NON-INTERACTIVE INFORMATION CARD TOKEN GENERATION

US 20100011409A1
Filed: 07/09/2008
Published: 01/14/2010
Est. Priority Date: 07/09/2008
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus, comprising:

a receiver on a machine, wherein the receiver is configured to receive a request from a relying party site for a security token;

a security token generator on the machine, wherein the security token generator is operable to automatically generate a security token in response to the request based at least in part on a policy; and

a transmitter on the machine, wherein the transmitter is configured to transmit the generated security token to the relying party site.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for automatic, non-interactive generation of information card tokens are provided. An apparatus can include a receiver, a transmitter, and an information card token generator, wherein the information card token generator is operable to generate an information card token in response to an information card token request received from a relying party site, the information card security token being based at least in part on a user-defined policy.

Citations

20 Claims

1. An apparatus, comprising:
- a receiver on a machine, wherein the receiver is configured to receive a request from a relying party site for a security token;
  
  a security token generator on the machine, wherein the security token generator is operable to automatically generate a security token in response to the request based at least in part on a policy; and
  
  a transmitter on the machine, wherein the transmitter is configured to transmit the generated security token to the relying party site.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. An apparatus according to claim 1, further comprising a policy configuration manager on the machine, wherein the policy configuration manager is operable to define the policy.
  - 3. An apparatus according to claim 1, wherein the generated security token comprises a credential type and credential data.
  - 4. An apparatus according to claim 3, wherein the credential type is username/password.
  - 5. An apparatus according to claim 4, wherein the credential data comprises a username, wherein the username is specific to the relying party site, and a password, wherein the password is specific to the relying party site.
  - 6. An apparatus according to claim 3, wherein the generated security token further comprises cryptographic material.
  - 7. An apparatus according to claim 2, wherein the policy configuration manager is further operable to update the policy.
  - 8. An apparatus according to claim 2, wherein the policy configuration manager is further operable to delete the policy.
  - 9. An apparatus according to claim 1, wherein the policy specifies authentication information to be used by the security token generator in generating the security token, wherein the authentication information corresponds to a security policy at the relying party site.

10. A computer-implemented method of generating a security token responsive to an information card token request, comprising:
- receiving an information card token request from a relying party site;
  
  responsive to the information card token request, automatically generating an information card token based at least in part on a user-defined policy; and
  
  transmitting the generated information card token to the relying party site.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. A computer-implemented method according to claim 10, further comprising defining the user-defined policy.
  - 12. A computer-implemented method according to claim 11, further comprising updating the user-defined policy.
  - 13. A computer-implemented method according to claim 11, wherein defining the user-defined policy comprises adding authentication information to the user-defined policy, wherein the authentication information pertains to the relying party site.
  - 14. A computer-implemented method according to claim 13, wherein adding the authentication information comprises adding username/password information.
  - 15. A computer-implemented method according to claim 13, wherein generating the information card token comprises incorporating the authentication information into the information card token.
  - 16. A computer-implemented method according to claim 15, wherein generating the information card token further comprises incorporating cryptographic material into the information card token.
  - 17. A computer-implemented method according to claim 10, further comprising deleting the user-defined policy.
  - 18. One or more computer-readable media storing instructions that, when executed by a processor, perform a computer-implemented method according to claim 10.

19. An article comprising a storage medium, the storage medium having stored thereon instructions that, when executed by a machine, result in providing authentication information to a relying party site, wherein the authentication information is based at least in part on a user-defined policy.
- View Dependent Claims (20)
- - 20. An article according to claim 19, wherein providing the authentication information comprises passing at least one claim, at least one claim value, and cryptographic information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Olds, Dale, Hodgkinson, Andrew A.

Application Number

US12/170,384
Publication Number

US 20100011409A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 2221/2115   Third party

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/20   for managing network securi...

NON-INTERACTIVE INFORMATION CARD TOKEN GENERATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

NON-INTERACTIVE INFORMATION CARD TOKEN GENERATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links