| Patent application number | Description | Published |
|---|
| 20090217362 | SELECTIVELY PROVISIONING CLIENTS WITH DIGITAL IDENTITY REPRESENTATIONS - A server provisions a client with digital identity representations such as information cards. A provisioning request to the server includes filtering parameters. The server assembles a provisioning response containing cards that satisfy the filtering parameters, and transmits the response to a client, possibly by way of a proxy. The provisioning response may include provisioning state information to help a server determine in subsequent exchanges which cards are already present on the client. A client may keep track the source of information cards and discard cards which a server has discarded. A proxy may make the provisioning request on behalf of a client, providing the server with the proxy's own authentication and with a copy of the request from the client to the proxy. | 08-27-2009 |
| 20090307744 | AUTOMATING TRUST ESTABLISHMENT AND TRUST MANAGEMENT FOR IDENTITY FEDERATION - A federated identity verification system includes an identity provider that provides security tokens ultimately to one or more relying parties for access by the client to services at a relying party. Specifically, the relying party can validate the security token from an identity provider (whether directly or via a client) when verifying that the received security token conforms to security configuration data previously exchanged with the identity provider. To establish the trust relationship, the identity provider and one or more relying parties exchange security configuration information through an agreed-to communication channel. The security configuration information indicates the settings that the other party needs to use for establishing, maintaining, and/or monitoring the trust relationship. The communication channel allows both parties to flexibly and continually synchronize changes to security configurations, and thus maintain, change, or end the trust relationship automatically, as desired. | 12-10-2009 |
| 20100042656 | CLAIM GENERATION FOR TESTING CLAIMS-BASED APPLICATIONS - The development-time testing of claims based applications. After a claims-based application is deployed, as the application runs, the application will encounter a number of claims, and will perform appropriate processing that depends on the application's trust in the veracity of the those claims. However, at development time, access to claims providers is either limited or non-existent. The principles described herein permit access to an environment at development-time in which the claims-based application will encounter any number and variety of claims. Accordingly, the application may be evaluated to verify proper operation in response to particular claims at development time, and any deviations in expected performance may be addressed prior to deployment. | 02-18-2010 |
| 20110078212 | Digests to Identify Elements in a Signature Process - A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed. | 03-31-2011 |
