USER-AUTHORIZED INFORMATION CARD DELEGATION

US 20100251353A1
Filed: 03/25/2009
Published: 09/30/2010
Est. Priority Date: 03/25/2009
Status: Abandoned Application

First Claim

Patent Images

1. A system, comprising:

an authorization token provided by a user, wherein the authorization token comprises relying party access information specifying user identification information to be made accessible by an information card host to a relying party;

an information card stored at the information card host, wherein the information card comprises the user identification information; and

an identity token provided by the information card host in response to a request for identity token from the relying party, wherein the identity token is based at least in part on the authorization token, and wherein the identity token comprises the user identification information.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system can include an authorization token provided by a user, the authorization token specifying user identification information to be made accessible by an information card host to a relying party, an information card stored at the information card host, and an identity token generated or requested by the information card host in response to a request for identity token from the relying party.

Citations

25 Claims

1. A system, comprising:
- an authorization token provided by a user, wherein the authorization token comprises relying party access information specifying user identification information to be made accessible by an information card host to a relying party;
  
  an information card stored at the information card host, wherein the information card comprises the user identification information; and
  
  an identity token provided by the information card host in response to a request for identity token from the relying party, wherein the identity token is based at least in part on the authorization token, and wherein the identity token comprises the user identification information.
- View Dependent Claims (2, 3, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, wherein the user identification information comprises at least one of an email address, a phone number, a date of birth, and a mailing address.
  - 3. The system of claim 1, wherein the authorization token comprises an OAuth token.
  - 9. The system of claim 1, wherein the relying party access information comprises at least one user-specified restriction, wherein the at least one user-specified restriction comprises an authorization token expiration date.
  - 10. The system of claim 1, wherein the authorization token is generated specifically for the relying party only.
  - 11. The system of claim 1, wherein the authorization token is generated for the relying party and at least one other relying party.
  - 12. The system of claim 1, wherein the authorization token is stored at the relying party.
  - 13. The system of claim 1, wherein the authorization token is stored at the information card host.
  - 14. The system of claim 1, wherein the identity token is requested by the information card host.

15. A computer-implemented method, comprising:
- storing an information card at an information card host, wherein the information card comprises identity information pertaining to a user;
  
  receiving an authorization token for a relying party at the information card host, wherein the authorization token specifies a granting of access privileges to at least a portion of the identity information by the user;
  
  receiving from the relying party a request for an identity token at the information card host;
  
  generating an identity token at the information card host, wherein the identity token is based on the authorization token, and wherein the identity token comprises the identity information of the user; and
  
  transmitting the identity token to the relying party.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The computer-implemented method of claim 15, further comprising storing the authorization token at the information card host.
  - 17. The computer-implemented method of claim 15, further comprising storing the authorization token at the relying party.
  - 18. The computer-implemented method of claim 17, wherein the steps of receiving the authorization token and receiving the request are performed concurrently with each other.
  - 19. The computer-implemented method of claim 15, further comprising performing an authentication of the authorization token.
  - 20. The computer-implemented method of claim 15, further comprising omitting identity information to which no granting of access privileges is specified the authorization token.
  - 21. The computer-implemented method of claim 20, further comprising notifying the relying party of the omitting.
  - 22. The computer-implemented method of claim 15, further comprising updating the information card using an identity provider.
  - 23. The computer-implemented method of claim 15, further comprising revoking the authorization token.
  - 24. The computer-implemented method of claim 15, wherein the identity token comprises metadata pertaining to the information card.
  - 25. One or more tangible, computer-readable media storing computer-executable instructions that, when executed by a processor, perform the computer-implemented method of claim 15.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Novell Incorporated (Open Text Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Hodgkinson, Andrew A.

Application Number

US12/411,222
Publication Number

US 20100251353A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

USER-AUTHORIZED INFORMATION CARD DELEGATION

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

USER-AUTHORIZED INFORMATION CARD DELEGATION

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links