INFORMATION CARD FEDERATION POINT TRACKING AND MANAGEMENT
First Claim
Patent Images
1. An apparatus, comprising:
- a client (105);
a receiver (210) on the client (105) to receive a security policy (150) from a relying party (130);
a transmitter (215) on the client (105) to transmit a security token (160) to said relying party (130) responsive to said security policy (150);
a data store (225) on the client (105), the data store (225) capable of storing federation points (230, 505, 510, 515, 520), each federation point (230, 505, 510, 515, 520) including an identifier (525) of an account (605, 610, 615, 620) on a relying party (130) and an identifier (530) of an information card (220);
a data store accessor (240) on the client (105) to access said federation points (230, 505, 510, 515, 520) stored in the data store (225); and
a card selector (205) on the client (105) to present information about said federation points (230, 505, 510, 515, 520) in the data store (225) to a user.
7 Assignments
0 Petitions
Accused Products
Abstract
A client can store information about federation points. A federation point is a combination of an identifier of an account on a relying party and an identifier of an information card. The client can track which information cards are included n various federation points, and can use this information to assist the user in performing a transaction with relying parties.
-
Citations
34 Claims
-
1. An apparatus, comprising:
-
a client (105); a receiver (210) on the client (105) to receive a security policy (150) from a relying party (130); a transmitter (215) on the client (105) to transmit a security token (160) to said relying party (130) responsive to said security policy (150); a data store (225) on the client (105), the data store (225) capable of storing federation points (230, 505, 510, 515, 520), each federation point (230, 505, 510, 515, 520) including an identifier (525) of an account (605, 610, 615, 620) on a relying party (130) and an identifier (530) of an information card (220); a data store accessor (240) on the client (105) to access said federation points (230, 505, 510, 515, 520) stored in the data store (225); and a card selector (205) on the client (105) to present information about said federation points (230, 505, 510, 515, 520) in the data store (225) to a user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
receiving (1203) a security policy (150) from a relying party (130); identifying (1206) the relying party (130); identifying (1209) at least one federation point (230, 505, 510, 515, 520), the at least one federation point (230, 505, 510, 515, 520) including an identifier (525) of an account (605, 610, 615, 620) on the relying party (130); identifying (1212) at least one information card (220, 530) accessible to the card selector (205) included in the identified federation points (230, including); presenting (1251) to a user the identified information cards (220, 530); receiving (1257) a selection by the user of one of the identified information cards (220, 530); and forwarding (1275) to the relying party (130) a security token (160) responsive to the security policy (150) and the selected information card (220, 530). - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. An apparatus, comprising:
-
a relying party (130); a policy store (820) on the relying party (130) to store at least one policy (825) specifying how the relying party (130) processes security tokens (160); a data store (810) on the relying party (130) to store information (815) about security tokens (160) and accounts (605, 610, 615, 620) to which access has been granted based on said security tokens (160); an endpoint (805) on the relying party (130) to receive from a requester a query about an account (605, 610, 615, 620) on the relying party (130); a response generator (830) on the relying party (130) to generate a response to the query; and a transmitter (835) on the relying party (130) to transmit said response to said requester. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A method, comprising:
-
receiving (1505) at an endpoint (805) on a relying party (130) a query from a requester for information (815) about an account (605, 610, 615, 620) on the relying party (130); determining (1510) the requested information (815) about the account (605, 610, 615, 620) on the relying party (130); and sending (1515) the requested information (815) to the requester. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
Specification