Identity assertion framework

Assignee

• eBay Inc. · US

Inventors

• Farhang Kassaei · San Jose, US
• Neeti Deshmukh · San Jose, US
• Peter Alan Johnson · Virginia Beach, US
• Franco Travostino · San Jose, US
• Sachin Khanna · San Jose, US
• Anand Baldeodas Bahety · San Jose, US
• Benoy Antony · Santa Clara, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for implementing an identity assertion framework to authenticate a user in a federation of security domains are provided. A first security token service (STS) is configured to receive a request for a first token from a consumer and to issue the first token to the consumer. The first STS is associated with a first security domain, and the first token is issued according to a first issuing policy of the first security domain. A service provider within a second security domain receives the first token and makes a determination whether the first token is invalid in the second security domain. A second STS receives the first token from the service provider, determines that the first token was issued by the first STS, and validates the first token according to a federation policy between the first security domain and the second security domain.