Identity assertion framework

Inventors

• Farhang Kassaei · San Jose, US
• Neeti Deshmukh · San Jose, US
• Peter Alan Johnson · Virginia Beach, US
• Franco Travostino · San Jose, US
• Sachin Khanna · San Jose, US
• Anand Baldeodas Bahety · San Jose, US
• Benoy Antony · Santa Clara, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods for implementing an identity assertion framework to authenticate a user in a federation of security domains are provided. A first security token service associated with a first security domain is configured to receive a request for a first token from a device and issue the first token based on a first issuing policy of the first security domain. A token authenticator associated with a second security domain is configured to determine that the first token is not issued in the second security domain. A hardware-processor-implemented second security token service is configured to receive the first token from the token authenticator, determine that the first token was issued by the first security token service, and validate the first token based on a local federation policy that defines a federation agreement between the first security domain and the second security domain.