Managed authentication service

US 7,457,950 B1
Filed: 09/29/2000
Issued: 11/25/2008
Est. Priority Date: 09/29/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A machine-implemented method comprising:

receiving digital credential information from a relying party at an authentication service, wherein the digital credential information is indicative of a first user being professionally licensed but has been received by the relying party from an unauthorized user;

verifying that the digital credential information is valid using professional license status information that has been stored for a plurality of users;

providing verification information indicative of a valid professional license of the first user from the authentication service to the relying party; and

providing information from the authentication service to the first user, the information indicative of the provision of verification information indicative of the valid professional license to the relying party,wherein the relying party, the unauthorized user, and the first user are distinct from each other.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A managed authentication service provides relying parties an out-sourced authentication service for verifying the identity of online visitors. The service provides real-time, managed authentication and usage monitoring, multiple identity confirmation levels and a highly scalable and secure solution for authenticating online transactions.

101 Citations

View as Search Results

23 Claims

1. A machine-implemented method comprising:
- receiving digital credential information from a relying party at an authentication service, wherein the digital credential information is indicative of a first user being professionally licensed but has been received by the relying party from an unauthorized user;
  
  verifying that the digital credential information is valid using professional license status information that has been stored for a plurality of users;
  
  providing verification information indicative of a valid professional license of the first user from the authentication service to the relying party; and
  
  providing information from the authentication service to the first user, the information indicative of the provision of verification information indicative of the valid professional license to the relying party,wherein the relying party, the unauthorized user, and the first user are distinct from each other.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein providing information to the first user comprises providing access to an activity log associated with the first user.
  - 3. The method of claim 1, wherein:
    - the professional license status information comprises registration information indicative of a professional license registration status with a registration authority; and
      
      the method further comprises, prior to providing the verification information to the relying party, verifying the registration information with the registration authority.
  - 4. The method of claim 1, wherein:
    - the professional license status information comprises registration information indicative of a professional license registration status with a registration authority; and
      
      the method further comprises verifying the registration information with the registration authority.
  - 5. The method of claim 1, further comprising:
    - storing access information associated with the relying party, the access information including information indicative of the providing the verification information; and
      
      providing the access information to the relying party.
  - 6. The method of claim 1, further comprising at least one of the relying party and the authentication service issuing a challenge in response to receiving digital credential information associated with the first user.
  - 7. The method of claim 1, further comprising receiving, at the relying party, the valid digital credential information from an unauthorized user.
  - 8. The method of claim 1, wherein verifying that the digital credential information is valid comprises verifying that no disciplinary action has been taken against the first user.

9. An article comprising a machine-readable medium embodying information indicative of instructions that when performed by one or more machines of an authentication service result in operations comprising:
- receiving digital credential information from a relying party at the authentication service, wherein the digital credential information is indicative of a first user being professionally licensed but has been received by the relying party from an unauthorized user;
  
  verifying that the digital credential information is valid using professional license status information that has been stored for a plurality of users;
  
  providing verification information indicative of a valid professional license of the first user from the authentication service to the relying party; and
  
  providing information from the authentication service to the first user, the information indicative of the provision of verification information indicative of the valid professional license to the relying party,wherein the relying party, the unauthorized user, and the first user are distinct from each other.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The article of claim 9, wherein providing information to the first user comprises providing access to an activity log associated with the first user.
  - 11. The article of claim 9, wherein:
    - the professional license status information comprises registration information indicative of a professional license registration status with a registration authority; and
      
      the operations further comprise, prior to providing the verification information to the relying party, verifying the registration information with the registration authority.
  - 12. The article of claim 9, wherein:
    - the professional license status information comprises registration information indicative of a professional license registration status with a registration authority; and
      
      the operations further comprise verifying the registration information with the registration authority.
  - 13. The article of claim 9, wherein the operations further comprise:
    - storing access information associated with the relying party, the access information including information indicative of the providing of the verification information; and
      
      providing the access information to the relying party.
  - 14. The article of claim 9, wherein verifying that the digital credential information is valid comprises verifying that no disciplinary action has been taken against the first user.

15. A system comprising:
- storage configured to store professional license status information for a plurality of users; and
  
  an authentication service configured to;
  
  receive digital credential information from a relying party, wherein the digital credential information is indicative of a first user being professionally licensed;
  
  verify the digital credential information using the professional license status information;
  
  provide verification information indicative of a valid professional license of the first user to the relying party; and
  
  provide information to the first user, the information indicative of the provision of verification information indicative of the valid professional license to the relying party,wherein the authentication server is configured to provide the information indicative of receipt of valid digital credential information without regard to whether the relying party has received the valid digital credential information from the first user,and wherein the relying party is distinct from the first user.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The system of claim 15, wherein the authentication service is configured to provide information to the first user at least by providing access to an activity log associated with the first user.
  - 17. The system of claim 15, wherein the authentication information comprises registration information indicative of a registration status with a registration authority, and wherein the authentication service is further configured to:
    - verify the registration information with the registration authority prior to providing the verification information to the relying party.
  - 18. The system of claim 15, wherein:
    - the professional license status information comprises registration information indicative of a professional license registration status with a registration authority; and
      
      the authentication service is further configured to verify the registration information with the registration authority.
  - 19. The system of claim 15, wherein the authentication service is further configured to:
    - store access information associated with the relying party, the access information including information indicative of the providing the verification information; and
      
      provide the access information to the relying party.
  - 20. The system of claim 15, wherein the authentication service is further configured to issue a challenge in response to receiving digital credential information associated with the first user.
  - 21. The system of claim 15, wherein the authentication server is configured to provide the information in response to the relying party having received the valid digital credential information from an unauthorized user.
  - 22. The system of claim 15, further comprising a relying party configured to receive the digital credential information associated with the first user and relay it to the authentication service.
  - 23. The system of claim 15, wherein the authentication service configured to verify the digital credential information by verifying that no disciplinary action has been taken against the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Deklotz, Wesley, Brickell, Erine F.
Primary Examiner(s)
Sheikh; Ayaz
Assistant Examiner(s)
Henning; Matthew T

Application Number

US09/676,319
Time in Patent Office

2,979 Days
Field of Search

713/156, 705/51, 705/76, 705 1- 3, 340 58- 585
US Class Current

713/156
CPC Class Codes

G06F 21/33   using certificates

G06F 2221/2115   Third party

G06Q 30/018   Certifying business or prod...

G06Q 40/08   Insurance

G16H 10/60   for patient-specific data, ...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/88   Medical equipments

H04L 63/0823   using certificates cryptogr...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Managed authentication service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

101 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Managed authentication service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

101 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links