System and method for validating interactions in an identity metasystem
First Claim
Patent Images
1. A method for validating interactions between a user, an identity provider and a relying party in an identity metasystem, said method comprising:
- (a) accessing said relying party from a web browser on behalf of said user,(b) transferring a relying party identity from said relying party to said web browser,(c) transferring said relying party identity from said web browser to an identity selector,(d) retrieving from a card database a user identity,(e) authenticating a user with said user identity at said identity provider,(f) generating at said identity provider a token for a validation service,(g) transferring said token from said identity provider to said identity selector,(h) transferring a request comprising said token and said relying party identity from said identity selector to said validation service,(i) searching in a database of said validation service for a record set corresponding to said token and said relying party identity,(j) generating at said validation service a response based on said request and said record set from said search,(k) transferring said response from said validation service to said identity selector, and(l) informing said user of said response.
0 Assignments
0 Petitions
Accused Products
Abstract
An information processing system for a computing network in which information describing planned interactions between an identity selector and a relying party web site are provided to a validation service, compared with information a database, and a response returned to the identity selector.
91 Citations
10 Claims
-
1. A method for validating interactions between a user, an identity provider and a relying party in an identity metasystem, said method comprising:
-
(a) accessing said relying party from a web browser on behalf of said user, (b) transferring a relying party identity from said relying party to said web browser, (c) transferring said relying party identity from said web browser to an identity selector, (d) retrieving from a card database a user identity, (e) authenticating a user with said user identity at said identity provider, (f) generating at said identity provider a token for a validation service, (g) transferring said token from said identity provider to said identity selector, (h) transferring a request comprising said token and said relying party identity from said identity selector to said validation service, (i) searching in a database of said validation service for a record set corresponding to said token and said relying party identity, (j) generating at said validation service a response based on said request and said record set from said search, (k) transferring said response from said validation service to said identity selector, and (l) informing said user of said response. - View Dependent Claims (2, 3, 4)
-
-
5. A system for validating interactions between a user, an identity provider and a relying party in an identity metasystem, said system comprising:
-
(a) said user, (b) said identity provider, (c) said relying party, (d) a web browser, (e) an identity selector, (f) a card database, (g) a validation service, and (h) a database of said validation service, wherein said web browser accesses said relying party on behalf of said user, said relying party returns a relying party identity to said web browser, said web browser transfers said relying party identity to said identity selector, said identity selector retrieves a user identity from said card database, said identity provider authenticates said user with said user identity, said identity provider generates a token for said validation service, said identity provider transfers said token to said identity selector, said identity selector transfers a request comprising said token and said relying party identity to said validation service, said validation service searches in said database of said validation service for a record set corresponding to said token and said relying party identity, said validation service generates a response based on said request and said record set from said search, said validation service transfers said response to said identity selector, and said identity selector informs said user of said response. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A computer program product within a computer usable medium with software for validating interactions between a user, an identity provider and a relying party in an identity metasystem, said product comprising:
-
(a) instructions for accessing said relying party from a web browser on behalf of said user, (b) instructions for transferring a relying party identity from said relying party to said web browser, (c) instructions for transferring said relying party identity from said web browser to an identity selector, (d) instructions for retrieving from a card database a user identity, (e) instructions for authenticating a user with said user identity at said identity provider, (f) instructions for generating at said identity provider a token for a validation service, (g) instructions for transferring said token from said identity provider to said identity selector, (h) instructions for transferring a request comprising said token and said relying party identity from said identity selector to said validation service, (i) searching in a database of said validation service for a record set corresponding to said token and said relying party identity, (j) generating at said validation service a response based on said request and said record set from said search, (k) instructions for transferring said response from said validation service to said identity selector, and (l) instructions for informing said user of said response.
-
Specification