| 摘要 |
The present disclosure describes a tiered identification federated authentication network system. Embodiments compile one or more authentication credentials required for access to each of a plurality of applications to generate an authentication set for each application. The system may aggregate the plurality of authentication sets to form a tiered federated authentication module having multiple rankings, wherein each rank is associated with an authentication set; wherein a higher ranked authentication set corresponds to more stringent authentication credentials and a lower ranked authentication set corresponds to less stringent authentication credentials. The system may receive a request from a user for access to a current application, determine if the user has previously authenticated to a higher ranked application and, if so, enable access to the current application, without requiring the user to authenticate again. |
| 主权项 |
1. A system for tiered identification federated authentication, the system comprising:
a computer apparatus comprising at least one processor and a memory; and a software module, stored in the memory, comprising computer readable code executable by the processor, and configured to:
compile one or more authentication credentials required for access to each of a plurality of applications to generate an authentication set for each of the plurality applications, thereby generating a plurality of authentication sets for the plurality of applications, wherein more than one application may share a same authentication set;store the plurality of authentication sets in an authentication set database;aggregate the plurality of authentication sets to form a tiered federated authentication module having multiple authentication rankings, wherein each authentication ranking is associated with one of the authentication sets, and wherein authentication sets with a higher authentication ranking corresponds to more stringent authentication credentials and a lower ranked authentication set or application corresponds to less stringent authentication credentials;receive, from a user, a request for access to a first application, wherein the first application is one of the plurality of applications;identify, based on the authentication set database, a first authentication set associated with the first application;identify, based on the tiered federated authentication module, a first authentication rank associated with the first authentication set;determine that the user is currently authenticated to a second application;identify, based on the authentication set database, a second authentication set associated with the second application;identify, based on the tiered federated authentication module, a second authentication rank associated with the second authentication set; andenable access to the first application for the user based on a comparison of the first authentication rank and the second authentication rank. |
