Security claim transformation with intermediate claims

Assignee

• Microsoft Corporation · US

Inventors

• Ryan Johnson · Bothell, US
• Donald Schmidt · Redmond, US
• Jeffrey F. Spelman · Duvall, US
• Kahren Tevosyan · Kirkland, US
• Vijayavani Nori · Bellevue, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0807
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods directed at transforming security claims in a federated authentication system using an intermediate format. The systems and methods described herein are directed at transforming security claims in a federated authentication system using an intermediate format. The federated authentication system includes an identity provider and a resource provider. The identity provider receives a request for information from the resource provider to authenticate an account by an application associated with the resource provider. A security claim associated with the account is retrieved where the security claim is provided by an account store in a format specific to the account store. The security claim is transformed from the account store specific format to an intermediate format. The security claim is then transformed from the intermediate format to a federated format recognized by the resource provider. The transformed security claim is provided in a security token to the resource provider. A similar two step transformation process using intermediate claims can also be implemented by the resource provider to transform security claims provided by an identity provider from a …