SYSTEM AND METHOD FOR SCOPING A USER IDENTITY ASSERTION TO COLLABORATIVE DEVICES
First Claim
1. A method for sharing a user identity assertion between a primary communication device and a secondary communication device, wherein the user identity assertion enables the primary and secondary communication devices to access an application system, comprising:
- pairing the primary and secondary communication devices;
communicating a request for a user identity assertion scoped to the primary and secondary communication devices from the primary communication device to an identity provider system;
receiving the user identity assertion scoped to the primary and secondary communication devices from the identity provider system by the primary communication device; and
communicating the user identity assertion scoped to the primary and secondary communication devices from the primary communication device to the secondary communication device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for enabling a primary and a secondary communication device to share a user identity assertion is presented. The user identity assertion enables the devices to access an application system. The primary and secondary devices are paired to place them in collaboration with each other. The primary device requests an identity provider system to issue a user identity assertion scoped to the primary and secondary communication device. The identity provider system authenticates the primary device and generates the user identity assertion scoped to the primary device and the secondary device identified in the request. The primary communication device receives the user identity assertion and communicates the user identity assertion to the secondary device. The primary device may request the user identity assertion by communicating a user identity assertion scoped to the primary device and a single sign on session cookie or a request for an extension assertion.
-
Citations
20 Claims
-
1. A method for sharing a user identity assertion between a primary communication device and a secondary communication device, wherein the user identity assertion enables the primary and secondary communication devices to access an application system, comprising:
-
pairing the primary and secondary communication devices; communicating a request for a user identity assertion scoped to the primary and secondary communication devices from the primary communication device to an identity provider system; receiving the user identity assertion scoped to the primary and secondary communication devices from the identity provider system by the primary communication device; and communicating the user identity assertion scoped to the primary and secondary communication devices from the primary communication device to the secondary communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for issuing a user identity assertion scoped to one or more communication devices, wherein the user identity assertion enables the one or more communication devices to access an application system, comprising:
-
receiving a request for the user identity assertion scoped to one or more communication devices from a first of the one or more communication devices, wherein the one or more communication devices are in collaboration with each other; authenticating the first communication device; generating the user identity assertion scoped to the one or more communication devices; and communicating the user identity assertion scoped to the one or more communication devices to the first of the one or more communication devices, wherein the first of the one or more communication devices is configured to communicate the user identity assertion to the one or more communication devices to the one or more communication devices.
-
-
11. A system for sharing a user identity assertion between a primary communication device and a secondary communication device, wherein the user identity assertion enables the primary and secondary devices to access an application system, comprising:
-
a collaboration module configured to pair the primary and secondary communication devices; a request module configured to generate a request for the user identity assertion scoped to the primary and secondary communication devices; a first interface configured to communicate the request for the user identity assertion scoped to the primary and secondary communication devices to an identity provider system and is further configured to receive the user identity assertion scoped to the primary and secondary communication devices from the identity provider system; and a second interface configured to communicate the user identity assertion scoped to the primary and secondary communication devices to the secondary communication device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for issuing a user identity assertion scoped to one or more communication devices, wherein the user identity assertion enables the one or more communication devices to access an application system, comprising:
-
an interface configured to receive a request for the user identity assertion scoped to one or more communication devices from a first of the one or more communication device, wherein the one or more communication devices are in collaboration with each other; an authentication module configured to authenticate the first one of the communication devices; and an assertion module configured to generate the user identity assertion scoped to the one or more communication devices, wherein the interface is further configured to communicate the user identity assertion scoped to the one or more communication devices to the first one of the communication devices and wherein the first of the one or more communication devices is configured to communicate the user identity assertion scoped to the one or more communication devices to the one or more communication devices.
-
Specification