The exemplary embodiments of this invention provides notarized federated identity management that may have application like supporting efficient user authentication when providers are unknown to each other and/or for avoiding direct communication between identity providers and service providers, which provides improved privacy protection for users. In one non-limiting, exemplary embodiment, a method includes: receiving through a data communication network an assertion generated by a first entity; notarizing the assertion to obtain a corresponding notarized assertion; and in response to receiving from a second entity via the same or a different data communication; network a query corresponding to the assertion, returning the corresponding notarized assertion. The method further includes: determining a user private key for the user identity information; and returning the user private key to the user as data to be stored on a storage medium.
申请公布号
WO2008020991(B1)
申请公布日期
2008.10.02
申请号
WO2007US17047
申请日期
2007.07.30
申请人
BROWN UNIVERSITY;GOODRICH, MICHAEL, T.;YAO, DANFENG;TAMASSIA, ROBERTO
