending the user authentication information to the resource; and
granting access to the resource, if the user authentication information meets the at least one authentication requirement of the resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating a user involves receiving a request from the user to access a resource, where the resource is associated with at least one authentication requirement, determining a trust level associated with access to the resource, obtaining user credentials based on the trust level associated with the resource, selecting an authentication method for authenticating the user based on the trust level associated with the resource, generating user authentication information based on the trust level associated with the resource and the user credentials obtained, where user authentication information relates to the user'"'"'s environment while accessing the resource, sending the user authentication information to the resource, and granting access to the resource, if the user authentication information meets the at least one authentication requirement of the resource.
152 Citations
24 Claims
-
1. A method for authenticating a user, comprising:
-
receiving a request from the user to access a resource, wherein the resource is associated with at least one authentication requirement;
determining a trust level associated with access to the resource;
obtaining user credentials based on the trust level associated with the resource;
selecting an authentication method for authenticating the user based on the trust level associated with the resource;
generating user authentication information based on the trust level associated with the resource and the user credentials obtained, wherein user authentication information relates to the user'"'"'s environment while accessing the resource;
sending the user authentication information to the resource; and
granting access to the resource, if the user authentication information meets the at least one authentication requirement of the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for identity and access control management, comprising:
-
a resource manager configured to determine at least one authentication requirement of a resource;
a trust engine configured to determine a trust level associated with access to the resource based on a plurality of trust rules;
an authentication server configured to obtain user credentials based on the trust level associated with the resource and generate user authentication information, wherein user authentication information comprises information related to a user'"'"'s environment while accessing the resource; and
an access policy engine operatively connected to the resource manager and to the trust engine, configured to determine whether the user authentication information meets the at least one authentication requirement of the resource, wherein access to the resource is granted if the user authentication information meets the at least one authentication requirement of the resource. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A computer usable medium comprising computer readable program code embodied therein for causing a computer system to:
-
receive a request from the user to access a resource, wherein the resource is associated with at least one authentication requirement;
determine a trust level associated with access to the resource;
obtain user credentials based on the trust level associated with the resource;
select an authentication method for authenticating the user based on the trust level associated with the resource;
generate user authentication information based on the trust level associated with the resource and the user credentials obtained, wherein user authentication information relates to the user'"'"'s environment while accessing the resource;
send the user authentication information to the resource; and
grant access to the resource, if the user authentication information meets the at least one authentication requirement of the resource.
-
Specification