System and method for identity authentication for service access without use of stored credentials
First Claim
Patent Images
1. A method comprising:
- providing provisioning information for storage in a provisioning repository;
receiving a service request from a service consumer, the service request including requestor identifying information;
generating an authentication request to send to an authentication authority, the authentication request including the service request and the requestor identifying information that identifies the service consumer that requested a service corresponding to the service request, the authentication authority verifying the requestor identifying information using independently verifiable data corresponding to the service consumer, the independently verifiable data being obtained, independently of a service provider providing the requested service;
receiving validation of an authenticated service request from the authentication authority; and
providing the requested service to the service consumer.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented system and method for pool-based identity authentication for service access without use of stored credentials is disclosed. The method in an example embodiment includes providing provisioning information for storage in a provisioning repository; receiving a service request from a service consumer, the service request including requester identifying information; generating an authentication request to send to an authentication authority, the authentication request including requester identifying information; receiving validation of an authenticated service request from the authentication authority; and providing the requested service to the service consumer.
-
Citations
17 Claims
-
1. A method comprising:
-
providing provisioning information for storage in a provisioning repository; receiving a service request from a service consumer, the service request including requestor identifying information; generating an authentication request to send to an authentication authority, the authentication request including the service request and the requestor identifying information that identifies the service consumer that requested a service corresponding to the service request, the authentication authority verifying the requestor identifying information using independently verifiable data corresponding to the service consumer, the independently verifiable data being obtained, independently of a service provider providing the requested service; receiving validation of an authenticated service request from the authentication authority; and providing the requested service to the service consumer. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
providing provisioning information for storage in a provisioning repository; receiving an authentication request from a service provider, the authentication request including a service request and requestor identifying information that identifies a service consumer that requested a service corresponding to the service request; verifying the requestor identifying information using independently verifiable data corresponding to the service consumer, the independently verifiable data being obtained independently of a service provider providing the requested service; matching the service request and requestor identifying information with the provisioning information stored in the provisioning repository; and sending validation of an authenticated service request to the service provider. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An apparatus comprising:
-
a provisioning repository for storing provisioning information; and a service provider to receive a service request from a service consumer, the service request including requestor identifying information;
to generate an authentication request to send to an authentication authority, the authentication request including the service request and the requestor identifying information that identifies the service consumer that requested a service corresponding to the service request, the authentication authority verifying the requestor identifying information using independently verifiable data corresponding to the service consumer, the independently verifiable data being obtained independently of a service provider providing the requested service;
to receive validation of an authenticated service request from the authentication authority; and
to provide the requested service to the service consumer. - View Dependent Claims (13, 14)
-
-
15. An apparatus comprising:
-
a provisioning repository for storing provisioning information; and an authentication authority to receive an authentication request from a service provider, the authentication request including a service request and requestor identifying information that identifies a service consumer that requested a service corresponding to the service request;
to verify the requestor identifying information using independently verifiable data, corresponding to the service consumer, the independently verifiable data being obtained independently of a service provider providing the requested service;
to match the service request and requestor identifying information with the provisioning information stored in the provisioning repository; and
to send validation of an authenticated service request to the service provider. - View Dependent Claims (16, 17)
-
Specification