CARDSPACE HISTORY VALIDATOR
First Claim
Patent Images
1. An apparatus (105), comprising:
- a receiver (210) to receive a security policy (150) from a relying party (130);
a card selector (205) to select an information card (220) responsive to said security policy (150);
a data store (225) to store a last time (230) the apparatus (105) sent a security token (160) responsive to said selected information card (220) to said relying party (130); and
a transmitter (215) to transmit to said relying party (130) said security token (160), wherein said relying party (130) grants access to a resource (315) if a last transmission of the security token (160) to the relying party (130) was verified.
5 Assignments
0 Petitions
Accused Products
Abstract
Before a relying party grants a client access to a resource, the last use of the security token by the client to access the resource of the relying party can be verified. Verification can be accomplished by comparing the last time the client sent the security token to the relying party with the last time the relying party received the security token from the client. If the last use of the security token is not verified, the possibility exists that the security token has been fraudulently used by a third party.
-
Citations
23 Claims
-
1. An apparatus (105), comprising:
-
a receiver (210) to receive a security policy (150) from a relying party (130); a card selector (205) to select an information card (220) responsive to said security policy (150); a data store (225) to store a last time (230) the apparatus (105) sent a security token (160) responsive to said selected information card (220) to said relying party (130); and a transmitter (215) to transmit to said relying party (130) said security token (160), wherein said relying party (130) grants access to a resource (315) if a last transmission of the security token (160) to the relying party (130) was verified. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus (130), comprising:
-
a transmitter (310) to transmit a security policy (150) to a client (105) responsive to a request from said client (105) for access a resource (315); a receiver (305) to receive said request from said client (105) for said resource (315) and to receive a security token (160) from said client (105) responsive to said security policy (150); and a data store (325) to store a current time (12) that said security token (160) was received by the apparatus (130) from said client (105), wherein the apparatus (130) is operative to grant said client (105) access to said resource (315) if a last transmission of the security token (160) to the apparatus (130) was verified. - View Dependent Claims (6, 7, 8)
-
-
9. A method to verify use of an information card (220), comprising:
-
requesting (705) access to a resource (315) from a relying party (130); receiving (710) at a client (105) a security policy (150) from the relying party (130); identifying (720) an information card (220) that satisfies the security policy (130); transmitting (765) a security token (160) from the client (105) to the relying party (130); and accessing (785) the resource (315) from the relying party (130) if a last transmission of the security token (160) to the relying party (130) was verified. - View Dependent Claims (10, 11, 12)
-
-
13. A method to verify use of an information card (220), comprising:
-
receiving (1105) a request from a client (105) to access a resource (315) at a relying party (130); transmitting (1115) a security policy (150) to the client (105); receiving (1125) a security token (160) from the client (105); and granting (1135) access to the resource (315) by the relying party (130) if a last reception of the security token (160) from the client (105) was verified. - View Dependent Claims (14, 15, 16)
-
-
17. An article, comprising a storage medium, said storage medium having stored thereon instructions that, when executed by a machine, result in:
-
requesting (705) access to a resource (315) from a relying party (130); receiving (710) at a client (105) a security policy (150) from the relying party (130); identifying (720) an information card (220) that satisfies the security policy (130); transmitting (765) a security token (160) from the client (105) to the relying party (130); and accessing (785) the resource (315) from the relying party (130) if a last transmission of the security token (160) to the relying party (130) was verified. - View Dependent Claims (18, 19)
-
-
20. An article, comprising a storage medium, said storage medium having stored thereon instructions that, when executed by a machine, result in:
-
receiving (1105) a request from a client (105) to access a resource (315) at a relying party (130); transmitting (1115) a security policy (150) to the client (105); receiving (1125) a security token (160) from the client (105); and granting (1135) access to the resource (315) by the relying party (130) if a last reception of the security token (160) from the client (105) was verified. - View Dependent Claims (21, 22, 23)
-
Specification