Systems and methods for enabling trust in a federated collaboration
First Claim
1. A method for communicating on a federated network involving a trusted third party, the method comprising:
- setting policies related to communicating on the federated network, the federated network including a plurality of members;
accepting an application of an organization to become a member the federated network;
responsive to the application, auditing the organization for compliance with the policies;
based on a successful result of the audit;
generating, by a certificate server, a digital certificate for use by the organization to sign identity assertions when communicating on the federated network, the digital certificate signifying that the trusted third party has audited and approved the organization for compliance with the policies; and
providing, by the certificate server, the digital certificate to the organization.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods consistent with the present invention enable explicit and multilateral trust across a community of federated servers via a network. A trusted third party establishes a framework of policies and procedures governing a federation. Organizations joining the federation submit to an audit process of internal policies and procedures to ensure compliance with the policies and procedures of the federation. Upon successful completion of an audit, an organization may receive a digital certificate containing the digital public key of the organization and indicating approval of the trusted third party. The organization may then use the associated digital private key for signing security assertions associated with a request for resources from another federation service provider. The service provider may trust the assertion from the organization based on trust placed in trusted third party by the service provider and the trust placed in the organization by the trusted third party.
-
Citations
19 Claims
-
1. A method for communicating on a federated network involving a trusted third party, the method comprising:
-
setting policies related to communicating on the federated network, the federated network including a plurality of members; accepting an application of an organization to become a member the federated network; responsive to the application, auditing the organization for compliance with the policies; based on a successful result of the audit; generating, by a certificate server, a digital certificate for use by the organization to sign identity assertions when communicating on the federated network, the digital certificate signifying that the trusted third party has audited and approved the organization for compliance with the policies; and providing, by the certificate server, the digital certificate to the organization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for communicating on a federated network involving a trusted third party, the method comprising:
-
setting policies related to communicating in the federated network, the federated network including a plurality of members; accepting an application of an organization to become a member the federated network; responsive to the application, auditing the organization for compliance with the policies; based on a successful result of the audit; accepting the organization as a member of the federated network; generating, by a certificate server, a digital certificate to be used by the organization when communicating with other members of the federated network, the digital certificate signifying that the organization has been audited and approved by the trusted third party for membership in the federation; and providing, by the certificate server, the digital certificate to the organization. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A computing system associated with a trusted third party of a federated network, the system comprising:
-
a policy storage area storing policies related to communicating on the federated network, the federated network including a plurality of members; an application server configured to process an application of an organization to become a member the federated network; an audit server configured to audit the organization for compliance with the policies responsive to the application; and a certificate server configured to, based on a successful result of the audit; generate a digital certificate for use by the organization to sign identity assertions when communicating on the federated network, the digital certificate signifying that the trusted third party has audited and approved the organization for compliance with the policies; and provide the digital certificate to the organization.
-
Specification