TRUSTED RELYING PARTY PROXY FOR INFORMATION CARD TOKENS

US 20100095372A1
Filed: 10/09/2008
Published: 04/15/2010
Est. Priority Date: 10/09/2008
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus, comprising:

a machine;

a secret mapping module running on the machine and configured to create a mapping that maps a secret to a claim stored in an information card;

a receiver running on the machine and configured to receive a request for the secret from a remote application;

a mapping query module running on the machine and configured to perform a search for the mapping;

a credential provider application running on the machine and configured to retrieve the secret based at least in part on the claim; and

a transmitter configured to transmit the secret to the remote application.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus can include a secret mapping module running on a machine and configured to create a mapping that maps a secret to a claim stored in an information card, a receiver running on the machine and configured to receive a request for the secret from a remote application, a mapping query module running on the machine and configured to perform a search for the mapping, a credential provider application running on the machine and configured to retrieve the secret based at least in part on the claim, and a transmitter configured to transmit the secret to the remote application.

108 Citations

20 Claims

1. An apparatus, comprising:
- a machine;
  
  a secret mapping module running on the machine and configured to create a mapping that maps a secret to a claim stored in an information card;
  
  a receiver running on the machine and configured to receive a request for the secret from a remote application;
  
  a mapping query module running on the machine and configured to perform a search for the mapping;
  
  a credential provider application running on the machine and configured to retrieve the secret based at least in part on the claim; and
  
  a transmitter configured to transmit the secret to the remote application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the remote application comprises a legacy application running on the machine.
  - 3. The apparatus of claim 1, further comprising an information card selector configured to prompt a user to select the information card.
  - 4. The apparatus of claim 1, wherein the secret comprises a credential.
  - 5. The apparatus of claim 4, wherein the credential comprises a username and a password.
  - 6. The apparatus of claim 1, wherein the claim comprises a claim type and a claim identifier.
  - 7. The apparatus of claim 6, wherein the claim identifier comprises a Uniform Resource Identifier (URI).
  - 8. The apparatus of claim 1, further comprising a secret store provider running on the machine and configured to query a secret store for the secret.

9. A computer-implemented method, comprising:
- receiving a request from a relying party for a credential;
  
  querying a plurality of information cards for a claim, wherein the credential is mapped to the claim;
  
  responsive to finding an information card comprising the claim, selecting the information card;
  
  based at least in part on the claim, retrieving the credential; and
  
  transmitting the credential to the relying party.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The computer-implemented method of claim 9, wherein the relying party comprises a legacy application.
  - 11. The computer-implemented method of claim 9, wherein the credential comprises a single sign-on (SSO) key.
  - 12. The computer-implemented method of claim 9, wherein the credential comprises a usemrname and a password.
  - 13. The computer-implemented method of claim 9, further comprising, responsive to not finding an information card comprising the claim, directly prompting a user for the credential.
  - 14. The computer-implemented method of claim 9, further comprising, responsive to not finding an information card comprising the claim, querying a secret store for the credential.
  - 15. The computer-implemented method of claim 14, further comprising, responsive to not finding the credential in the secret store, directly prompting a user for the credential.
  - 16. The computer-implemented method of claim 14, further comprising, responsive to finding the credential in the secret store, transmitting the credential to the relying party.
  - 17. The computer-implemented method of claim 9, further comprising invoking a card selector to prompt a user to select the information card comprising the claim.

18. A tangible computer-readable medium storing instructions that, when executed by a processor, result in:
- receiving a request from a relying party for a username and a password;
  
  performing a search for an information card comprising a first claim and a second claim, wherein the username is mapped to the first claim and the password is mapped to the second claim;
  
  based at least in part on the first and second claims, retrieving the requested username and password; and
  
  transmitting the retrieved username and password to the relying party.
- View Dependent Claims (19, 20)
- - 19. The tangible computer-readable medium of claim 18, wherein retrieving the requested username and password comprises retrieving a token from an identity provider and using the first and second claims to decode the token.
  - 20. The tangible computer-readable medium of claim 18, having stored thereon further instructions that, when executed by the machine, result in:
    - responsive to not finding the information card, searching a secret store for the requested username and password; and
      
      transmitting the requested username and password to the relying party.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Norman, James M., Sanders, Daniel S., Hodgkinson, Andrew A.

Application Number

US12/248,815
Publication Number

US 20100095372A1
Time in Patent Office

Days
Field of Search
US Class Current

726/20
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3226   using a predetermined code,...

TRUSTED RELYING PARTY PROXY FOR INFORMATION CARD TOKENS

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRUSTED RELYING PARTY PROXY FOR INFORMATION CARD TOKENS

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links