| 发明名称 |
Facilitating claim use by service providers |
| 摘要 |
Aspects of the subject matter described herein relate to facilitating claim use in an identity framework. In aspects, a definition of a trust framework may be received and stored. A graphical interface may display a plurality of trust frameworks and allow an administrator to select which trust framework to instantiate. The graphical interface may also allow the administrator to define which rules of the trust framework to use in the instance of the trust framework. After receiving this information, the instance of the trust framework may be instantiated and configuration data provided to the administrator to allow the administrator to configure a Web service to invoke the instance of the trust framework to grant or deny access to the Web service. |
| 申请公布号 |
US9444817(B2) |
申请公布日期 |
2016.09.13 |
| 申请号 |
US201213628044 |
申请日期 |
2012.09.27 |
| 申请人 |
MICROSOFT TECHNOLOGY LICENSING, LLC |
发明人 |
Bjones Ronald John Kamiel Euphrasia;Cameron Kim;Nadalin Anthony Joseph |
| 分类号 |
H04L29/06;G06F21/41;G06F21/44 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
Mehta Aneesh;Drakos Kate;Minhas Micky |
| 主权项 |
1. A method implemented at least in part by a computer, the method comprising:
defining a policy Uniform Resource Locator that identifies a policy of a relying party by:
displaying, via a Web portal, a plurality of trust frameworks in a first graphical user interface usable to select a trust framework from the plurality of trust frameworks;at the Web portal, via the first graphical user interface receiving an indication of the trust framework selected from the plurality of trust frameworks, the trust framework having rules derived from a set of requirements for exchanging identity information including providing of a privacy boundary to control transmission of identity information, the privacy boundary preventing identity information sufficient to identify a natural identity of a user from passing from a user agent to a Web service without user consent;at the Web Portal, receiving from a user an indication of a subset of the rules of the selected trust framework to use to create an instance of the trust framework, the instance of the trust framework allowing or denying access to the Web service based on the subset of the rules;displaying, via the Web portal, a plurality of claims providers in a second graphical user interface;receiving at the Web portal via the second graphical user interface an indication of a claims provider that is allowed to provide a claim via the instance of the trust framework;producing configuration data that indicates an entry point of the instance of the trust framework; andproviding at least a portion of the configuration data for use by the Web service so that the Web service has sufficient information to invoke the instance of the trust framework to grant or deny access to the Web service. |
| 地址 |
Redmond WA US |
