FEDERATED SMART USER IDENTIFICATION WITH EMBEDDED COMPUTING SYSTEM ENTITLEMENTS
First Claim
1. A system for providing federated user identification and hierarchical computing system entitlement, the system comprising:
- a plurality of computing systems, wherein each of the computing systems are defined by one or more entitlement zones; and
a computing device having a memory and at least one processor in communication with the memory, wherein the memory of the computing device stores a federated identification (ID) key having a plurality of keys strings, each key string configured to identify at least one of (i) one of the computing systems and (ii) one or more of the entitlement zones associated with the computing system that a user is authorized to access,wherein the federated ID key is configured to, in response to deciphering, (i) identify the user, and (ii) provide at least a portion of an authorization required for the user to access at least one of (a) one of the computing systems, and (b) one or more entitlement zones associated with the one of the computing systems.
1 Assignment
0 Petitions
Accused Products
Abstract
A federated smart user identification (ID) having embedded tiered/hierarchical entitlements. The federated smart user ID comprises an encrypted key having multiple key strings that create sub-zones/barriers within the key. Each key string includes logical code and is attached/associated with at least one of (i) a computing system, service, application or the like, and (ii) an entitlement zone of the system, service, application or the like. Thus, the individual key strings define which systems, services, applications and the like the user has access to and the entitlements/authorizations within those systems, services, applications that the user has. In addition, key strings can dynamically be added to or deleted from the key to thereby change system/service access authorization and/or system/service-level entitlement.
1 Citation
20 Claims
-
1. A system for providing federated user identification and hierarchical computing system entitlement, the system comprising:
-
a plurality of computing systems, wherein each of the computing systems are defined by one or more entitlement zones; and a computing device having a memory and at least one processor in communication with the memory, wherein the memory of the computing device stores a federated identification (ID) key having a plurality of keys strings, each key string configured to identify at least one of (i) one of the computing systems and (ii) one or more of the entitlement zones associated with the computing system that a user is authorized to access, wherein the federated ID key is configured to, in response to deciphering, (i) identify the user, and (ii) provide at least a portion of an authorization required for the user to access at least one of (a) one of the computing systems, and (b) one or more entitlement zones associated with the one of the computing systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for providing federated user identification and hierarchical computing system entitlement, the apparatus comprising:
-
a computing platform including; a memory; a processor in communication with the memory; and a federated identification (ID) key stored in the memory, executable by the processor and including a plurality of key strings, each key string configured to identify at least one of a computing system, and one or more entitlement zones associated with the computing system that a user is authorized to access, wherein the federated ID key is configured to, in response to deciphering, (i) identify the user, and (ii) provide at least a portion of an authorization required for the user to access at least one of (a) one of the computing systems, and (b) one or more entitlement zones associated with the one of the computing systems. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-implemented method for providing federated user identification and hierarchical computing system entitlement, the computer-implemented method is implemented by one or more processing devices and comprising:
-
deploying a digital token on a computing device, wherein the digital token comprises a federated identification (ID) key having a plurality of key strings, each key string configured to identify at least one of a computing system and an entitlement zone associated with the computing system; in response to receiving a request to access the computing system, receiving the digital token; and deciphering the federated ID key to (i) identify a holder of the digital token and (ii) provide at least a portion of an authorization required for the holder of the digital token to access at least one of the computing system and the entitlement zone.
-
Specification