Single sign-on framework with trust-level mapping to authentication requirements

Assignee

• Sun Microsystems Inc. · US

Inventors

• David L. Wood, III · Moraga, US
• Derk Norton · Pleasanton, US
• Paul Weschler · Broomfield, US
• Chris Ferris · Northbridge, US
• Yvonne Wilson · Mountain View, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2113
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e.g., those based on passwords, certificates, biometric techniques, smart cards, etc.) are associated with trust levels and a log-on service obtains credentials for an entity commensurate with the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.