SYSTEM AND METHOD FOR SECURE ACCOUNT RESET UTILIZING INFORMATION CARDS
First Claim
Patent Images
1. An apparatus, comprising:
- a machine;
a receiver on the machine configured to receive from a relying party a request for at least one challenge claim;
a card selector on the machine configured to receive from a user a selection of an information card responsive to the request for the at least one challenge claim; and
a transmitter configured to transmit to an identity provider a request for a security token responsive to the selection of the information card,wherein the receiver is further configured to receive the security token from the identity provider, the transmitter is further configured to transmit the security token to the relying party, and the security token includes the at least one challenge claim.
7 Assignments
0 Petitions
Accused Products
Abstract
New claim identifiers allow account reset and supplemental authorizations to be performed utilizing information cards. The new claim identifiers include claims for simple challenge questions, simple challenge answers, generated-challenge answers, and challenge methods. Each of the new claims can include a tuple. Methods of utilizing the new claim identifiers for account reset and supplemental authorization are also provided.
-
Citations
40 Claims
-
1. An apparatus, comprising:
-
a machine; a receiver on the machine configured to receive from a relying party a request for at least one challenge claim; a card selector on the machine configured to receive from a user a selection of an information card responsive to the request for the at least one challenge claim; and a transmitter configured to transmit to an identity provider a request for a security token responsive to the selection of the information card, wherein the receiver is further configured to receive the security token from the identity provider, the transmitter is further configured to transmit the security token to the relying party, and the security token includes the at least one challenge claim. - View Dependent Claims (2, 3)
-
-
4. A method for obtaining a challenge claim, comprising:
-
receiving from a client a request for a security policy; transmitting to the client the security policy, wherein the security policy comprises at least one challenge claim identifier; receiving from the client a security token, the security token comprising at least one challenge claim; and storing the at least one challenge claim. - View Dependent Claims (5, 6, 7)
-
-
8. An article, comprising a storage medium, the storage medium having stored thereon instructions that, when executed by a machine, result in:
-
receiving from a client a request for a security policy; transmitting to the client the security policy, wherein the security policy comprises at least one challenge claim identifier; receiving from the client a security token, the security token comprising at least one challenge claim; and storing the at least one challenge claim. - View Dependent Claims (9, 10)
-
-
11. A method for responding to a challenge from a relying party, comprising:
-
receiving the challenge from the relying party; obtaining a response to the challenge from an identity provider; and providing the response to the relying party. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An article, comprising a storage medium, the storage medium having stored thereon instructions that, when executed by a machine, result in:
-
receiving a challenge from a relying party; obtaining a response to the challenge from an identity provider; and providing the response to the relying party. - View Dependent Claims (17, 18, 19)
-
-
20. A method for challenging a user, comprising:
-
determining that the user is to be challenged; retrieving a stored list of challenge methods associated with the user; identifying a first challenge method from the list of challenge methods; providing a first challenge to the user based upon the first challenge method; receiving a first response from the user; and validating the first response. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. An article, comprising a storage medium, the storage medium having stored thereon instructions that, when executed by a machine, result in:
-
determining that a user is to be challenged; retrieving a stored list of challenge methods associated with the user; identifying a first challenge method from the list of challenge methods; providing a first challenge to the user based upon the first challenge method; receiving a first response from the user; and validating the first response. - View Dependent Claims (27, 28, 29, 30)
-
-
31. A method, comprising:
-
receiving a request for an information card from a client; obtaining at least one challenge claim responsive to the request; and sending the information card to the client, wherein the information card includes at least one challenge claim identifier. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification