MODELING PARTY IDENTITIES IN COMPUTER STORAGE SYSTEMS
First Claim
1. At a computer system including one or more processors and system memory, the computer system connected to a federated identity fabric, the federated identity fabric modeling identity related information in computer storage systems, the federated identity fabric providing a consistent view of and access to identity information across a plurality of different applications, a plurality of different computer systems, a plurality of different contexts, and a plurality of different networks, a method for utilizing the federated identity fabric to locate identity related data, the method comprising:
- an act of creating a first data object within a data structure, the first data object representing an entity from the physical or digital world, within the data structure, the data structure capable of representing, through a single schema, the existence of any entity that can be unambiguously identified;
an act of inserting the first data object into the federated identity fabric;
an act of creating a second data object containing the representation of an unambiguous identifier used within the federated identity fabric;
an act of inserting the second data object into the federated identity fabric;
an act of relating the second data object to the first data object such that the second data object can subsequently be used to locate the first data object;
an act of subsequently using the unambiguous identifier as a template for locating the second data object;
an act of using the relationship between the first data object and the second data object to locate the first data object subsequent to using the unambiguous identifier to locate the second data object; and
an act of retrieving identity related data for the entity from the first data object.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention extends to methods, systems, and computer program products for modeling party identities in computer storage systems. A federated identity fabric models identity data and relationships between portions of indentify data in computer storage systems in accordance with a uniform schema. The federated identity fabric can federate distributed identity and identity relationship data from computer storage systems within the variety of different computing environments. Code and metadata at computing environments associated with the federated identity fabric can interoperate to facilitate uniformly storing, accessing, modifying, deleting, and securing identity and identity relationship data within the federated identify fabric. Embodiments of the invention include utilizing an identity key table entry to locate party identity information and performing key transformations between different types of identity keys.
-
Citations
20 Claims
-
1. At a computer system including one or more processors and system memory, the computer system connected to a federated identity fabric, the federated identity fabric modeling identity related information in computer storage systems, the federated identity fabric providing a consistent view of and access to identity information across a plurality of different applications, a plurality of different computer systems, a plurality of different contexts, and a plurality of different networks, a method for utilizing the federated identity fabric to locate identity related data, the method comprising:
-
an act of creating a first data object within a data structure, the first data object representing an entity from the physical or digital world, within the data structure, the data structure capable of representing, through a single schema, the existence of any entity that can be unambiguously identified; an act of inserting the first data object into the federated identity fabric; an act of creating a second data object containing the representation of an unambiguous identifier used within the federated identity fabric; an act of inserting the second data object into the federated identity fabric; an act of relating the second data object to the first data object such that the second data object can subsequently be used to locate the first data object; an act of subsequently using the unambiguous identifier as a template for locating the second data object; an act of using the relationship between the first data object and the second data object to locate the first data object subsequent to using the unambiguous identifier to locate the second data object; and an act of retrieving identity related data for the entity from the first data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer program product for use in a federated identify fabric, the federated identify fabric including one or more computer systems, each computer system including one or more processors and system memory, the federated identity fabric providing a consistent view of and access to identity information across a plurality of different applications, a plurality of different computer systems, a plurality of different contexts, and a plurality of different networks, the computer program product for implementing a method for retrieving identify related data for a party from the federated identify fabric, the computer program product comprising one or more computer storage media having stored thereon computer-executable instructions that, when executed at a process, cause the federated identity fabric to perform the method inclugin the following:
-
receive a request for identity related data for a party, the request including; an identity key type defined in accordance with a identity key taxonomy within a single schema, the single schema capable of representing the existence of any entity that can be unambiguously identified; an identity key value indicating a value of the identity key type, the combination of identity key type and identity key value representing an entry within key identification table information; and a data value request, the data value request representing a request for a portion of party related identity data from a party table entry identifiable through the use of the combination of identity key type and identity key value and a relationship to party identification table information; locate the key identification table entry, within the key identification table information, that corresponds to the combination of the identity key type and identity key value; access a party identifier value from the key identification table entry, the party identifier value corresponding to the party associated with the identity key; refer to a party identity entry in the party identity table information based on the accessed party identifier and the relationship to the party identify table information; retrieve party identity data responsive to the data value request from the party identity entry; and return the party identity data in response to the received request. - View Dependent Claims (15, 16)
-
-
17. A computer program product for use in a federated identify fabric, the federated identify fabric including one or more computer systems, each computer system including one or more processors and system memory, providing a consistent view of and access to identity information across a plurality of different applications, a plurality of different computer systems, a plurality of different contexts, and a plurality of different networks, the computer program product for implementing a method for performing a key transformation within the federated identify fabric, the computer program product comprising one or more computer storage media having stored thereon computer-executable instructions that, when executed at a process, cause the federated identity fabric to perform the method inclugin the following:
-
receive a request for identity related data for a party, the request including; an first identity key type, the first identity key type defined in accordance with a identity key taxonomy within single schema, the single schema capable of representing the existing of any entity that can be unambiguously identified; an identity key value indicating a corresponding value of the first identity key type, the combination of first identity key type and corresponding identity key value representing an entry within key identification table information; and a key type request, the key type request representing a request for the corresponding key value of a second identity key type associated with the party, the second identity key type also defined in accordance with the identity key taxonomy within the single schema; locate the key identification table entry, within the key identification table information, that corresponds to the combination of the first identity key type and corresponding identity key value; access a party identifier value from the key identification table entry, the party identifier value corresponding to the party associated with the identity key; refer to the identity key table information to locate a second key identification table entry having the second identity type key and that includes the party identifier; retrieve the identity key value from the second key identification table entry; return the retrieved identity key value from the second key identification table entry in response to the request. - View Dependent Claims (18, 19, 20)
-
Specification