Using opaque groups in a federated identity management environment
US8291474B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 16, 2008 |
| Grant date | Oct 16, 2012 |
| Priority date | — |
| Expiry date | Jun 13, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/104
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method for using an opaque group within a federated identity management environment, to prevent disclosure of identities of the group. An opaque group is constructed at an identity provider within the system and has a group identity that references primary system identities of its members (e.g., electronic mail addresses, public key certificates, network addresses). Services to the group (e.g., distribution of an object such as a document or electronic mail message, invitation to an online meeting, authentication as a member of the group) can be requested from service providers, but because service providers do not have access to members' primary identities, the service providers forward the requests to an identity provider that has access to the group identity. That identity provider retrieves the members' identities and completes the action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.