| Patent Number |
Title Of Patent |
Date Issued |
| 8244907 |
Browser-based logoff from distributed and federated environments |
August 14, 2012 |
| A web browser is provided with a logout enablement function that traps a browser or page shutdown request and prevents that request from completing until the browser (or page) has logged out from one or more current server-side application sessions. The logout enablement function ens |
| 8181225 |
Specializing support for a federation relationship |
May 15, 2012 |
| The invention provides federated functionality within a data processing system by means of a set of specialized runtimes, which are instances of an application for providing federation services to requesters. Each of the plurality of specialized runtimes provides requested federation |
| 8141139 |
Federated single sign-on (F-SSO) request processing using a trust chain having a custom module |
March 20, 2012 |
| Federated single sign on (F-SSO) uses a token service that fulfills requests by executing a module chain comprising a set of modules. F-SSO runtime processing is enhanced by enabling a federated entity user to define a custom module to include in the chain. The custom module includes |
| 8136146 |
Secure audit log access for federation compliance |
March 13, 2012 |
| A computer implemented method, data processing system, and computer program product for allowing limited access to a federation partner's audit logs in a secure, controlled manner, for the purposes of compliance demonstration. A request for audit data is received by a partner in the |
| 8122138 |
Method and system for user-determined attribute storage in a federated environment |
February 21, 2012 |
| A system is presented for facilitating management of user attribute information at one or more attribute information providers (AIPs), which can manage the user's attribute information in accordance with user-selected or administratively-determined options, including options that are |
| 8107952 |
Mobile device with an obfuscated mobile device user identity |
January 31, 2012 |
| A mobile device identifier (such as an MSISDN) that typically accompanies a mobile device request is replaced with an "enriched" identifier that exposes the mobile device user's home operator but obfuscates the mobile device's (and, thus, the device user's) identity. In one embodiment, t |
| 8060632 |
Method and system for user-determined attribute storage in a federated environment |
November 15, 2011 |
| A system is presented for facilitating management of user attribute information at one or more attribute information providers (AIPs), which can manage the user's attribute information in accordance with user-selected or administratively-determined options, including options that are |
| 8042162 |
Method and system for native authentication protocols in a heterogeneous federated environment |
October 18, 2011 |
| A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the |
| 7827318 |
User enrollment in an e-community |
November 2, 2010 |
| An Internet user transfers directly to a domain within an e-community without returning to a home domain or reauthenticating by providing to a web browser by a home domain server a home identity cookie with an extensible data area and an enrollment token; performing enrollment throug |
| 7797434 |
Method and system for user-determind attribute storage in a federated environment |
September 14, 2010 |
| A system is presented for facilitating management of user attribute information at one or more attribute information providers (AIPs), which can manage the user's attribute information in accordance with user-selected or administratively-determined options, including options that are |
| 7725562 |
Method and system for user enrollment of user attribute storage in a federated environment |
May 25, 2010 |
| A computer system is presented for facilitating storage and retrieval of user attribute information within a federated environment at entities that manage such information as a service. Through enrollment processes, certain domains inform online service providers of identities of att |
| 7698375 |
Method and system for pluggability of federation protocol runtimes for federated user lifecycle |
April 13, 2010 |
| A method and a system are presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the |
| 7631346 |
Method and system for a runtime user account creation operation within a single-sign-on process |
December 8, 2009 |
| A method, system, apparatus, and computer program product are presented to support computing systems of different enterprises that interact within a federated computing environment. Federated single-sign-on operations can be initiated at the computing systems of federation partners on be |
| 7587491 |
Method and system for enroll-thru operations and reprioritization operations in a federated envi |
September 8, 2009 |
| A computer system is presented for facilitating user enrollment at service providers, particularly with respect to storage and retrieval of user attribute information within a federated environment at entities that manage such information as a service. One domain can inform other domains |
| 7562382 |
Specializing support for a federation relationship |
July 14, 2009 |
| The invention provides federated functionality within a data processing system by means of a set of specialized runtimes. Each of the plurality of specialized runtimes provides requested federation services for selected ones of the requestors according to configuration data of respec |
| 7484012 |
User enrollment in an e-community |
January 27, 2009 |
| An Internet user transfers directly to a domain within an e-community by providing a home identity cookie having an extensible data area and enrollment token to a web browser by a home domain server, and enrolling through an e-community for a user of the web browser by redirecting the |
| 7478434 |
Authentication and authorization protocol for secure web-based access to a protected resource |
January 13, 2009 |
| When a user makes a request to access a protected resource identified by a URL, client-side code in a web browser is used to generate an authentication token, which is then sent to the server along with an identity cookie that was set by that server. The authenticated token is then u |
| 7219154 |
Method and system for consolidated sign-off in a heterogeneous federated environment |
May 15, 2007 |
| A method is presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated single-sign-on operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the |
| 6993596 |
System and method for user enrollment in an e-community |
January 31, 2006 |
| An Internet user transfers directly to a domain within an e-community without returning to a home domain or re-authenticating. The user's home domain server prepares and forwards a home domain identity cookie (DIDC) with an enrollment request to a user's browser, with the enrollment |
