JUST IN TIME VISITOR AUTHENTICATION AND VISITOR ACCESS MEDIA ISSUANCE FOR A PHYSICAL SITE
First Claim
1. A method of issuing a visitor access medium to a visitor for access to a visitor access medium controlled physical site of a host organization, comprising:
- receiving, by at least one processor of a host organization system for a host organization of a physical site, a request, by a visitor with an identifier of a visitor organization, for a visitor access medium for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor;
identifying, by the at least one processor, the visitor organization system from among a plurality of visitor organization systems;
outputting, by the at least one processor, a login interface for the visitor to enter identifying information;
sending, by the at least one processor, the identifying information input by the visitor through the login interface to the visitor organization system;
receiving, by the at least one processor, an identity provider token dispensed by the visitor organization system identifying the identity of the visitor is verified by the visitor organization system from the identifying information authenticating in the electronic identity profile for the visitor;
responsive to validating the identity provider token is from the visitor organization system, dispensing, by the at least one processor, a resource token from the host organization system validating the identity of the visitor by the visitor organization system;
translating, by the at least one processor, the resource token into a physical access control system request for the visitor access medium; and
sending, by the at least one processor, the physical access control system request to the physical access control system for adding the visitor to the physical access control system and triggering issuance of the visitor access medium for the visitor.
1 Assignment
0 Petitions
Accused Products
Abstract
A host organization system for a host organization of a physical site, receives a request, by a visitor with an identifier of a visitor organization for a visitor access medium, for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor. Responsive to the host organization system receiving an authenticated identifier for the visitor from the visitor organization system and validating the authenticated identifier from the visitor organization system, issuing a visitor access medium to the visitor for controlling access to the physical site.
39 Citations
20 Claims
-
1. A method of issuing a visitor access medium to a visitor for access to a visitor access medium controlled physical site of a host organization, comprising:
-
receiving, by at least one processor of a host organization system for a host organization of a physical site, a request, by a visitor with an identifier of a visitor organization, for a visitor access medium for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor; identifying, by the at least one processor, the visitor organization system from among a plurality of visitor organization systems; outputting, by the at least one processor, a login interface for the visitor to enter identifying information; sending, by the at least one processor, the identifying information input by the visitor through the login interface to the visitor organization system; receiving, by the at least one processor, an identity provider token dispensed by the visitor organization system identifying the identity of the visitor is verified by the visitor organization system from the identifying information authenticating in the electronic identity profile for the visitor; responsive to validating the identity provider token is from the visitor organization system, dispensing, by the at least one processor, a resource token from the host organization system validating the identity of the visitor by the visitor organization system; translating, by the at least one processor, the resource token into a physical access control system request for the visitor access medium; and sending, by the at least one processor, the physical access control system request to the physical access control system for adding the visitor to the physical access control system and triggering issuance of the visitor access medium for the visitor. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of issuing a visitor access medium to a visitor for access to a physical site controlled by a physical access control system requiring presentation of the visitor access medium, comprising:
-
receiving, by at least one processor of a site visitor system for a host organization, a request by a visitor for an visitor access medium for controlled access to a physical site controlled by the host organization through a physical access control system; verifying, by the at least one processor of the site visitor system, the identity of the visitor by a visitor organization system hosting an electronic identity profile for the visitor, wherein the site visitor system and visitor organization system are operatively connected, wherein there is an existing electronic trust relationship between the site visitor system and the visitor organization system; sending, by the at least one processor of the site visitor system, identifying information input by the visitor to the visitor organization system; dispensing, by at least one additional processor of the visitor organization system, a visitor verification token if the identity of the visitor is verified by the visitor organization by the electronic identity profile for the visitor; validating, by the at least one processor of the site visitor system, the visitor verification token and issuing a resource token, wherein the resource token comprises information about the visitor; sending, by the at least one processor of the site visitor system, the resource token to a token translator; translating, by the token translator, data in the resource token into a physical access control system request for the visitor; updating, by the at least one processor of the site visitor system, the physical access control system to allow access to the visitor based on the physical access control system request; and issuing, by a visitor access provision system, a physical visitor access medium for the visitor specified by the physical access control system request.
-
-
9. A system for issuing a visitor access medium to a visitor for access to a visitor access medium controlled physical site of a host organization, comprising:
-
one or more processors; a host organization system, for execution by at least one of said one or more processors, operative to receive, for a host organization of a physical site, a request, by a visitor with an identifier of a visitor organization, for a visitor access medium for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor; the host organization system operative to identify the visitor organization system from among a plurality of visitor organization systems; the host organization system operative to output a login interface for the visitor to enter identifying information; the host organization system operative to send the identifying information input by the visitor through the login interface to the visitor organization system; the host organization system operative to receive an identity provider token dispensed by the visitor organization system identifying the identity of the visitor is verified by the visitor organization system from the identifying information authenticating in the electronic identity profile for the visitor; the host organization system, responsive to validating the identity provider token is from the visitor organization system, operative to dispense a resource token from the host organization system validating the identity of the visitor by the visitor organization system; the host organization system, operative to translate the resource token into a physical access control system request for the visitor access medium; and the host organization system operative to send the physical access control system request to the physical access control system for adding the visitor to the physical access control system and triggering issuance of the visitor access medium for the visitor. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer program product for issuing a visitor access medium to a visitor for access to a visitor access medium controlled physical site of a host organization, comprising:
-
one or more computer-readable, tangible storage devices; program instructions, stored on at least one of the one or more storage devices to receive, for a host organization system of a host organization of a physical site, a request, by a visitor with an identifier of a visitor organization, for a visitor access medium for access to the physical site controlled by a physical access control system requiring presentation of the visitor access medium for access to the physical site, wherein there is an electronic trust relationship between the host organization system and a visitor organization system for the visitor organization via a network, wherein the visitor organization system maintains an electronic identity profile for the visitor; program instructions, stored on at least one of the one or more storage devices to identify the visitor organization system from among a plurality of visitor organization systems; program instructions, stored on at least one of the one or more storage devices to output a login interface for the visitor to enter identifying information; program instructions, stored on at least one of the one or more storage devices to send the identifying information input by the visitor through the login interface to the visitor organization system; program instructions, stored on at least one of the one or more storage devices to receive an identity provider token dispensed by the visitor organization system identifying the identity of the visitor is verified by the visitor organization system from the identifying information authenticating in the electronic identity profile for the visitor; program instructions, stored on at least one of the one or more storage devices, responsive to validating the identity provider token is from the visitor organization system, to dispense a resource token from the host organization system validating the identity of the visitor by the visitor organization system; program instructions, stored on at least one of the one or more storage devices to translate the resource token into a physical access control system request for the visitor access medium; and program instructions, stored on at least one of the one or more storage devices to send the physical access control system request to the physical access control system for adding the visitor to the physical access control system and triggering issuance of the visitor access medium for the visitor. - View Dependent Claims (17, 18, 19, 20)
-
Specification