Identity selector for use with a user-portable device and method of use in a user-centric identity management system
First Claim
1. A system, comprising:
- an identity manager system executing on a host computer, the identity manager system programmed to facilitate online interactions between a user and a service provider environment by managing identity requirements of the interactions;
the identity manager system comprises;
an agent module programmed to manage communications between the identity manager system and a user-portable computing device,the agent module programmed further to receive user identity information from the user-portable computing device when the user-portable computer device is connected into the host computer, the user identity information pertaining to a selected one of a plurality of user identities of the user and to use the user identity information to facilitate interactions between the user and the service provider environment, andwherein the user-portable computing device comprises;
data storage for providing first user identities; and
a token generator, responsive to a token request in reference to one of the first user identities, for issuing a security token relative to the referenced user identity.
3 Assignments
0 Petitions
Accused Products
Abstract
An identity selector manages the identity requirements of an online interaction between a user and a service provider environment. The identity selector is adapted for interoperable use with a user-portable computing device. The user device enables a user to carry identification information and to generate security tokens for use in authenticating the user to a service provider. The identity selector includes an agent module that facilitates communication with the user device. The identity selector imports the user identities from the user device and determines which user identities satisfy a security policy of a relying party. After the user selects one of the eligible user identities, the identity selector generates a token request based on the selected identity and forwards it to the user device, which in response issues a security token. The security token is returned to the identity selector and used to facilitate the authentication process.
-
Citations
20 Claims
-
1. A system, comprising:
-
an identity manager system executing on a host computer, the identity manager system programmed to facilitate online interactions between a user and a service provider environment by managing identity requirements of the interactions; the identity manager system comprises; an agent module programmed to manage communications between the identity manager system and a user-portable computing device, the agent module programmed further to receive user identity information from the user-portable computing device when the user-portable computer device is connected into the host computer, the user identity information pertaining to a selected one of a plurality of user identities of the user and to use the user identity information to facilitate interactions between the user and the service provider environment, and wherein the user-portable computing device comprises; data storage for providing first user identities; and a token generator, responsive to a token request in reference to one of the first user identities, for issuing a security token relative to the referenced user identity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
a host computing system receiving user identity information pertaining to a selected one of a plurality of user identities of a user from a user computing device connected into the host computer system; and the host computing system using user identity information received from the user computing device to manage identity requirements of interactions with a service provider environment; wherein the user-portable computing device; stores first user identities; and generates, responsive to a token request in reference to one of the first user identities, a security token relative to the referenced user identity. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having computer-executable instructions for execution by a processor, that;
- when executed, cause the processor to;
generate a token request in reference to one of a first user identity of a user; communicate the token request to a user computing device connected to a host computer; and receive a security token issued by the user computing device in response to the token request; wherein the user computing device; stores first user identities; and generates, responsive to a token request in reference to one of the first user identities, a security token relative to the referenced user identity. - View Dependent Claims (16, 17, 18, 19, 20)
- when executed, cause the processor to;
Specification