System and method for virtual information cards
First Claim
Patent Images
1. An apparatus, comprising:
- a client (105);
a card selector (205) on the client (105);
a receiver (210) on the client (105) to receive a security policy (150) from a relying party (130);
a transmitter (215) to transmit a security token (160) to said relying party (130);
at least one virtual information card policy (230) accessible from the client (105); and
a virtual information card definer (235) to define at least one virtual information card (315) using the at least one virtual information card policy (230) and said security policy (150),where no existing information card (220) accessible from the card selector (205) can satisfy said security policy (150).
13 Assignments
0 Petitions
Accused Products
Abstract
A client includes a card selector, and receives a security policy from a relying party. If the client does not have an information card that can satisfy the security policy, the client can define a virtual information card, either from the security policy or by augmenting an existing information card. The client can also use a local security policy that controls how and when a virtual information card is defined. The virtual information card can then be used to generate a security token to satisfy the security policy.
-
Citations
34 Claims
-
1. An apparatus, comprising:
-
a client (105); a card selector (205) on the client (105); a receiver (210) on the client (105) to receive a security policy (150) from a relying party (130); a transmitter (215) to transmit a security token (160) to said relying party (130); at least one virtual information card policy (230) accessible from the client (105); and a virtual information card definer (235) to define at least one virtual information card (315) using the at least one virtual information card policy (230) and said security policy (150), where no existing information card (220) accessible from the card selector (205) can satisfy said security policy (150). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
receiving (805) a security policy (150) from a relying party (130) at a client (105); determining (810, 815) that no information card (220) stored on the client (105) satisfies the security policy (150); accessing (835) a virtual information card policy (230); defining (845) at least one virtual information card (315) using the security policy (150) and the virtual information card policy (230) that can satisfy the security policy (150); receiving (850) a selection of one of the at least one virtual information cards (315); generating (855) a security token (160) responsive to the selected virtual information card (315); and transmitting (830) the security token (160) to the relying party (130). - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 31, 33)
-
-
23. An article, comprising a non-transitory storage medium, said non-transitory storage medium having stored thereon instructions that, when executed by a machine, result in:
-
receiving (805) a security policy (150) from a relying party (130) at a client (105); determining (810, 815) that no information card (220) stored on the client (105) satisfies the security policy (150); accessing (835) a virtual information card policy (230); defining (845) at least one virtual information card (315) using the security policy (150) and the virtual information card policy (230) that can satisfy the security policy (150); receiving (850) a selection of one of the at least one virtual information cards (315); generating (855) a security token (160) responsive to the selected virtual information card (315); and transmitting (830) the security token (160) to the relying party (130). - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 32, 34)
-
Specification