What technology area does this patent fall under?

Primary CPC classification G06F21/33. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Apr 21 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Authentication using delegated identities

US10628566B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10628566-B2
Application number	US-201715817424-A
Country	US
Kind code	B2
Filing date	Nov 20, 2017
Priority date	Nov 20, 2017
Publication date	Apr 21, 2020
Grant date	Apr 21, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The invention relates to a computer-implemented method for user authentication using a cryptographically secured register. An authentication request for authenticating the user is received. The user is authenticated using a root identity of the user. A successful authentication requires receiving a credential assigned to a root identifier of the root identity of the user. An authentication context of the requested authentication is identified. One of the one or more delegated identities assigned to the root identity of the user and assigned to the identified authentication context is identified. In response to a successful authentication of the user, an authentication token is issued confirming the successful user authentication and identifying the successfully authenticated user by the delegated identifier of the identified delegated identity.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer program product comprising a non-volatile computer-readable storage medium having computer-readable program code embodied therewith, the computer-readable program code being configured to implement a method for user authentication using a cryptographically secured register, the cryptographically secured register comprising a root identity of the user, the root identity comprising a root identifier and a credential assigned to the root identifier for authenticating the user, the cryptographically secured register further comprising one or more delegated identities assigned to the root identity, each of the delegated identities comprising a delegated identifier and being assigned to an authentication context, the method comprising: receiving an authentication request for authenticating the user, authenticating the user using the root identity of the user, a successful authentication requiring receiving the credential assigned to the root identifier of the root identity of the user, identifying an authentication context of the requested authentication, identifying one of the one or more delegated identities assigned to the root identity of the user and assigned to the identified authentication context using the cryptographically secured register, in response to a successful authentication of the user using the root identity, issuing an authentication token confirming the successful user authentication and identifying the authenticated user by the delegated identifier of the identified delegated identity, wherein the root identity includes more than one delegated identities assigned to the root identity, the more than one delegated identities being assigned to the root identity in form of a tree-structure with at least a first one of the more than one delegated identities assigned to the root identity via at least a second one of the more than one delegated identities. 2. A computer system for user authentication using a cryptographically secured register, the cryptographically secured register comprising a root identity of the user, the root identity comprising a root identifier and a credential assigned to the root identifier for authenticating the user, the cryptographically secured register further comprising one or more delegated identities assigned to the root identity, each of the delegated identities comprising a delegated identifier and being assigned to an authentication context, the computer system being configured for: receiving an authentication request for authenticating the user, authenticating the user using the root identity of the user, a successful authentication requiring receiving the credential assigned to the root identifier of the root identity of the user, identifying an authentication context of the requested authentication, identifying one of the one or more delegated identities assigned to the root identity of the user and assigned to the identified authentication context using the cryptographically secured register, in response to a successful authentication of the user using the root identity, issuing an authentication token confirming the successful user authentication and identifying the authenticated user by the delegated identifier of the identified delegated identity, wherein the root identity includes more than one delegated identities assigned to the root identity, the more than one delegated identities being assigned to the root identity in form of a tree-structure with at least a first one of the more than one delegated identities assigned to the root identity via at least a second one of the more than one delegated identities.

Assignees

Inventors

Classifications

G06F21/33Primary
using certificates · CPC title
H04L63/0815
providing single-sign-on or federations · CPC title
G06F21/41
where a single sign-on provides access to a plurality of computers · CPC title
H04L9/3226
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
H04L9/3239
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title

Patent family

Related publications grouped by family.

View patent family 65033550

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10628566B2 cover?: The invention relates to a computer-implemented method for user authentication using a cryptographically secured register. An authentication request for authenticating the user is received. The user is authenticated using a root identity of the user. A successful authentication requires receiving a credential assigned to a root identifier of the root identity of the user. An authentication cont…
Who is the assignee on this patent?: IBM
What technology area does this patent fall under?: Primary CPC classification G06F21/33. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Apr 21 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).