Patent application number | Description | Published |
20090113534 | GENERIC INTERACTIVE CHALLENGES IN A DISTRIBUTED SYSTEM - A challenge mechanism in which a challenge is issued from one message processor to another. In generating the challenge, the message processor may select any one or more of a number of available interactive challenge types, where each type of challenge type might use different user-originated information. Upon receiving the challenge, the challengee message processor may identify the challenge type based on information provided in the challenge, and perform different actions depending on the challenge type. The challengee message processor then generates an appropriate challenge response, and issues that challenge response to the challenger message processor. The challenger message processor may then validate the challenge response. | 04-30-2009 |
20090144234 | Providing Suggestions During Formation of a Search Query - Various embodiments enable information, in addition to textual information, to be presented to a user when the user enters a search query in a search box forming part of a user interface of an application. In one or more embodiments, a Web browser provides a search box in which a user can enter a search query. While the user is entering a search query, the Web browser can communicate with a third-party search provider to receive information, such as non-textual information, which can be presented to the user to assist in formulating their search query. The non-textual information can include images and other visual information of a non-textual nature. | 06-04-2009 |
20090150826 | SWITCHING SEARCH PROVIDERS WITHIN A BROWSER SEARCH BOX - A Web browser includes a quick pick search provider menu that provides a user interface which provides a user with the ability to quickly select a new search provider which appears when the user places focus in the Web browser's search box. In one or more embodiments, the Web browser's search box comprises a native part of the Web browser and is not a search box associated with an installed tool bar. In other embodiments, search box functionality is provided as an extension to the Web browser. Further, various embodiments enable the user to switch between search providers in an easy and intuitive way. Yet other embodiments provide an opportunity for users to switch between search providers using keywords in the search box. Further embodiments enable users to define collections of search providers to which individual searches can be sent. | 06-11-2009 |
20090319795 | DIGITALLY SIGNING DOCUMENTS USING IDENTITY CONTEXT INFORMATION - Creating a token for use by an entity when digitally signing documents. In a computing environment, a digital identity representation for an entity is accessed. The digital identity representation includes information identifying identity attributes about the entity and capabilities of an identity provider that provides tokens for use by the entity. Context information is accessed. The context information includes information about one or more of which, how or where the attributes for the entity identified in the digital identity representation will be used. A security token is created from the information in the digital identity representation and the context information. The security token makes assertions by the identity provider. The assertions are based on the information in the digital identity representation. The token further includes information related to at least a portion of the context information. | 12-24-2009 |
20090320095 | OBTAINING DIGITAL IDENTITIES OR TOKENS THROUGH INDEPENDENT ENDPOINT RESOLUTION - A federated identity provisioning system includes relying parties, identity providers, and clients that obtain tokens from identity providers for access to a relying party's services. When a client contacts a new relying party, the relying party provides information that the client can independently resolve and evaluate for trustworthiness. For example, the relying party provides a generic domain name address. The client can then resolve the domain name address over various, authenticated steps to identity an endpoint for a digital identity provisioning service. The client can further interact with and authenticate the provisioning service (e.g., requiring digital signatures) to establish a trust relationship. Once determining that the client/user trusts the provisioning service, the client/user can then provide information to obtain a digital identity representation. The client can then use the digital identity representation with the corresponding identity provider to obtain one or more tokens that the relying party can validate. | 12-24-2009 |
20100037303 | Form Filling with Digital Identities, and Automatic Password Generation - In one implementation, form field(s) of a form of a website or application are populated with data obtained using a digital identity, and the populated form field(s) are submitted to the website or application. A form field specification specifying information about the form fields of the form is obtained. A user selects or creates a digital identity. Data is obtained using the digital identity, and the data is used to provide values to the form. The data is submitted to the website or application. In another implementation, a username and password are automatically generated. The username and password that are generated meet parameters that may be specified by the website or application. The username and password are submitted to the website or application for a purpose such as registration or authentication, and stored away for future authentication. | 02-11-2010 |
20100293604 | INTERACTIVE AUTHENTICATION CHALLENGE - A system and method for authenticating a request for a resource. A requester sends the request for a resource to a server in a first protocol. The server may send a challenge message to the requester. In response, the requester employs a challenge handler that performs an interactive challenge with a challenge server in a second protocol. Upon successful conclusion of the interactive challenge, the challenge handler synchronizes with a request handler, which sends a challenge response message to the server. The server may then enable access to the requested resource. | 11-18-2010 |
20110219227 | AUTOMATED CERTIFICATE MANAGEMENT - A certificate management system provides automated management of certificate lifecycles and certificate distribution. Rather than depend upon an administrator to manually distribute and manage certificates, the system self-generates certificates, distributes the certificates to appropriate servers or other parties, and transitions from old certificates to new certificates in a well-defined manner that avoids breaking functionality. After generating one or more certificates, the system securely shares certificates in a way that parties that use them can find the new certificates without an administrator manually distributing the certificates. When it is time to update certificates, the system generates new certificates and shares the new certificates in a similar way. During a transition period, the system provides a protocol by which both old and new certificates can be used to perform authenticated access to resources, so that the transition from an old to a new certificate does not break services. | 09-08-2011 |
20130298049 | SWITCHING SEARCH PROVIDERS WITHIN AN APPLICATION SEARCH BOX - An application provides a search box that is configured to enable a user to enter searchable text. The application provides a quick pick search provider menu that is configured to include different sections that provide suggestions as text is entered into the search box. At least some of the suggestions are locally maintained, and at least some other of the suggestions are received from one or more remote search providers. In some embodiments, the application can comprise a web browser. | 11-07-2013 |