Method and system for providing a federated authentication service with gradual expiration of credentials
US8281379B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Nov 13, 2008 |
| Grant date | Oct 2, 2012 |
| Priority date | — |
| Expiry date | May 21, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0815
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present invention relates to the field of authentication of users of services over a computer network, more specifically within the paradigms of federated authentication or single sign-on. A known technique consists of associating different trust levels to different authentication mechanisms, wherein the respective trust levels give access to different information resources, notably to provide the possibility to protect more sensitive resources with a stronger form of authentication. The present invention provides a mechanism to allow the trust level to decrease without re-authenticating with the single sign on system, down to the level at which it is no longer sufficient to obtain access to a desired resource. Only then, the user needs to reauthenticate.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.