Systems, methods, and computing platforms for executing credential-less network-based communication exchanges
US-12184638-B2 · Dec 31, 2024 · US
Dynamic trust federation
US2015106895A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2015106895-A1 |
| Application number | US-201314051073-A |
| Country | US |
| Kind code | A1 |
| Filing date | Oct 10, 2013 |
| Priority date | Oct 10, 2013 |
| Publication date | Apr 16, 2015 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Aspects of the present disclosure are directed to methods and systems dynamic trust federation. In one aspect, a computer implemented method may include a security token that enables sign-on into a group applications based on applicable trust criteria. In one aspect, when a user interacts with one application in the group, the trust is elevated through the application internal authentication application program interface (API). The trust may be included in the security token to make available to other applications in the group. Applications can be in multiple groups with variable level of authentication based on location and other transactions variables.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer implemented method in an electronic network, comprising: electronically maintaining a plurality of different applications associated with a plurality of user accounts in an electronic network; the plurality of different applications forming a federated group having a security token associated therewith; electronically receiving a request for sign-on to at least one of the different applications associated with at least one user account; responsive to the request for the sign-on, electronically determining a level of authentication associated with the least one user account; electronically validating a level of authentication with the security token associated with the plurality of different applications; electronically receiving a request to change the level of authentication; and electronically modifying at the level of authentication associated with the security token for the plurality of different applications. 2 . The method according to claim 1 , wherein the level of authentication is modified based on a network location associated with the request to change the level of authentication. 3 . The method according to claim 1 , wherein the level of authentication is modified based on a geographic location associated with the request to change the level of authentication. 4 . The method of according to claim 1 , wherein the level of authentication is modified based on a time of day range of the request to change the level of authentication. 5 . The method according to claim 1 , further comprising a step of electronically saving a modified token for predetermined period of time and reverting back to an original level of authentication. 6 . The method according to claim 1 , further comprising electronically maintaining a first subgroup of the plurality of different applications associated with a plurality of user accounts in a network; the first subgroup of a plurality of different applications having a first subgroup security token. 7 . The method according to claim 6 , further comprising electronically receiving a request for sign-on to at least one of the different applications in the first subgroup; responsive to the request for the sign-on, electronically determining a level of authentication associated with the least one user account; electronically validating a level of authentication with the first subgroup security token associated with the subgroup of the plurality of different applications; electronically receiving a request to change the level of authentication for the first subgroup of the plurality of different applications; and electronically modifying the level of authentication associated with the first subgroup security token. 8 . The method according to claim 7 , wherein the level of authentication is modified based on a network location associated with the request to change the level of authentication. 9 . The method according to claim 7 , wherein the level of authentication is modified based on a geographic location associated with the request to change the level of authentication. 10 . One or more non-transitory computer readable media storing computer executable instructions that, when executed by at least one processor, cause the at least one processor to perform a method comprising: electronically maintaining a plurality of different applications associated with a plurality of user accounts in an electronic network; the plurality of different applications forming a federated group having a security token associated therewith; electronically receiving a request for sign-on to at least one of the different applications associated with at least one user account; responsive to the request for the sign-on, electronically determining a level of authentication associated with the least one user account; electronically validating a level of authentication with the security token associated with the plurality of different applications; electronically receiving a request to change the level of authentication; and electronically modifying at the level of authentication associated with the security token for the plurality of different applications. 12 . The one or more non-transitory computer readable media of claim 10 , wherein the level of authentication is modified based on a network location associated with the request to change the level of authentication. 13 . The one or more non-transitory computer readable media of claim 10 , wherein the level of authentication is modified based on a geographic location associated with the request to change the level of authentication. 14 . The one or more non-transitory computer readable media of claim 10 , wherein the level of authentication is modified based on a time of day range of the request to change the level of authentication. 15 . The one or more non-transitory computer readable media of claim 10 , further comprising a step of electronically saving a modified token for predetermined period of time and reverting back to an original level of authentication. 16 . The one or more non-transitory computer readable media of claim 10 , further comprising a step of electronically maintaining a first subgroup of the plurality of different applications associated with a plurality of user accounts in a network; the first subgroup of a plurality of different applications having a first subgroup security token. 17 . The one or more non-transitory computer readable media of claim 16 , further comprising steps of electronically receiving a request for sign-on to at least one of the different applications in the first subgroup; responsive to the request for the sign-on, electronically determining a level of authentication associated with the least one user account; electronically validating a level of authentication with the subgroup security token associated with the first subgroup of the plurality of different applications; electronically receiving a request to change the level of authentication for the first subgroup of the plurality of different applications; and electronically modifying the level of authentication associated with the first subgroup security token. 18 . The one or more non-transitory computer readable media of claim 17 , wherein the level of authentication is modified based on a network location associated with the request to change the level of authentication. 19 . The one or more non-transitory computer readable media of claim 17 , wherein the level of authentication is modified based on a geographic location associated with the request to change the level of authentication. 20 . The one or more non-transitory computer readable media of claim 17 , further comprising a steps of electronically maintaining a second subgroup of the plurality of different applications associated with a plurality of user accounts in a network; the second subgroup of a plurality of different applications having a second subgroup security token; electronically receiving a request to change the level of authentication for the second subgroup of the plurality of different applications; and electronically modifying the level of authentication associated with the second subgroup security token.
Assignees
Inventors
Classifications
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Grouping of entities · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2015106895A1 cover?
- Aspects of the present disclosure are directed to methods and systems dynamic trust federation. In one aspect, a computer implemented method may include a security token that enables sign-on into a group applications based on applicable trust criteria. In one aspect, when a user interacts with one application in the group, the trust is elevated through the application internal authentication ap…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Apr 16 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).