The exemplary embodiments of this invention provides notarized federated identity management that may have application like supporting efficient user authentication when providers are unknown to each other and/or for avoiding direct communication between identity providers and service providers, which provides improved privacy protection for users. In one non-limiting, exemplary embodiment, a method includes: receiving through a data communication network an assertion generated by a first entity; notarizing the assertion to obtain a corresponding notarized assertion; and in response to receiving from a second entity via the same or a different data communication; network a query corresponding to the assertion, returning the corresponding notarized assertion. The method further includes: determining a user private key for the user identity information; and returning the user private key to the user as data to be stored on a storage medium.
展开▼