Method and system for interoperable identity and interoperable credentials
First Claim
1. A method implemented on a computing device having at least one processor, storage, and a communication platform capable of making a connection to a network for authenticating a person, wherein the person is associated with an actual name of the person and the person is associated with a first credential verifiable by a first credential service agent, the first credential being associated with a first credential identifier, the method comprising the steps of:
- receiving, by the computing device, an actual name of the person;
determining the first credential identifier associated with the person based on the received actual name;
verifying the first credential provided by the person via the first credential service agent using the determined first credential identifier of the person;
soliciting, after successful verification of the first credential provided by the person, a peripheral name from the person;
generating a universal name by combining a symbol, the actual name, and the peripheral name of the person;
associating the universal name with the first credential identifier in a data store;
receiving information related to a second credential associated with the person, the second credential being associated with a second credential identifier, the second credential being verifiable via a second credential service agent;
associating the universal name with the second credential identifier in the data store;
receiving a request for verifying the first credential, the request being for a trusted application and specifying the universal name and the first credential;
determining, using the universal name, the first credential identifier associated with the universal name;
providing, by the computing device, the first credential identifier and the first credential from the request to the first credential service agent; and
providing, by the computing device, a response from the first credential service agent to the trusted application that completes the verification request, wherein the trusted application is associated with the second credential.
1 Assignment
0 Petitions
Accused Products
Abstract
The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.
26 Citations
20 Claims
-
1. A method implemented on a computing device having at least one processor, storage, and a communication platform capable of making a connection to a network for authenticating a person, wherein the person is associated with an actual name of the person and the person is associated with a first credential verifiable by a first credential service agent, the first credential being associated with a first credential identifier, the method comprising the steps of:
-
receiving, by the computing device, an actual name of the person; determining the first credential identifier associated with the person based on the received actual name; verifying the first credential provided by the person via the first credential service agent using the determined first credential identifier of the person; soliciting, after successful verification of the first credential provided by the person, a peripheral name from the person; generating a universal name by combining a symbol, the actual name, and the peripheral name of the person; associating the universal name with the first credential identifier in a data store; receiving information related to a second credential associated with the person, the second credential being associated with a second credential identifier, the second credential being verifiable via a second credential service agent; associating the universal name with the second credential identifier in the data store; receiving a request for verifying the first credential, the request being for a trusted application and specifying the universal name and the first credential; determining, using the universal name, the first credential identifier associated with the universal name; providing, by the computing device, the first credential identifier and the first credential from the request to the first credential service agent; and providing, by the computing device, a response from the first credential service agent to the trusted application that completes the verification request, wherein the trusted application is associated with the second credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A machine-readable, non-transitory and tangible medium having instructions recorded thereon for authenticating a person, the person being associated with an actual name of the person and with a first credential verifiable by a first credential service agent, and the first credential having a first credential identifier, and the medium, when read by the machine, causes the machine to perform the following:
-
receiving an actual name of the person; determining the first credential identifier associated with the person based on the received actual name; verifying the first credential provided by the person via the first credential service agent using the determined first credential identifier of the person; soliciting, after successful verification of the first credential provided by the person, a peripheral name from the person; generating a universal name by combining a symbol, the actual name, and the peripheral name of the person; associating the universal name with the first credential identifier in a data store; receiving information related to a second credential associated with the person, the second credential being associated with a second credential identifier, the second credential being verifiable via a second credential service agent; associating the universal name with the second credential identifier in the data store;
receiving a request for verifying the first credential, the request being for a trusted application and specifying the universal name and the first credential;determining, using the universal name, the first credential identifier associated with the universal name; providing the first credential identifier and the first credential from the request to the first credential service agent; and providing a response from the first credential service agent to the trusted application that completes the verification request, wherein the trusted application is associated with the second credential. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification