Provisioning of digital identity representations
First Claim
Patent Images
1. A system for provisioning a digital identity representation for a principal, comprising:
- a digital identity representation generation system for generating the digital identity representation;
an identity provider for generating an identity token in response to receiving an identity-token request, wherein the identity-token request is generated in response to selection of the digital identity representation; and
an identity data store, operatively connected to the identity provider and to the digital identity representation generation system;
wherein the digital identity representation generation system accesses the identity data store to determine at least one type of identity claim available to be included in the generated digital identity representation and wherein the identity provider accesses the identity data store in generating the identity token.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for provisioning digital identity representations (“DIRs”) uses various techniques and structures to ease administration, increase accuracy, and decrease inconsistencies of a digital-identity provisioning system. A system is provided using a common identity data store for both DIR issuance and identity token issuance, decreasing synchronization issues. Various methods are provided for creating new DIRs, notifying principals of available DIRs, and approving issuance of new DIRs.
171 Citations
20 Claims
-
1. A system for provisioning a digital identity representation for a principal, comprising:
-
a digital identity representation generation system for generating the digital identity representation; an identity provider for generating an identity token in response to receiving an identity-token request, wherein the identity-token request is generated in response to selection of the digital identity representation; and an identity data store, operatively connected to the identity provider and to the digital identity representation generation system; wherein the digital identity representation generation system accesses the identity data store to determine at least one type of identity claim available to be included in the generated digital identity representation and wherein the identity provider accesses the identity data store in generating the identity token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for provisioning a digital identity representation for a principal, comprising:
-
authenticating the principal to a digital identity representation generation system using sign-on information; receiving a request for a digital identity representation; generating the digital identity representation for the principal, wherein the digital identity representation is secured using at least some of the sign-on information such that the sign-on information must be provided before the digital identity representation can be used; and sending the digital identity representation to a principal machine. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A system for provisioning a digital identity representation for a principal, comprising:
-
a processing unit; a memory, operably connected to the processing unit and including instructions that, when executed by the processing unit, cause the processing unit to perform a method, the method comprising the steps of; authenticating the principal to a digital identity representation generation system using sign-on information; receiving a request for a digital identity representation; generating the digital identity representation for the principal, wherein the digital identity representation is secured using at least some of the sign-on information such that the sign-on information must be provided before the digital identity representation can be used; and sending the digital identity representation to a principal machine. - View Dependent Claims (18, 19, 20)
-
Specification