Integration of a non-token-based relying party into a token-based information card system

摘要

An accessor function (215) interfaces among a client (105, 205), a relying party (130, 210), and an identity provider (135). The identity provider can "manage" personal (i.e., self-asserted) information cards (320, 405, 410) on behalf of a user, making the personal information cards available on clients on which the personal information cards are not installed. The client can be an untrusted client (205), vulnerable to attacks such as key logging, screen capture, and memory interrogation. The accessor function can also be asked as a proxy for the relying party in terms of invoking and using the information card system, for use with legacy relying parties, by identifying (805) a request of a resource of a legacy relying party (210) received from a client (105, 205), the legacy relying party being a relying party that does not process security tokens (160); requesting (810) the security token (160) from the client (105, 205) by the accessor function (215); and using (815) the security token (160) by the accessor function on behalf of the user to access the resource.